In an effort to better encode version strings and use descriptive pnames
that do not conflict with top level pkgs, we currently use
wordpress-${type}-${pname} for pname. This is good for the nix store,
but when we synthesize the wordpress derivation in our module, we reuse
this pname for the output directory.
Internally wordpress can handle this fine, since plugins must register
via php, not directory. Unfortunately, many plugins like civicrm and
wpforms-lite are designed to rely upon the name of their install
directory for homing or discovery.
As such, we should follow both the upstream convention and
services.nextcloud.extraApps and use an attribute set for these options.
This allows us to not have to deal with the implementation details of
plugins and themes, which differ from official and third party, but also
give users the option to override the install location. The only issue
is that it breaks the current api.
Not a big deal in most of the cases because wordpress ensures that this
directory exists on its own, but with our twentig customizations that's
actually causing issues.
(cherry picked from commit 3285342bfe5f401dda84c13c834e73154928a61c)
make (almost) all links appear on only a single line, with no
unnecessary whitespace, using double quotes for attributes. this lets us
automatically convert them to markdown easily.
the few remaining links are extremely long link in a gnome module, we'll
come back to those at a later date.
A secret key generated by the nixos module was misspelled, which could
possibly impact the security of session cookies.
To recover from this situation we will wipe all security keys that were
previously generated by the NixOS module, when the misspelled one is
found. This will result in all session cookies being invalidated. This
is confirmed by the wordpress documentation:
> You can change these at any point in time to invalidate all existing
> cookies. This does mean that all users will have to login again.
https://wordpress.org/support/article/editing-wp-config-php/#security-keys
Meanwhile this issue shouldn't be too grave, since the salting function
of wordpress will rely on the concatenation of both the user-provided
and automatically generated values, that are stored in the database.
> Secret keys are located in two places: in the database and in the
> wp-config.php file. The secret key in the database is randomly
> generated and will be appended to the secret keys in wp-config.php.
https://developer.wordpress.org/reference/functions/wp_salt/
Fixes: 2adb03fdae ("nixos/wordpress:
generate secrets locally")
Reported-by: Moritz Hedtke <Moritz.Hedtke@t-online.de>
