1 { config, lib, name, ... }:
7 base = mkOption { description = "Base of the LDAP tree"; type = str; };
8 host = mkOption { description = "Host to access LDAP"; type = str; };
9 root_dn = mkOption { description = "DN of the root user"; type = str; };
10 root_pw = mkOption { description = "Hashed password of the root user"; type = str; };
11 replication_dn = mkOption { description = "DN of the user allowed to replicate the LDAP directory"; type = str; };
12 replication_pw = mkOption { description = "Password of the user allowed to replicate the LDAP directory"; type = str; };
14 mkLdapOptions = name: more: mkOption {
15 description = "${name} LDAP configuration";
17 options = ldapOptions // {
18 dn = mkOption { description = "DN of the ${name} user"; type = str; };
19 password = mkOption { description = "password of the ${name} user"; type = str; };
20 filter = mkOption { description = "Filter for ${name} users"; type = str; default = ""; };
25 host = mkOption { description = "Host to access Mysql"; type = str; };
26 remoteHost = mkOption { description = "Host to access Mysql from outside"; type = str; };
27 port = mkOption { description = "Port to access Mysql"; type = str; };
28 socket = mkOption { description = "Socket to access Mysql"; type = path; };
29 systemUsers = mkOption {
30 description = "Attrs of user-passwords allowed to access mysql";
34 description = "PAM configuration for mysql";
37 dn = mkOption { description = "DN to connect as to check users"; type = str; };
38 password = mkOption { description = "DN password to connect as to check users"; type = str; };
39 filter = mkOption { description = "filter to match users"; type = str; };
44 mkMysqlOptions = name: more: mkOption {
45 description = "${name} mysql configuration";
47 options = mysqlOptions // {
48 database = mkOption { description = "${name} database"; type = str; };
49 user = mkOption { description = "${name} user"; type = str; };
50 password = mkOption { description = "mysql password of the ${name} user"; type = str; };
55 host = mkOption { description = "Host to access Postgresql"; type = str; };
56 port = mkOption { description = "Port to access Postgresql"; type = str; };
57 socket = mkOption { description = "Socket to access Postgresql"; type = path; };
59 description = "PAM configuration for psql";
62 dn = mkOption { description = "DN to connect as to check users"; type = str; };
63 password = mkOption { description = "DN password to connect as to check users"; type = str; };
64 filter = mkOption { description = "filter to match users"; type = str; };
69 mkPsqlOptions = name: mkOption {
70 description = "${name} psql configuration";
72 options = psqlOptions // {
73 database = mkOption { description = "${name} database"; type = str; };
74 schema = mkOption { description = "${name} schema"; type = nullOr str; default = null; };
75 user = mkOption { description = "${name} user"; type = str; };
76 password = mkOption { description = "psql password of the ${name} user"; type = str; };
81 host = mkOption { description = "Host to access Redis"; type = str; };
82 port = mkOption { description = "Port to access Redis"; type = str; };
83 socket = mkOption { description = "Socket to access Redis"; type = path; };
85 description = "Attrs of db number. Each number should be unique to avoid collision!";
88 spiped_key = mkOption {
91 Key to use with spiped to make a secure channel to replication
95 description = "Predixy configuration. Unused yet";
98 read = mkOption { type = str; description = "Read password"; };
103 mkRedisOptions = name: mkOption {
104 description = "${name} redis configuration";
106 options = redisOptions // {
107 db = mkOption { description = "${name} database"; type = str; };
112 host = mkOption { description = "Host to access SMTP"; type = str; };
113 port = mkOption { description = "Port to access SMTP"; type = str; };
115 mkSmtpOptions = name: mkOption {
116 description = "${name} smtp configuration";
118 options = smtpOptions // {
119 email = mkOption { description = "${name} email"; type = str; };
120 password = mkOption { description = "SMTP password of the ${name} user"; type = str; };
124 hostEnv = submodule {
127 description = "Host FQDN";
134 Sublist of users from realUsers. Function that takes pkgs as
135 argument and gives an array as a result
140 description = "List of e-mails that the server can be a sender of";
145 LDAP credentials for the host
149 password = mkOption { type = str; description = "Password for the LDAP connection"; };
150 dn = mkOption { type = str; description = "DN for the LDAP connection"; };
155 description = "subdomain and priority for MX server";
156 default = { enable = false; };
159 enable = mkEnableOption "Enable MX";
160 subdomain = mkOption { type = nullOr str; description = "Subdomain name (mx-*)"; };
161 priority = mkOption { type = nullOr str; description = "Priority"; };
167 attrs of ip4/ip6 grouped by section
169 type = attrsOf (submodule {
174 ip4 address of the host
181 ip6 addresses of the host
194 Attrs of servers information in the cluster (not necessarily handled by nixops)
197 type = attrsOf hostEnv;
199 hetznerCloud = mkOption {
201 Hetzner Cloud credential information
205 authToken = mkOption {
216 Hetzner credential information
220 user = mkOption { type = str; description = "User"; };
221 pass = mkOption { type = str; description = "Password"; };
227 sshd service credential information
233 LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
237 password = mkOption { description = "Password"; type = str; };
246 non-standard reserved ports. Must be unique!
251 noDupl = x: builtins.length (builtins.attrValues x) == builtins.length (unique (builtins.attrValues x));
253 x: if isAttrs x && noDupl x then x else throw "Non unique values for ports";
257 httpd service credential information
263 LDAP credentials for cn=httpd,ou=services,dc=immae,dc=eu dn
267 password = mkOption { description = "Password"; type = str; };
275 type = submodule { options = smtpOptions; };
276 description = "SMTP configuration";
280 LDAP server configuration
283 options = ldapOptions;
286 databases = mkOption {
287 description = "Databases configuration";
291 type = submodule { options = mysqlOptions; };
292 description = "Mysql configuration";
295 type = submodule { options = redisOptions; };
296 description = "Redis configuration";
298 postgresql = mkOption {
299 type = submodule { options = psqlOptions; };
300 description = "Postgresql configuration";
306 description = "Jabber configuration";
309 postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
310 ldap = mkLdapOptions "Jabber" {};
311 postgresql = mkPsqlOptions "Jabber";
315 realUsers = mkOption {
317 Attrset of function taking pkgs as argument.
318 Real users settings, should provide a subattr of users.users.<name>
319 with at least: name, (hashed)Password, shell
321 type = attrsOf unspecified;
324 description = "System and regular users uid/gid";
325 type = attrsOf (submodule {
328 description = "user uid";
332 description = "user gid";
339 description = "DNS configuration";
343 description = "SOA information";
347 description = "Serial number. Should be incremented at each change and unique";
351 description = "Refresh time";
355 description = "Retry time";
359 description = "Expire time";
363 description = "Default TTL time";
367 description = "hostmaster e-mail";
371 description = "Primary NS";
378 description = "Attrs of NS servers group";
381 "ns1.foo.com" = [ "198.51.100.10" "2001:db8:abcd::1" ];
382 "ns2.foo.com" = [ "198.51.100.15" "2001:db8:1234::1" ];
385 type = attrsOf (attrsOf (listOf str));
387 slaveZones = mkOption {
388 description = "List of slave zones";
389 type = listOf (submodule {
391 name = mkOption { type = str; description = "zone name"; };
393 description = "NS master groups of this zone";
399 masterZones = mkOption {
400 description = "List of master zones";
401 type = listOf (submodule {
403 name = mkOption { type = str; description = "zone name"; };
405 description = "NS slave groups of this zone";
409 description = "groups names that should have their NS entries listed here";
413 description = "Extra zone configuration for bind";
419 entries = mkOption { type = lines; description = "Regular entries of the NS zone"; };
420 withEmail = mkOption {
421 description = "List of domains that should have mail entries (MX, dkim, SPF, ...)";
423 type = listOf (submodule {
425 domain = mkOption { type = str; description = "Which subdomain is concerned"; };
426 send = mkOption { type = bool; description = "Whether there can be e-mails originating from the subdomain"; };
427 receive = mkOption { type = bool; description = "Whether there can be e-mails arriving to the subdomain"; };
439 Remote backup with duplicity
443 password = mkOption { type = str; description = "Password for encrypting files"; };
445 type = attrsOf (submodule {
449 example = literalExample ''
450 bucket: "s3://some_host/${bucket}";
454 Takes a bucket name as argument and returns a url
457 accessKeyId = mkOption { type = str; description = "Remote access-key"; };
458 secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
465 zrepl_backup = mkOption {
469 description = "SSH key information";
472 public = mkOption { type = str; description = "Public part of the key"; };
473 private = mkOption { type = lines; description = "Private part of the key"; };
477 mysql = mkMysqlOptions "Zrepl" {};
481 rsync_backup = mkOption {
483 Rsync backup configuration from controlled host
488 description = "SSH key information";
491 public = mkOption { type = str; description = "Public part of the key"; };
492 private = mkOption { type = lines; description = "Private part of the key"; };
496 profiles = mkOption {
497 description = "Attrs of profiles to backup";
498 type = attrsOf (submodule {
500 keep = mkOption { type = int; description = "Number of backups to keep"; };
501 check_command = mkOption { type = str; description = "command to check if backup needs to be done"; default = "backup"; };
502 login = mkOption { type = str; description = "Login to connect to host"; };
503 port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
504 host = mkOption { type = str; description = "Host to connect to"; };
505 host_key = mkOption { type = str; description = "Host key"; };
506 host_key_type = mkOption { type = str; description = "Host key type"; };
508 description = "Parts to backup for this host";
509 type = attrsOf (submodule {
511 remote_folder = mkOption { type = path; description = "Remote folder to backup";};
512 exclude_from = mkOption {
515 description = "List of folders/files to exclude from the backup";
517 files_from = mkOption {
520 description = "List of folders/files to backup in the base folder";
525 description = "Extra arguments to pass to rsync";
536 monitoring = mkOption {
537 description = "Monitoring configuration";
540 status_url = mkOption { type = str; description = "URL to push status to"; };
541 status_token = mkOption { type = str; description = "Token for the status url"; };
542 http_user_password = mkOption { type = str; description = "HTTP credentials to check services behind wall"; };
543 email = mkOption { type = str; description = "Admin E-mail"; };
544 ssh_public_key = mkOption { type = str; description = "SSH public key"; };
545 ssh_secret_key = mkOption { type = str; description = "SSH secret key"; };
546 imap_login = mkOption { type = str; description = "IMAP login"; };
547 imap_password = mkOption { type = str; description = "IMAP password"; };
548 eriomem_keys = mkOption { type = listOf (listOf str); description = "Eriomem keys"; default = []; };
550 description = "OVH credentials for sms script";
553 endpoint = mkOption { type = str; default = "ovh-eu"; description = "OVH endpoint"; };
554 application_key = mkOption { type = str; description = "Application key"; };
555 application_secret = mkOption { type = str; description = "Application secret"; };
556 consumer_key = mkOption { type = str; description = "Consumer key"; };
557 account = mkOption { type = str; description = "Account"; };
561 nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
562 slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
563 slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
564 contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
565 email_check = mkOption {
566 description = "Emails services to check";
567 type = attrsOf (submodule {
569 local = mkOption { type = bool; default = false; description = "Use local configuration"; };
570 port = mkOption { type = nullOr str; default = null; description = "Port to connect to ssh"; };
571 login = mkOption { type = nullOr str; default = null; description = "Login to connect to ssh"; };
572 targets = mkOption { type = listOf str; description = "Hosts to send E-mails to"; };
573 mail_address = mkOption { type = nullOr str; default = null; description = "E-mail recipient part to send e-mail to"; };
574 mail_domain = mkOption { type = nullOr str; default = null; description = "E-mail domain part to send e-mail to"; };
582 description = "MPD configuration";
585 folder = mkOption { type = str; description = "Folder to serve from the MPD instance"; };
586 password = mkOption { type = str; description = "Password to connect to the MPD instance"; };
587 host = mkOption { type = str; description = "Host to connect to the MPD instance"; };
588 port = mkOption { type = str; description = "Port to connect to the MPD instance"; };
593 description = "FTP configuration";
596 ldap = mkLdapOptions "FTP" {};
601 description = "VPN configuration";
602 type = attrsOf (submodule {
604 prefix = mkOption { type = str; description = "ipv6 prefix for the vpn subnet"; };
605 privateKey = mkOption { type = str; description = "Private key for the host"; };
606 publicKey = mkOption { type = str; description = "Public key for the host"; };
611 description = "Mail configuration";
615 description = "DMARC configuration";
618 ignore_hosts = mkOption {
621 Hosts to ignore when checking for dmarc
628 description = "DKIM configuration";
629 type = attrsOf (submodule {
635 "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3w1a2aMxWw9+hdcmbqX4UevcVqr204y0K73Wdc7MPZiOOlUJQYsMNSYR1Y/SC7jmPKeitpcJCpQgn/cveJZbuikjjPLsDReHyFEYmC278ZLRTELHx6f1IXM8WE08JIRT69CfZiMi1rVcOh9qRT4F93PyjCauU8Y5hJjtg9ThsWwIDAQAB" )
637 description = "Public entry to put in DNS TXT field";
639 private = mkOption { type = str; description = "Private key"; };
644 description = "Postfix configuration";
647 additional_mailbox_domains = mkOption {
649 List of domains that are used as mailbox final destination, in addition to those defined in the DNS records
653 mysql = mkMysqlOptions "Postfix" {
654 password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
656 backup_domains = mkOption {
658 Domains that are accepted for relay as backup domain
660 type = attrsOf (submodule {
662 domains = mkOption { type = listOf str; description = "Domains list"; };
663 relay_restrictions = mkOption {
666 Restrictions for relaying the e-mails from the domains
669 recipient_maps = mkOption {
671 Recipient map to accept relay for.
672 Must be specified for domain, the rules apply to everyone!
674 type = listOf (submodule {
677 type = enum [ "hash" ];
678 description = "Map type";
682 description = "Map content";
694 description = "Dovecot configuration";
697 ldap = mkLdapOptions "Dovecot" {
698 pass_attrs = mkOption { type = str; description = "Password attribute in LDAP"; };
699 user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
700 iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
701 iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
702 postfix_mailbox_filter = mkOption { type = str; description = "Postfix filter to get mailboxes"; };
708 description = "rspamd configuration";
711 redis = mkRedisOptions "Redis";
712 read_password_hashed = mkOption { type = str; description = "Hashed read password for rspamd"; };
713 write_password_hashed = mkOption { type = str; description = "Hashed write password for rspamd"; };
714 read_password = mkOption {
716 description = "Read password for rspamd. Unused";
719 write_password = mkOption {
721 description = "Write password for rspamd. Unused";
728 description = "Mail script recipients";
729 type = attrsOf (submodule {
731 external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
734 git source to fetch the script from.
735 It must have a default.nix file as its root accepting a scriptEnv parameter
739 url = mkOption { type = str; description = "git url to fetch"; };
740 rev = mkOption { type = str; description = "git reference to fetch"; };
745 description = "Variables to pass to the script";
752 description = "Sympa configuration";
755 listmasters = mkOption {
757 description = "Listmasters";
759 postgresql = mkPsqlOptions "Sympa";
760 data_sources = mkOption {
763 description = "Data sources to make available to sympa";
768 description = "Scenari to make available to sympa";
776 buildbot = mkOption {
777 description = "Buildbot configuration";
781 description = "Buildbot user";
785 description = "user uid";
789 description = "user gid";
796 description = "Ldap configuration for buildbot";
799 password = mkOption { type = str; description = "Buildbot password"; };
803 projects = mkOption {
804 description = "Projects to make a buildbot for";
805 type = attrsOf (submodule {
807 name = mkOption { type = str; description = "Project name"; };
808 packages = mkOption {
810 example = literalExample ''
811 pkgs: [ pkgs.bash pkgs.git pkgs.gzip pkgs.openssh ];
815 Builds packages list to make available to buildbot project.
816 Takes pkgs as argument.
819 pythonPackages = mkOption {
821 example = literalExample ''
822 p: pkgs: [ pkgs.python3Packages.pip ];
826 Builds python packages list to make available to buildbot project.
827 Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
830 pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
833 description = "Secrets for the project to dump as files";
835 environment = mkOption {
838 Environment variables for the project.
839 BUILDBOT_ is prefixed to the variable names
842 activationScript = mkOption {
845 Activation script to run during deployment
848 builderPaths = mkOption {
849 type = attrsOf unspecified;
852 Attrs of functions to make accessible specifically per builder.
853 Takes pkgs as argument and should return a single path containing binaries.
854 This path will be accessible as BUILDBOT_PATH_<attrskey>
857 webhookTokens = mkOption {
858 type = nullOr (listOf str);
861 List of tokens allowed to push to project’s change_hook/base endpoint
871 description = "Tools configurations";
874 contact = mkOption { type = str; description = "Contact e-mail address"; };
877 type = attrsOf (submodule {
879 url = mkOption { type = str; description = "URL to fetch"; };
880 sha256 = mkOption { type = str; description = "Hash of the url"; };
883 description = "Assets to provide on assets.immae.eu";
886 description = "Davical configuration";
889 postgresql = mkPsqlOptions "Davical";
890 ldap = mkLdapOptions "Davical" {};
894 diaspora = mkOption {
895 description = "Diaspora configuration";
898 postgresql = mkPsqlOptions "Diaspora";
899 redis = mkRedisOptions "Diaspora";
900 ldap = mkLdapOptions "Diaspora" {};
901 secret_token = mkOption { type = str; description = "Secret token"; };
905 dmarc_reports = mkOption {
906 description = "DMARC reports configuration";
909 mysql = mkMysqlOptions "DMARC" {};
910 anonymous_key = mkOption { type = str; description = "Anonymous hashing key"; };
914 etherpad-lite = mkOption {
915 description = "Etherpad configuration";
918 postgresql = mkPsqlOptions "Etherpad";
919 ldap = mkLdapOptions "Etherpad" {
920 group_filter = mkOption { type = str; description = "Filter for groups"; };
922 adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
923 session_key = mkOption { type = str; description = "Session key"; };
924 api_key = mkOption { type = str; description = "API key"; };
925 redirects = mkOption { type = str; description = "Redirects for apache"; };
929 gitolite = mkOption {
930 description = "Gitolite configuration";
933 ldap = mkLdapOptions "Gitolite" {};
937 kanboard = mkOption {
938 description = "Kanboard configuration";
941 postgresql = mkPsqlOptions "Kanboard";
942 ldap = mkLdapOptions "Kanboard" {
943 admin_dn = mkOption { type = str; description = "Admin DN"; };
948 mantisbt = mkOption {
949 description = "Mantisbt configuration";
952 postgresql = mkPsqlOptions "Mantisbt";
953 ldap = mkLdapOptions "Mantisbt" {};
954 master_salt = mkOption { type = str; description = "Master salt for password hash"; };
958 mastodon = mkOption {
959 description = "Mastodon configuration";
962 postgresql = mkPsqlOptions "Mastodon";
963 redis = mkRedisOptions "Mastodon";
964 ldap = mkLdapOptions "Mastodon" {};
965 paperclip_secret = mkOption { type = str; description = "Paperclip secret"; };
966 otp_secret = mkOption { type = str; description = "OTP secret"; };
967 secret_key_base = mkOption { type = str; description = "Secret key base"; };
969 description = "vapid key";
972 private = mkOption { type = str; description = "Private key"; };
973 public = mkOption { type = str; description = "Public key"; };
980 mediagoblin = mkOption {
981 description = "Mediagoblin configuration";
984 postgresql = mkPsqlOptions "Mediagoblin";
985 redis = mkRedisOptions "Mediagoblin";
986 ldap = mkLdapOptions "Mediagoblin" {};
990 nextcloud = mkOption {
991 description = "Nextcloud configuration";
994 postgresql = mkPsqlOptions "Peertube";
995 redis = mkRedisOptions "Peertube";
996 password_salt = mkOption { type = str; description = "Password salt"; };
997 instance_id = mkOption { type = str; description = "Instance ID"; };
998 secret = mkOption { type = str; description = "App secret"; };
1002 peertube = mkOption {
1003 description = "Peertube configuration";
1006 listenPort = mkOption { type = port; description = "Port to listen to"; };
1007 postgresql = mkPsqlOptions "Peertube";
1008 redis = mkRedisOptions "Peertube";
1009 ldap = mkLdapOptions "Peertube" {};
1013 syden_peertube = mkOption {
1014 description = "Peertube Syden configuration";
1017 listenPort = mkOption { type = port; description = "Port to listen to"; };
1018 postgresql = mkPsqlOptions "Peertube";
1019 redis = mkRedisOptions "Peertube";
1023 phpldapadmin = mkOption {
1024 description = "phpLdapAdmin configuration";
1027 ldap = mkLdapOptions "phpldapadmin" {};
1032 description = "Rompr configuration";
1036 description = "MPD configuration";
1039 host = mkOption { type = str; description = "Host for MPD"; };
1040 port = mkOption { type = port; description = "Port to access MPD host"; };
1047 roundcubemail = mkOption {
1048 description = "Roundcubemail configuration";
1051 postgresql = mkPsqlOptions "TT-RSS";
1052 secret = mkOption { type = str; description = "Secret"; };
1056 shaarli = mkOption {
1057 description = "Shaarli configuration";
1060 ldap = mkLdapOptions "Shaarli" {};
1064 status_engine = mkOption {
1065 description = "Status Engine configuration";
1068 mysql = mkMysqlOptions "StatusEngine" {};
1069 ldap = mkLdapOptions "StatusEngine" {};
1074 description = "Taskwarrior configuration";
1077 ldap = mkLdapOptions "Taskwarrior" {};
1078 taskwarrior-web = mkOption {
1079 description = "taskwarrior-web profiles";
1080 type = attrsOf (submodule {
1084 description = "List of ldap uids having access to this profile";
1086 org = mkOption { type = str; description = "Taskd organisation"; };
1087 key = mkOption { type = str; description = "Taskd key"; };
1088 date = mkOption { type = str; description = "Preferred date format"; };
1096 description = "TT-RSS configuration";
1099 postgresql = mkPsqlOptions "TT-RSS";
1100 ldap = mkLdapOptions "TT-RSS" {};
1104 wallabag = mkOption {
1105 description = "Wallabag configuration";
1108 postgresql = mkPsqlOptions "Wallabag";
1109 ldap = mkLdapOptions "Wallabag" {
1110 admin_filter = mkOption { type = str; description = "Admin users filter"; };
1112 redis = mkRedisOptions "Wallabag";
1113 secret = mkOption { type = str; description = "App secret"; };
1117 webhooks = mkOption {
1119 description = "Mapping 'name'.php => script for webhooks";
1121 csp_reports = mkOption {
1122 description = "CSP report configuration";
1125 report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
1126 policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
1127 postgresql = mkPsqlOptions "CSP reports";
1131 commento = mkOption {
1132 description = "Commento configuration";
1135 listenPort = mkOption { type = port; description = "Port to listen to"; };
1136 postgresql = mkPsqlOptions "Commento";
1137 smtp = mkSmtpOptions "Commento";
1142 description = "Ympd configuration";
1145 listenPort = mkOption { type = port; description = "Port to listen to"; };
1147 description = "MPD configuration";
1150 password = mkOption { type = str; description = "Password to access MPD host"; };
1151 host = mkOption { type = str; description = "Host for MPD"; };
1152 port = mkOption { type = port; description = "Port to access MPD host"; };
1160 description = "Yourls configuration";
1163 mysql = mkMysqlOptions "Yourls" {};
1164 ldap = mkLdapOptions "Yourls" {};
1165 cookieKey = mkOption { type = str; description = "Cookie key"; };
1172 websites = mkOption {
1173 description = "Websites configurations";
1177 description = "Immae configuration by environment";
1181 description = "Temp configuration";
1184 ldap = mkLdapOptions "Immae temp" {
1185 filter = mkOption { type = str; description = "Filter for user access"; };
1193 isabelle = mkOption {
1194 description = "Isabelle configurations by environment";
1197 atenSubmodule = mkOption {
1198 description = "environment configuration";
1201 environment = mkOption { type = str; description = "Symfony environment"; };
1202 secret = mkOption { type = str; description = "Symfony App secret"; };
1203 postgresql = mkPsqlOptions "Aten";
1210 aten_production = atenSubmodule;
1211 aten_integration = atenSubmodule;
1212 iridologie = mkOption {
1213 description = "environment configuration";
1216 environment = mkOption { type = str; description = "SPIP environment"; };
1217 mysql = mkMysqlOptions "Iridologie" {};
1218 ldap = mkLdapOptions "Iridologie" {};
1226 description = "Chloe configurations by environment";
1229 chloeSubmodule = mkOption {
1230 description = "environment configuration";
1233 environment = mkOption { type = str; description = "SPIP environment"; };
1234 mysql = mkMysqlOptions "Chloe" {};
1235 ldap = mkLdapOptions "Chloe" {};
1242 production = chloeSubmodule;
1243 integration = chloeSubmodule;
1247 connexionswing = mkOption {
1248 description = "Connexionswing configurations by environment";
1251 csSubmodule = mkOption {
1252 description = "environment configuration";
1255 environment = mkOption { type = str; description = "Symfony environment"; };
1256 mysql = mkMysqlOptions "Connexionswing" {};
1257 secret = mkOption { type = str; description = "Symfony App secret"; };
1258 email = mkOption { type = str; description = "Symfony email notification"; };
1265 production = csSubmodule;
1266 integration = csSubmodule;
1271 description = "Naturaloutil configuration";
1274 mysql = mkMysqlOptions "Naturaloutil" {};
1275 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1279 telio_tortay = mkOption {
1280 description = "Telio Tortay configuration";
1283 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1287 ludivine = mkOption {
1288 description = "Ludivinecassal configurations by environment";
1291 lcSubmodule = mkOption {
1292 description = "environment configuration";
1295 environment = mkOption { type = str; description = "Symfony environment"; };
1296 mysql = mkMysqlOptions "LudivineCassal" {};
1297 ldap = mkLdapOptions "LudivineCassal" {};
1298 secret = mkOption { type = str; description = "Symfony App secret"; };
1305 production = lcSubmodule;
1306 integration = lcSubmodule;
1311 description = "Emilia configuration";
1314 postgresql = mkPsqlOptions "Emilia";
1318 florian = mkOption {
1319 description = "Florian configuration";
1322 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1326 nassime = mkOption {
1327 description = "Nassime configuration";
1330 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1334 piedsjaloux = mkOption {
1335 description = "Piedsjaloux configurations by environment";
1338 pjSubmodule = mkOption {
1339 description = "environment configuration";
1342 environment = mkOption { type = str; description = "Symfony environment"; };
1343 mysql = mkMysqlOptions "Piedsjaloux" {};
1344 secret = mkOption { type = str; description = "Symfony App secret"; };
1351 production = pjSubmodule;
1352 integration = pjSubmodule;
1357 description = "Europe Richie configurations by environment";
1360 mysql = mkMysqlOptions "Richie" {};
1361 smtp_mailer = mkOption {
1362 description = "SMTP mailer configuration";
1365 user = mkOption { type = str; description = "Username"; };
1366 password = mkOption { type = str; description = "Password"; };
1373 caldance = mkOption {
1374 description = "Caldance configurations by environment";
1377 integration = mkOption {
1378 description = "environment configuration";
1381 password = mkOption { type = str; description = "Password file content for basic auth"; };
1388 tellesflorian = mkOption {
1389 description = "Tellesflorian configurations by environment";
1392 tfSubmodule = mkOption {
1393 description = "environment configuration";
1396 environment = mkOption { type = str; description = "Symfony environment"; };
1397 mysql = mkMysqlOptions "Tellesflorian" {};
1398 secret = mkOption { type = str; description = "Symfony App secret"; };
1399 invite_passwords = mkOption { type = str; description = "Password basic auth"; };
1406 integration = tfSubmodule;
1414 privateFiles = mkOption {
1417 Path to secret files to make available during build
1421 options.hostEnv = mkOption {
1424 default = config.myEnv.servers."${name}";
1425 description = "Host environment";