]>
Commit | Line | Data |
---|---|---|
ab8f306d | 1 | { lib, pkgs, config, ... }: |
ce493c5d | 2 | let |
f8026b6e | 3 | cfg = config.myServices.websites.immae.temp; |
91b3d06b IB |
4 | varDir = "/var/lib/immae_temp"; |
5 | env = config.myEnv.websites.immae.temp; | |
ce493c5d | 6 | in { |
f8026b6e | 7 | options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website"; |
ce493c5d | 8 | |
f8026b6e | 9 | config = lib.mkIf cfg.enable { |
91b3d06b IB |
10 | services.duplyBackup.profiles.immae_temp.rootDir = varDir; |
11 | services.duplyBackup.profiles.immae_temp_surfer.rootDir = "/var/lib/surfer"; | |
d3452fc5 IB |
12 | services.websites.env.production.vhostConfs.immae_temp = { |
13 | certName = "immae"; | |
7df420c2 | 14 | addToCerts = true; |
ce493c5d | 15 | hosts = [ "temp.immae.eu" ]; |
91b3d06b IB |
16 | root = null; |
17 | extraConfig = [ '' | |
18 | ProxyVia On | |
19 | ProxyRequests Off | |
20 | ProxyPreserveHost On | |
21 | ProxyPass / unix:///run/surfer/listen.sock|http://temp.immae.eu/ | |
22 | ProxyPassReverse / unix:///run/surfer/listen.sock|http://temp.immae.eu/ | |
23 | <Proxy *> | |
24 | Options FollowSymLinks MultiViews | |
ce493c5d IB |
25 | AllowOverride None |
26 | Require all granted | |
91b3d06b IB |
27 | </Proxy> |
28 | '' ]; | |
29 | }; | |
30 | ||
31 | secrets.keys = [ | |
32 | { | |
33 | dest = "webapps/surfer"; | |
34 | permissions = "0400"; | |
35 | user = "wwwrun"; | |
36 | group = "wwwrun"; | |
37 | text = '' | |
38 | CLOUDRON_LDAP_URL=ldaps://${env.ldap.host} | |
39 | CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base} | |
40 | TOKENSTORE_FILE=/var/lib/surfer/tokens.json | |
41 | CLOUDRON_LDAP_BIND_DN=${env.ldap.dn} | |
42 | CLOUDRON_LDAP_BIND_PASSWORD=${env.ldap.password} | |
43 | CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base} | |
44 | CLOUDRON_LDAP_FILTER="${env.ldap.filter}" | |
45 | LISTEN=/run/surfer/listen.sock | |
46 | ''; | |
47 | } | |
48 | ]; | |
49 | ||
50 | systemd.services.surfer = { | |
51 | description = "Surfer"; | |
52 | wantedBy = [ "multi-user.target" ]; | |
53 | after = [ "network.target" ]; | |
ce493c5d | 54 | |
91b3d06b IB |
55 | script = '' |
56 | exec ${pkgs.webapps.surfer}/bin/surfer-server ${varDir} | |
57 | ''; | |
58 | serviceConfig = { | |
59 | EnvironmentFile = "/var/secrets/webapps/surfer"; | |
60 | User = "wwwrun"; | |
61 | Group = "wwwrun"; | |
62 | StateDirectory = "surfer"; | |
63 | RuntimeDirectory = "surfer"; | |
64 | Type = "simple"; | |
65 | }; | |
ce493c5d IB |
66 | }; |
67 | }; | |
68 | } | |
69 |