]>
Commit | Line | Data |
---|---|---|
1 | { lib, pkgs, config, ... }: | |
2 | let | |
3 | cfg = config.myServices.websites.immae.temp; | |
4 | varDir = "/var/lib/immae_temp"; | |
5 | env = config.myEnv.websites.immae.temp; | |
6 | in { | |
7 | options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website"; | |
8 | ||
9 | config = lib.mkIf cfg.enable { | |
10 | services.websites.env.production.vhostConfs.immae_temp = { | |
11 | certName = "immae"; | |
12 | addToCerts = true; | |
13 | hosts = [ "temp.immae.eu" ]; | |
14 | root = null; | |
15 | extraConfig = [ '' | |
16 | ProxyVia On | |
17 | ProxyRequests Off | |
18 | ProxyPreserveHost On | |
19 | ProxyPass / unix:///run/surfer/listen.sock|http://temp.immae.eu/ | |
20 | ProxyPassReverse / unix:///run/surfer/listen.sock|http://temp.immae.eu/ | |
21 | <Proxy *> | |
22 | Options FollowSymLinks MultiViews | |
23 | AllowOverride None | |
24 | Require all granted | |
25 | </Proxy> | |
26 | '' ]; | |
27 | }; | |
28 | ||
29 | secrets.keys."webapps/surfer" = { | |
30 | permissions = "0400"; | |
31 | user = "wwwrun"; | |
32 | group = "wwwrun"; | |
33 | text = '' | |
34 | CLOUDRON_LDAP_URL=ldaps://${env.ldap.host} | |
35 | CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base} | |
36 | TOKENSTORE_FILE=/var/lib/surfer/tokens.json | |
37 | CLOUDRON_LDAP_BIND_DN=${env.ldap.dn} | |
38 | CLOUDRON_LDAP_BIND_PASSWORD=${env.ldap.password} | |
39 | CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base} | |
40 | CLOUDRON_LDAP_FILTER="${env.ldap.filter}" | |
41 | LISTEN=/run/surfer/listen.sock | |
42 | ''; | |
43 | }; | |
44 | ||
45 | systemd.services.surfer = { | |
46 | description = "Surfer"; | |
47 | wantedBy = [ "multi-user.target" ]; | |
48 | after = [ "network.target" ]; | |
49 | ||
50 | script = '' | |
51 | exec ${pkgs.webapps.surfer}/bin/surfer-server ${varDir} | |
52 | ''; | |
53 | serviceConfig = { | |
54 | EnvironmentFile = config.secrets.fullPaths."webapps/surfer"; | |
55 | User = "wwwrun"; | |
56 | Group = "wwwrun"; | |
57 | StateDirectory = "surfer"; | |
58 | RuntimeDirectory = "surfer"; | |
59 | Type = "simple"; | |
60 | }; | |
61 | }; | |
62 | }; | |
63 | } | |
64 |