1 { config, lib, name, ... }:
7 base = mkOption { description = "Base of the LDAP tree"; type = str; };
8 host = mkOption { description = "Host to access LDAP"; type = str; };
9 root_dn = mkOption { description = "DN of the root user"; type = str; };
10 root_pw = mkOption { description = "Hashed password of the root user"; type = str; };
11 replication_dn = mkOption { description = "DN of the user allowed to replicate the LDAP directory"; type = str; };
12 replication_pw = mkOption { description = "Password of the user allowed to replicate the LDAP directory"; type = str; };
14 mkLdapOptions = name: more: mkOption {
15 description = "${name} LDAP configuration";
17 options = ldapOptions // {
18 dn = mkOption { description = "DN of the ${name} user"; type = str; };
19 password = mkOption { description = "password of the ${name} user"; type = str; };
20 filter = mkOption { description = "Filter for ${name} users"; type = str; default = ""; };
25 host = mkOption { description = "Host to access Mysql"; type = str; };
26 remoteHost = mkOption { description = "Host to access Mysql from outside"; type = str; };
27 port = mkOption { description = "Port to access Mysql"; type = str; };
28 socket = mkOption { description = "Socket to access Mysql"; type = path; };
29 systemUsers = mkOption {
30 description = "Attrs of user-passwords allowed to access mysql";
34 description = "PAM configuration for mysql";
37 dn = mkOption { description = "DN to connect as to check users"; type = str; };
38 password = mkOption { description = "DN password to connect as to check users"; type = str; };
39 filter = mkOption { description = "filter to match users"; type = str; };
44 mkMysqlOptions = name: more: mkOption {
45 description = "${name} mysql configuration";
47 options = mysqlOptions // {
48 database = mkOption { description = "${name} database"; type = str; };
49 user = mkOption { description = "${name} user"; type = str; };
50 password = mkOption { description = "mysql password of the ${name} user"; type = str; };
55 host = mkOption { description = "Host to access Postgresql"; type = str; };
56 port = mkOption { description = "Port to access Postgresql"; type = str; };
57 socket = mkOption { description = "Socket to access Postgresql"; type = path; };
59 description = "PAM configuration for psql";
62 dn = mkOption { description = "DN to connect as to check users"; type = str; };
63 password = mkOption { description = "DN password to connect as to check users"; type = str; };
64 filter = mkOption { description = "filter to match users"; type = str; };
69 mkPsqlOptions = name: mkOption {
70 description = "${name} psql configuration";
72 options = psqlOptions // {
73 database = mkOption { description = "${name} database"; type = str; };
74 schema = mkOption { description = "${name} schema"; type = nullOr str; default = null; };
75 user = mkOption { description = "${name} user"; type = str; };
76 password = mkOption { description = "psql password of the ${name} user"; type = str; };
81 host = mkOption { description = "Host to access Redis"; type = str; };
82 port = mkOption { description = "Port to access Redis"; type = str; };
83 socket = mkOption { description = "Socket to access Redis"; type = path; };
85 description = "Attrs of db number. Each number should be unique to avoid collision!";
88 spiped_key = mkOption {
91 Key to use with spiped to make a secure channel to replication
95 description = "Predixy configuration. Unused yet";
98 read = mkOption { type = str; description = "Read password"; };
103 mkRedisOptions = name: mkOption {
104 description = "${name} redis configuration";
106 options = redisOptions // {
107 db = mkOption { description = "${name} database"; type = str; };
112 host = mkOption { description = "Host to access SMTP"; type = str; };
113 port = mkOption { description = "Port to access SMTP"; type = str; };
115 mkSmtpOptions = name: mkOption {
116 description = "${name} smtp configuration";
118 options = smtpOptions // {
119 email = mkOption { description = "${name} email"; type = str; };
120 password = mkOption { description = "SMTP password of the ${name} user"; type = str; };
124 hostEnv = submodule {
127 description = "Host FQDN";
134 Sublist of users from realUsers. Function that takes pkgs as
135 argument and gives an array as a result
140 description = "List of e-mails that the server can be a sender of";
145 LDAP credentials for the host
149 password = mkOption { type = str; description = "Password for the LDAP connection"; };
150 dn = mkOption { type = str; description = "DN for the LDAP connection"; };
155 description = "subdomain and priority for MX server";
156 default = { enable = false; };
159 enable = mkEnableOption "Enable MX";
160 subdomain = mkOption { type = nullOr str; description = "Subdomain name (mx-*)"; };
161 priority = mkOption { type = nullOr str; description = "Priority"; };
167 attrs of ip4/ip6 grouped by section
169 type = attrsOf (submodule {
175 ip4 addresses of the host
182 ip6 addresses of the host
195 Attrs of servers information in the cluster (not necessarily handled by nixops)
198 type = attrsOf hostEnv;
200 hetznerCloud = mkOption {
202 Hetzner Cloud credential information
206 authToken = mkOption {
217 Hetzner credential information
221 user = mkOption { type = str; description = "User"; };
222 pass = mkOption { type = str; description = "Password"; };
228 sshd service credential information
232 rootKeys = mkOption { type = attrsOf str; description = "Keys of root users"; };
235 LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
239 password = mkOption { description = "Password"; type = str; };
248 non-standard reserved ports. Must be unique!
253 noDupl = x: builtins.length (builtins.attrValues x) == builtins.length (unique (builtins.attrValues x));
255 x: if isAttrs x && noDupl x then x else throw "Non unique values for ports";
259 httpd service credential information
265 LDAP credentials for cn=httpd,ou=services,dc=immae,dc=eu dn
269 password = mkOption { description = "Password"; type = str; };
277 type = submodule { options = smtpOptions; };
278 description = "SMTP configuration";
282 LDAP server configuration
285 options = ldapOptions;
288 databases = mkOption {
289 description = "Databases configuration";
293 type = submodule { options = mysqlOptions; };
294 description = "Mysql configuration";
297 type = submodule { options = redisOptions; };
298 description = "Redis configuration";
300 postgresql = mkOption {
301 type = submodule { options = psqlOptions; };
302 description = "Postgresql configuration";
308 description = "Jabber configuration";
311 postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
312 ldap = mkLdapOptions "Jabber" {};
313 postgresql = mkPsqlOptions "Jabber";
317 realUsers = mkOption {
319 Attrset of function taking pkgs as argument.
320 Real users settings, should provide a subattr of users.users.<name>
321 with at least: name, (hashed)Password, shell
323 type = attrsOf unspecified;
326 description = "System and regular users uid/gid";
327 type = attrsOf (submodule {
330 description = "user uid";
334 description = "user gid";
341 description = "DNS configuration";
345 description = "SOA information";
349 description = "Serial number. Should be incremented at each change and unique";
353 description = "Refresh time";
357 description = "Retry time";
361 description = "Expire time";
365 description = "Default TTL time";
369 description = "hostmaster e-mail";
373 description = "Primary NS";
380 description = "Attrs of NS servers group";
383 "ns1.foo.com" = [ "198.51.100.10" "2001:db8:abcd::1" ];
384 "ns2.foo.com" = [ "198.51.100.15" "2001:db8:1234::1" ];
387 type = attrsOf (attrsOf (listOf str));
391 description = "DNS keys";
392 type = attrsOf (submodule {
394 algorithm = mkOption { type = str; description = "Algorithm"; };
395 secret = mkOption { type = str; description = "Secret"; };
399 slaveZones = mkOption {
400 description = "List of slave zones";
401 type = listOf (submodule {
403 name = mkOption { type = str; description = "zone name"; };
405 description = "NS master groups of this zone";
410 description = "Keys associated to the server";
416 masterZones = mkOption {
417 description = "List of master zones";
418 type = listOf (submodule {
420 name = mkOption { type = str; description = "zone name"; };
421 withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; };
423 description = "NS slave groups of this zone";
427 description = "groups names that should have their NS entries listed here";
431 description = "Extra zone configuration for bind";
437 entries = mkOption { type = lines; description = "Regular entries of the NS zone"; };
438 withEmail = mkOption {
439 description = "List of domains that should have mail entries (MX, dkim, SPF, ...)";
441 type = listOf (submodule {
443 domain = mkOption { type = str; description = "Which subdomain is concerned"; };
444 send = mkOption { type = bool; description = "Whether there can be e-mails originating from the subdomain"; };
445 receive = mkOption { type = bool; description = "Whether there can be e-mails arriving to the subdomain"; };
457 Remote backup with duplicity
461 password = mkOption { type = str; description = "Password for encrypting files"; };
463 type = attrsOf (submodule {
467 example = literalExample ''
468 bucket: "s3://some_host/${bucket}";
472 Takes a bucket name as argument and returns a url
475 accessKeyId = mkOption { type = str; description = "Remote access-key"; };
476 secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
483 zrepl_backup = mkOption {
487 description = "SSH key information";
490 public = mkOption { type = str; description = "Public part of the key"; };
491 private = mkOption { type = lines; description = "Private part of the key"; };
495 mysql = mkMysqlOptions "Zrepl" {};
497 description = "Certificates";
498 type = attrsOf (submodule {
500 key = mkOption { type = str; description = "Key"; };
501 certificate = mkOption { type = str; description = "Certificate"; };
508 rsync_backup = mkOption {
510 Rsync backup configuration from controlled host
515 description = "SSH key information";
518 public = mkOption { type = str; description = "Public part of the key"; };
519 private = mkOption { type = lines; description = "Private part of the key"; };
523 profiles = mkOption {
524 description = "Attrs of profiles to backup";
525 type = attrsOf (submodule {
527 keep = mkOption { type = int; description = "Number of backups to keep"; };
528 check_command = mkOption { type = str; description = "command to check if backup needs to be done"; default = "backup"; };
529 login = mkOption { type = str; description = "Login to connect to host"; };
530 port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
531 host = mkOption { type = str; description = "Host to connect to"; };
532 host_key = mkOption { type = str; description = "Host key"; };
533 host_key_type = mkOption { type = str; description = "Host key type"; };
535 description = "Parts to backup for this host";
536 type = attrsOf (submodule {
538 remote_folder = mkOption { type = path; description = "Remote folder to backup";};
539 exclude_from = mkOption {
542 description = "List of folders/files to exclude from the backup";
544 files_from = mkOption {
547 description = "List of folders/files to backup in the base folder";
552 description = "Extra arguments to pass to rsync";
563 monitoring = mkOption {
564 description = "Monitoring configuration";
567 status_url = mkOption { type = str; description = "URL to push status to"; };
568 status_token = mkOption { type = str; description = "Token for the status url"; };
569 http_user_password = mkOption { type = str; description = "HTTP credentials to check services behind wall"; };
570 email = mkOption { type = str; description = "Admin E-mail"; };
571 ssh_public_key = mkOption { type = str; description = "SSH public key"; };
572 ssh_secret_key = mkOption { type = str; description = "SSH secret key"; };
573 imap_login = mkOption { type = str; description = "IMAP login"; };
574 imap_password = mkOption { type = str; description = "IMAP password"; };
575 eriomem_keys = mkOption { type = listOf (listOf str); description = "Eriomem keys"; default = []; };
577 description = "OVH credentials for sms script";
580 endpoint = mkOption { type = str; default = "ovh-eu"; description = "OVH endpoint"; };
581 application_key = mkOption { type = str; description = "Application key"; };
582 application_secret = mkOption { type = str; description = "Application secret"; };
583 consumer_key = mkOption { type = str; description = "Consumer key"; };
584 account = mkOption { type = str; description = "Account"; };
588 nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
589 apprise_urls = mkOption { type = str; description = "Apprise space-separated urls to push status update"; };
590 netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; };
591 netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; };
592 contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
593 email_check = mkOption {
594 description = "Emails services to check";
595 type = attrsOf (submodule {
597 local = mkOption { type = bool; default = false; description = "Use local configuration"; };
598 port = mkOption { type = nullOr str; default = null; description = "Port to connect to ssh"; };
599 login = mkOption { type = nullOr str; default = null; description = "Login to connect to ssh"; };
600 targets = mkOption { type = listOf str; description = "Hosts to send E-mails to"; };
601 mail_address = mkOption { type = nullOr str; default = null; description = "E-mail recipient part to send e-mail to"; };
602 mail_domain = mkOption { type = nullOr str; default = null; description = "E-mail domain part to send e-mail to"; };
610 description = "MPD configuration";
613 folder = mkOption { type = str; description = "Folder to serve from the MPD instance"; };
614 password = mkOption { type = str; description = "Password to connect to the MPD instance"; };
615 host = mkOption { type = str; description = "Host to connect to the MPD instance"; };
616 port = mkOption { type = str; description = "Port to connect to the MPD instance"; };
621 description = "FTP configuration";
624 ldap = mkLdapOptions "FTP" {
625 proftpd_filter = mkOption { type = str; description = "Filter for proftpd listing in LDAP"; };
626 pure-ftpd_filter = mkOption { type = str; description = "Filter for pure-ftpd listing in LDAP"; };
632 description = "VPN configuration";
633 type = attrsOf (submodule {
635 prefix = mkOption { type = str; description = "ipv6 prefix for the vpn subnet"; };
636 privateKey = mkOption { type = str; description = "Private key for the host"; };
637 publicKey = mkOption { type = str; description = "Public key for the host"; };
642 description = "Mail configuration";
646 description = "DMARC configuration";
649 ignore_hosts = mkOption {
652 Hosts to ignore when checking for dmarc
659 description = "DKIM configuration";
660 type = attrsOf (submodule {
666 "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3w1a2aMxWw9+hdcmbqX4UevcVqr204y0K73Wdc7MPZiOOlUJQYsMNSYR1Y/SC7jmPKeitpcJCpQgn/cveJZbuikjjPLsDReHyFEYmC278ZLRTELHx6f1IXM8WE08JIRT69CfZiMi1rVcOh9qRT4F93PyjCauU8Y5hJjtg9ThsWwIDAQAB" )
668 description = "Public entry to put in DNS TXT field";
670 private = mkOption { type = str; description = "Private key"; };
675 description = "Postfix configuration";
678 additional_mailbox_domains = mkOption {
680 List of domains that are used as mailbox final destination, in addition to those defined in the DNS records
684 mysql = mkMysqlOptions "Postfix" {
685 password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
689 List of admins meant to receive common aliases
693 common_aliases = mkOption {
695 List of aliases common to all hosts, to forward to admins
699 other_aliases = mkOption {
701 Other list of aliases, to forward to admins
705 backup_domains = mkOption {
707 Domains that are accepted for relay as backup domain
709 type = attrsOf (submodule {
711 domains = mkOption { type = listOf str; description = "Domains list"; };
712 relay_restrictions = mkOption {
715 Restrictions for relaying the e-mails from the domains
718 recipient_maps = mkOption {
720 Recipient map to accept relay for.
721 Must be specified for domain, the rules apply to everyone!
723 type = listOf (submodule {
726 type = enum [ "hash" ];
727 description = "Map type";
731 description = "Map content";
743 description = "Dovecot configuration";
746 ldap = mkLdapOptions "Dovecot" {
747 pass_attrs = mkOption { type = str; description = "Password attribute in LDAP"; };
748 user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
749 iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
750 iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
751 postfix_mailbox_filter = mkOption { type = str; description = "Postfix filter to get mailboxes"; };
757 description = "rspamd configuration";
760 redis = mkRedisOptions "Redis";
761 read_password_hashed = mkOption { type = str; description = "Hashed read password for rspamd"; };
762 write_password_hashed = mkOption { type = str; description = "Hashed write password for rspamd"; };
763 read_password = mkOption {
765 description = "Read password for rspamd. Unused";
768 write_password = mkOption {
770 description = "Write password for rspamd. Unused";
777 description = "Mail script recipients";
778 type = attrsOf (submodule {
780 external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
783 git source to fetch the script from.
784 It must have a default.nix file as its root accepting a scriptEnv parameter
788 url = mkOption { type = str; description = "git url to fetch"; };
789 rev = mkOption { type = str; description = "git reference to fetch"; };
794 description = "Variables to pass to the script";
801 description = "Sympa configuration";
804 listmasters = mkOption {
806 description = "Listmasters";
808 postgresql = mkPsqlOptions "Sympa";
809 data_sources = mkOption {
812 description = "Data sources to make available to sympa";
817 description = "Scenari to make available to sympa";
826 description = "Coturn configuration";
829 auth_access_key = mkOption { type = str; description = "key to access coturn"; };
833 buildbot = mkOption {
834 description = "Buildbot configuration";
838 description = "SSH key information";
841 public = mkOption { type = str; description = "Public part of the key"; };
842 private = mkOption { type = lines; description = "Private part of the key"; };
846 workerPassword = mkOption { description = "Buildbot worker password"; type = str; };
848 description = "Buildbot user";
852 description = "user uid";
856 description = "user gid";
863 description = "Ldap configuration for buildbot";
866 password = mkOption { type = str; description = "Buildbot password"; };
870 projects = mkOption {
871 description = "Projects to make a buildbot for";
872 type = attrsOf (submodule {
874 name = mkOption { type = str; description = "Project name"; };
875 packages = mkOption {
877 example = literalExample ''
878 pkgs: [ pkgs.bash pkgs.git pkgs.gzip pkgs.openssh ];
882 Builds packages list to make available to buildbot project.
883 Takes pkgs as argument.
886 pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
887 workerPort = mkOption { type = port; description = "Port for the worker"; };
889 #type = attrsOf (either str (functionTo str));
890 type = attrsOf unspecified;
891 description = "Secrets for the project to dump as files. Might be a function that takes pkgs as argument";
893 environment = mkOption {
894 #type = attrsOf (either str (functionTo str));
895 type = attrsOf unspecified;
897 Environment variables for the project. Might be a function that takes pkgs as argument.
898 BUILDBOT_ is prefixed to the variable names
901 activationScript = mkOption {
904 Activation script to run during deployment
907 webhookTokens = mkOption {
908 type = nullOr (listOf str);
911 List of tokens allowed to push to project’s change_hook/base endpoint
921 description = "Tools configurations";
924 contact = mkOption { type = str; description = "Contact e-mail address"; };
927 type = attrsOf (submodule {
929 assetType = mkOption { type = enum ["tgz" "url" "googleFont"]; default = "url"; description = "Type of asset"; };
930 tgzRemoveComponents = mkOption { type = int; default = 0; description = "Remove components when extracting"; };
931 url = mkOption { type = str; description = "URL to fetch"; };
932 sha256 = mkOption { type = str; description = "Hash of the url"; };
935 description = "Assets to provide on assets.immae.eu";
938 description = "Davical configuration";
941 postgresql = mkPsqlOptions "Davical";
942 ldap = mkLdapOptions "Davical" {};
946 diaspora = mkOption {
947 description = "Diaspora configuration";
950 postgresql = mkPsqlOptions "Diaspora";
951 redis = mkRedisOptions "Diaspora";
952 ldap = mkLdapOptions "Diaspora" {};
953 secret_token = mkOption { type = str; description = "Secret token"; };
957 dmarc_reports = mkOption {
958 description = "DMARC reports configuration";
961 mysql = mkMysqlOptions "DMARC" {};
962 anonymous_key = mkOption { type = str; description = "Anonymous hashing key"; };
966 etherpad-lite = mkOption {
967 description = "Etherpad configuration";
970 postgresql = mkPsqlOptions "Etherpad";
971 ldap = mkLdapOptions "Etherpad" {
972 group_filter = mkOption { type = str; description = "Filter for groups"; };
974 adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
975 session_key = mkOption { type = str; description = "Session key"; };
976 api_key = mkOption { type = str; description = "API key"; };
980 gitolite = mkOption {
981 description = "Gitolite configuration";
984 ldap = mkLdapOptions "Gitolite" {};
986 description = "SSH key information";
989 public = mkOption { type = str; description = "Public part of the key"; };
990 private = mkOption { type = lines; description = "Private part of the key"; };
997 kanboard = mkOption {
998 description = "Kanboard configuration";
1001 postgresql = mkPsqlOptions "Kanboard";
1002 ldap = mkLdapOptions "Kanboard" {
1003 admin_dn = mkOption { type = str; description = "Admin DN"; };
1008 mantisbt = mkOption {
1009 description = "Mantisbt configuration";
1012 postgresql = mkPsqlOptions "Mantisbt";
1013 ldap = mkLdapOptions "Mantisbt" {};
1014 master_salt = mkOption { type = str; description = "Master salt for password hash"; };
1018 mastodon = mkOption {
1019 description = "Mastodon configuration";
1022 postgresql = mkPsqlOptions "Mastodon";
1023 redis = mkRedisOptions "Mastodon";
1024 ldap = mkLdapOptions "Mastodon" {};
1025 paperclip_secret = mkOption { type = str; description = "Paperclip secret"; };
1026 otp_secret = mkOption { type = str; description = "OTP secret"; };
1027 secret_key_base = mkOption { type = str; description = "Secret key base"; };
1029 description = "vapid key";
1032 private = mkOption { type = str; description = "Private key"; };
1033 public = mkOption { type = str; description = "Public key"; };
1040 mediagoblin = mkOption {
1041 description = "Mediagoblin configuration";
1044 postgresql = mkPsqlOptions "Mediagoblin";
1045 redis = mkRedisOptions "Mediagoblin";
1046 ldap = mkLdapOptions "Mediagoblin" {};
1050 nextcloud = mkOption {
1051 description = "Nextcloud configuration";
1054 postgresql = mkPsqlOptions "Peertube";
1055 redis = mkRedisOptions "Peertube";
1056 password_salt = mkOption { type = str; description = "Password salt"; };
1057 instance_id = mkOption { type = str; description = "Instance ID"; };
1058 secret = mkOption { type = str; description = "App secret"; };
1062 peertube = mkOption {
1063 description = "Peertube configuration";
1066 listenPort = mkOption { type = port; description = "Port to listen to"; };
1067 postgresql = mkPsqlOptions "Peertube";
1068 redis = mkRedisOptions "Peertube";
1069 ldap = mkLdapOptions "Peertube" {};
1073 syden_peertube = mkOption {
1074 description = "Peertube Syden configuration";
1077 listenPort = mkOption { type = port; description = "Port to listen to"; };
1078 postgresql = mkPsqlOptions "Peertube";
1079 redis = mkRedisOptions "Peertube";
1083 phpldapadmin = mkOption {
1084 description = "phpLdapAdmin configuration";
1087 ldap = mkLdapOptions "phpldapadmin" {};
1092 description = "Rompr configuration";
1096 description = "MPD configuration";
1099 host = mkOption { type = str; description = "Host for MPD"; };
1100 port = mkOption { type = port; description = "Port to access MPD host"; };
1107 roundcubemail = mkOption {
1108 description = "Roundcubemail configuration";
1111 postgresql = mkPsqlOptions "TT-RSS";
1112 secret = mkOption { type = str; description = "Secret"; };
1116 shaarli = mkOption {
1117 description = "Shaarli configuration";
1120 ldap = mkLdapOptions "Shaarli" {};
1124 status_engine = mkOption {
1125 description = "Status Engine configuration";
1128 mysql = mkMysqlOptions "StatusEngine" {};
1129 ldap = mkLdapOptions "StatusEngine" {};
1134 description = "Taskwarrior configuration";
1137 ldap = mkLdapOptions "Taskwarrior" {};
1138 taskwarrior-web = mkOption {
1139 description = "taskwarrior-web profiles";
1140 type = attrsOf (submodule {
1144 description = "List of ldap uids having access to this profile";
1146 org = mkOption { type = str; description = "Taskd organisation"; };
1147 key = mkOption { type = str; description = "Taskd key"; };
1148 date = mkOption { type = str; description = "Preferred date format"; };
1156 description = "TT-RSS configuration";
1159 postgresql = mkPsqlOptions "TT-RSS";
1160 ldap = mkLdapOptions "TT-RSS" {};
1164 wallabag = mkOption {
1165 description = "Wallabag configuration";
1168 postgresql = mkPsqlOptions "Wallabag";
1169 ldap = mkLdapOptions "Wallabag" {
1170 admin_filter = mkOption { type = str; description = "Admin users filter"; };
1172 redis = mkRedisOptions "Wallabag";
1173 secret = mkOption { type = str; description = "App secret"; };
1177 webhooks = mkOption {
1179 description = "Mapping 'name'.php => script for webhooks";
1181 csp_reports = mkOption {
1182 description = "CSP report configuration";
1185 report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
1186 policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
1190 commento = mkOption {
1191 description = "Commento configuration";
1194 listenPort = mkOption { type = port; description = "Port to listen to"; };
1195 postgresql = mkPsqlOptions "Commento";
1196 smtp = mkSmtpOptions "Commento";
1200 cryptpad = mkOption {
1201 description = "Cryptpad configuration";
1202 type = attrsOf (submodule {
1204 email = mkOption { type = str; description = "Admin e-mail"; };
1205 admins = mkOption { type = listOf str; description = "Instance admin public keys"; };
1206 port = mkOption { type = port; description = "Port to listen to"; };
1211 description = "Ympd configuration";
1214 listenPort = mkOption { type = port; description = "Port to listen to"; };
1216 description = "MPD configuration";
1219 password = mkOption { type = str; description = "Password to access MPD host"; };
1220 host = mkOption { type = str; description = "Host for MPD"; };
1221 port = mkOption { type = port; description = "Port to access MPD host"; };
1229 description = "Umami configuration";
1232 listenPort = mkOption { type = port; description = "Port to listen to"; };
1233 postgresql = mkPsqlOptions "Umami";
1234 hashSalt = mkOption { type = str; description = "Hash salt"; };
1239 description = "Yourls configuration";
1242 mysql = mkMysqlOptions "Yourls" {};
1243 ldap = mkLdapOptions "Yourls" {};
1244 cookieKey = mkOption { type = str; description = "Cookie key"; };
1251 serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; };
1252 websites = mkOption {
1253 description = "Websites configurations";
1256 christophe_carpentier = mkOption {
1257 description = "Christophe Carpentier configuration by environment";
1260 agorakit = mkOption {
1261 description = "Agorakit configuration";
1264 mysql = mkMysqlOptions "Agorakit" {};
1265 smtp = mkSmtpOptions "Agorakit";
1266 appkey = mkOption { type = str; description = "App key"; };
1274 description = "Immae configuration by environment";
1278 description = "Temp configuration";
1281 ldap = mkLdapOptions "Immae temp" {
1282 filter = mkOption { type = str; description = "Filter for user access"; };
1290 isabelle = mkOption {
1291 description = "Isabelle configurations by environment";
1294 atenSubmodule = mkOption {
1295 description = "environment configuration";
1298 environment = mkOption { type = str; description = "Symfony environment"; };
1299 secret = mkOption { type = str; description = "Symfony App secret"; };
1300 postgresql = mkPsqlOptions "Aten";
1307 aten_production = atenSubmodule;
1308 aten_integration = atenSubmodule;
1309 iridologie = mkOption {
1310 description = "environment configuration";
1313 environment = mkOption { type = str; description = "SPIP environment"; };
1314 mysql = mkMysqlOptions "Iridologie" {};
1315 ldap = mkLdapOptions "Iridologie" {};
1323 description = "Chloe configurations by environment";
1326 chloeSubmodule = mkOption {
1327 description = "environment configuration";
1330 environment = mkOption { type = str; description = "SPIP environment"; };
1331 mysql = mkMysqlOptions "Chloe" {};
1332 ldap = mkLdapOptions "Chloe" {};
1339 production = chloeSubmodule;
1340 integration = chloeSubmodule;
1342 description = "environment configuration";
1345 mysql = mkMysqlOptions "ChloeNew" {};
1346 ldap = mkLdapOptions "ChloeNew" {};
1347 secret = mkOption { type = str; description = "Symfony App secret"; };
1354 connexionswing = mkOption {
1355 description = "Connexionswing configurations by environment";
1358 csSubmodule = mkOption {
1359 description = "environment configuration";
1362 environment = mkOption { type = str; description = "Symfony environment"; };
1363 mysql = mkMysqlOptions "Connexionswing" {};
1364 secret = mkOption { type = str; description = "Symfony App secret"; };
1365 email = mkOption { type = str; description = "Symfony email notification"; };
1372 production = csSubmodule;
1373 integration = csSubmodule;
1378 description = "Naturaloutil configuration";
1381 mysql = mkMysqlOptions "Naturaloutil" {};
1382 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1386 telio_tortay = mkOption {
1387 description = "Telio Tortay configuration";
1390 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1394 ludivine = mkOption {
1395 description = "Ludivinecassal configurations by environment";
1398 lcSubmodule = mkOption {
1399 description = "environment configuration";
1402 environment = mkOption { type = str; description = "Symfony environment"; };
1403 mysql = mkMysqlOptions "LudivineCassal" {};
1404 ldap = mkLdapOptions "LudivineCassal" {};
1405 secret = mkOption { type = str; description = "Symfony App secret"; };
1412 production = lcSubmodule;
1413 integration = lcSubmodule;
1417 nicecoop = mkOption {
1418 description = "Nicecoop configuration";
1422 port = mkOption { description = "Port to listen to"; type = port; };
1423 longpoll_port = mkOption { description = "Port to listen to"; type = port; };
1424 postgresql = mkPsqlOptions "Odoo";
1425 admin_password = mkOption { type = str; description = "Admin password"; };
1428 smtp = mkSmtpOptions "GestionCompte";
1429 mysql = mkMysqlOptions "gestion-compte" {};
1430 secret = mkOption { type = str; description = "Application secret"; };
1431 adminpassword = mkOption { type = str; description = "Admin password"; };
1433 gestion-compte-integration = {
1434 smtp = mkSmtpOptions "GestionCompte";
1435 mysql = mkMysqlOptions "gestion-compte" {};
1436 secret = mkOption { type = str; description = "Application secret"; };
1437 adminpassword = mkOption { type = str; description = "Admin password"; };
1440 smtp = mkSmtpOptions "Copanier";
1441 staff = mkOption { type = listOf str; description = "List of staff members"; };
1447 description = "Emilia configuration";
1450 postgresql = mkPsqlOptions "Emilia";
1454 florian = mkOption {
1455 description = "Florian configuration";
1458 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1462 nassime = mkOption {
1463 description = "Nassime configuration";
1466 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1470 piedsjaloux = mkOption {
1471 description = "Piedsjaloux configurations by environment";
1474 pjSubmodule = mkOption {
1475 description = "environment configuration";
1478 environment = mkOption { type = str; description = "Symfony environment"; };
1479 mysql = mkMysqlOptions "Piedsjaloux" {};
1480 secret = mkOption { type = str; description = "Symfony App secret"; };
1487 production = pjSubmodule;
1488 integration = pjSubmodule;
1493 description = "Europe Richie configurations by environment";
1496 mysql = mkMysqlOptions "Richie" {};
1497 smtp_mailer = mkOption {
1498 description = "SMTP mailer configuration";
1501 user = mkOption { type = str; description = "Username"; };
1502 password = mkOption { type = str; description = "Password"; };
1509 caldance = mkOption {
1510 description = "Caldance configurations by environment";
1513 integration = mkOption {
1514 description = "environment configuration";
1517 password = mkOption { type = str; description = "Password file content for basic auth"; };
1524 tellesflorian = mkOption {
1525 description = "Tellesflorian configurations by environment";
1528 tfSubmodule = mkOption {
1529 description = "environment configuration";
1532 environment = mkOption { type = str; description = "Symfony environment"; };
1533 mysql = mkMysqlOptions "Tellesflorian" {};
1534 secret = mkOption { type = str; description = "Symfony App secret"; };
1535 invite_passwords = mkOption { type = str; description = "Password basic auth"; };
1542 integration = tfSubmodule;
1550 options.hostEnv = mkOption {
1553 default = config.myEnv.servers."${name}";
1554 description = "Host environment";