]>
Commit | Line | Data |
---|---|---|
ab8f306d | 1 | { lib, pkgs, config, ... }: |
97953ca4 | 2 | let |
f8026b6e IB |
3 | cfg = config.myServices.websites.papa.surveillance; |
4 | varDir = "/var/lib/ftp/papa"; | |
d3452fc5 | 5 | apacheUser = config.services.httpd.Prod.user; |
97953ca4 | 6 | in { |
f8026b6e | 7 | options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website"; |
97953ca4 | 8 | |
f8026b6e | 9 | config = lib.mkIf cfg.enable { |
5400b9b6 | 10 | security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null; |
97953ca4 IB |
11 | |
12 | services.cron = { | |
13 | systemCronJobs = let | |
14 | script = pkgs.writeScript "cleanup-papa" '' | |
15 | #!${pkgs.stdenv.shell} | |
16 | d=$(date -d "7 days ago" +%Y%m%d) | |
17 | for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do | |
18 | if [ "$d" -gt $(basename $i) ]; then | |
19 | rm -rf "$i" | |
20 | fi | |
21 | done | |
22 | ''; | |
23 | in | |
24 | [ | |
25 | '' | |
d3452fc5 | 26 | 0 6 * * * ${apacheUser} ${script} |
97953ca4 IB |
27 | '' |
28 | ]; | |
29 | }; | |
30 | ||
d3452fc5 | 31 | services.websites.env.production.vhostConfs.papa_surveillance = { |
7df420c2 IB |
32 | certName = "papa"; |
33 | certMainHost = "surveillance.maison.bbc.bouya.org"; | |
34 | hosts = [ "surveillance.maison.bbc.bouya.org" ]; | |
35 | root = varDir; | |
36 | extraConfig = [ | |
97953ca4 IB |
37 | '' |
38 | Use Apaxy "${varDir}" "title .duplicity-ignore" | |
39 | <Directory ${varDir}> | |
40 | Use LDAPConnect | |
41 | Options Indexes | |
42 | AllowOverride None | |
43 | Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | |
44 | </Directory> | |
45 | '' | |
46 | ]; | |
47 | }; | |
48 | }; | |
49 | } | |
50 |