{config, pkgs, serverInfo}:
let
inherit (pkgs.lib) mkOption;
inherit (config) urlPrefix distDir;
dataDir = "/data/pt-wiki/data";
pubDir = "/data/pt-wiki/pub";
scriptUrlPath = "/bin";
pubUrlPath = "/pub";
absHostPath = "/";
# Hacks for proxying and rewriting
dispPubUrlPath = "/pub";
dispScriptUrlPath = "";
dispViewPath = "";
twikiName = "Program Transformation Wiki";
startWeb = config.startWeb;
registrationDomain = "ewi.tudelft.nl";
defaultUrlHost = "";
# Build the TWiki CGI and configuration files.
twikiRoot = (import /etc/nixos/services/twiki/twiki-instance.nix).twiki {
name = "pt-wiki";
pubdir = pubDir;
datadir = dataDir;
inherit twikiName scriptUrlPath pubUrlPath absHostPath
dispPubUrlPath dispScriptUrlPath dispViewPath
registrationDomain defaultUrlHost;
};
plugins = import /etc/nixos/services/twiki/server-pkgs/twiki-plugins.nix;
in {
extraConfig = ''
ScriptAlias ${scriptUrlPath} "${twikiRoot}/bin"
Alias ${pubUrlPath} "${pubDir}"
Options +ExecCGI
SetHandler cgi-script
AllowOverride All
Allow from all
deny from all
deny from all
Options None
AllowOverride None
Allow from all
# Hardening suggested by http://twiki.org/cgi-bin/view/Codev/SecurityAlertSecureFileUploads.
php_admin_flag engine off
AddType text/plain .html .htm .shtml .php .php3 .phtml .phtm .pl .py .cgi
deny from all
Alias ${absHostPath} ${twikiRoot}/rewritestub/
RewriteEngine On
RewriteBase ${absHostPath}
# complete bin path
RewriteRule ^bin(.*) bin/$1 [L]
#@customRewriteRules@
# Hack for restricted webs.
RewriteRule ^pt/(.*) $1
# action / web / whatever
RewriteRule ^([a-z]+)/([A-Z][^/]+)/(.*) bin/$1/$2/$3 [L]
# web / topic
RewriteRule ^([A-Z][^/]+)/([^/]+) bin/view/$1/$2 [L]
# web
RewriteRule ^([A-Z][^/]+) bin/view/$1/WebHome [L]
# web/
RewriteRule ^([A-Z][^/]+)/ bin/view/$1/WebHome [L]
RewriteRule ^index.html$ bin/view/${startWeb} [L]
RewriteRule ^$ bin/view/${startWeb} [L]
'';
robotsEntries = ''
User-agent: *
Disallow: /rdiff/
Disallow: /rename/
Disallow: /edit/
Disallow: /bin/
Disallow: /oops/
Disallow: /view/
Disallow: /search/
Disallow: /attach/
Disallow: /pt/bin/
'';
}