1 { config, lib, name, ... }:
7 base = mkOption { description = "Base of the LDAP tree"; type = str; };
8 host = mkOption { description = "Host to access LDAP"; type = str; };
9 root_dn = mkOption { description = "DN of the root user"; type = str; };
10 root_pw = mkOption { description = "Hashed password of the root user"; type = str; };
11 replication_dn = mkOption { description = "DN of the user allowed to replicate the LDAP directory"; type = str; };
12 replication_pw = mkOption { description = "Password of the user allowed to replicate the LDAP directory"; type = str; };
14 mkLdapOptions = name: more: mkOption {
15 description = "${name} LDAP configuration";
17 options = ldapOptions // {
18 dn = mkOption { description = "DN of the ${name} user"; type = str; };
19 password = mkOption { description = "password of the ${name} user"; type = str; };
20 filter = mkOption { description = "Filter for ${name} users"; type = str; default = ""; };
25 host = mkOption { description = "Host to access Mysql"; type = str; };
26 remoteHost = mkOption { description = "Host to access Mysql from outside"; type = str; };
27 port = mkOption { description = "Port to access Mysql"; type = str; };
28 socket = mkOption { description = "Socket to access Mysql"; type = path; };
29 systemUsers = mkOption {
30 description = "Attrs of user-passwords allowed to access mysql";
34 description = "PAM configuration for mysql";
37 dn = mkOption { description = "DN to connect as to check users"; type = str; };
38 password = mkOption { description = "DN password to connect as to check users"; type = str; };
39 filter = mkOption { description = "filter to match users"; type = str; };
44 mkMysqlOptions = name: more: mkOption {
45 description = "${name} mysql configuration";
47 options = mysqlOptions // {
48 database = mkOption { description = "${name} database"; type = str; };
49 user = mkOption { description = "${name} user"; type = str; };
50 password = mkOption { description = "mysql password of the ${name} user"; type = str; };
55 host = mkOption { description = "Host to access Postgresql"; type = str; };
56 port = mkOption { description = "Port to access Postgresql"; type = str; };
57 socket = mkOption { description = "Socket to access Postgresql"; type = path; };
59 description = "PAM configuration for psql";
62 dn = mkOption { description = "DN to connect as to check users"; type = str; };
63 password = mkOption { description = "DN password to connect as to check users"; type = str; };
64 filter = mkOption { description = "filter to match users"; type = str; };
69 mkPsqlOptions = name: mkOption {
70 description = "${name} psql configuration";
72 options = psqlOptions // {
73 database = mkOption { description = "${name} database"; type = str; };
74 schema = mkOption { description = "${name} schema"; type = nullOr str; default = null; };
75 user = mkOption { description = "${name} user"; type = str; };
76 password = mkOption { description = "psql password of the ${name} user"; type = str; };
81 host = mkOption { description = "Host to access Redis"; type = str; };
82 port = mkOption { description = "Port to access Redis"; type = str; };
83 socket = mkOption { description = "Socket to access Redis"; type = path; };
85 description = "Attrs of db number. Each number should be unique to avoid collision!";
88 spiped_key = mkOption {
91 Key to use with spiped to make a secure channel to replication
95 description = "Predixy configuration. Unused yet";
98 read = mkOption { type = str; description = "Read password"; };
103 mkRedisOptions = name: mkOption {
104 description = "${name} redis configuration";
106 options = redisOptions // {
107 db = mkOption { description = "${name} database"; type = str; };
112 host = mkOption { description = "Host to access SMTP"; type = str; };
113 port = mkOption { description = "Port to access SMTP"; type = str; };
115 mkSmtpOptions = name: mkOption {
116 description = "${name} smtp configuration";
118 options = smtpOptions // {
119 email = mkOption { description = "${name} email"; type = str; };
120 password = mkOption { description = "SMTP password of the ${name} user"; type = str; };
124 hostEnv = submodule {
127 description = "Host FQDN";
134 Sublist of users from realUsers. Function that takes pkgs as
135 argument and gives an array as a result
140 description = "List of e-mails that the server can be a sender of";
145 LDAP credentials for the host
149 password = mkOption { type = str; description = "Password for the LDAP connection"; };
150 dn = mkOption { type = str; description = "DN for the LDAP connection"; };
155 description = "subdomain and priority for MX server";
156 default = { enable = false; };
159 enable = mkEnableOption "Enable MX";
160 subdomain = mkOption { type = nullOr str; description = "Subdomain name (mx-*)"; };
161 priority = mkOption { type = nullOr str; description = "Priority"; };
167 attrs of ip4/ip6 grouped by section
169 type = attrsOf (submodule {
174 ip4 address of the host
181 ip6 addresses of the host
194 Attrs of servers information in the cluster (not necessarily handled by nixops)
197 type = attrsOf hostEnv;
199 hetznerCloud = mkOption {
201 Hetzner Cloud credential information
205 authToken = mkOption {
216 Hetzner credential information
220 user = mkOption { type = str; description = "User"; };
221 pass = mkOption { type = str; description = "Password"; };
227 sshd service credential information
231 rootKeys = mkOption { type = attrsOf str; description = "Keys of root users"; };
234 LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
238 password = mkOption { description = "Password"; type = str; };
247 non-standard reserved ports. Must be unique!
252 noDupl = x: builtins.length (builtins.attrValues x) == builtins.length (unique (builtins.attrValues x));
254 x: if isAttrs x && noDupl x then x else throw "Non unique values for ports";
258 httpd service credential information
264 LDAP credentials for cn=httpd,ou=services,dc=immae,dc=eu dn
268 password = mkOption { description = "Password"; type = str; };
276 type = submodule { options = smtpOptions; };
277 description = "SMTP configuration";
281 LDAP server configuration
284 options = ldapOptions;
287 databases = mkOption {
288 description = "Databases configuration";
292 type = submodule { options = mysqlOptions; };
293 description = "Mysql configuration";
296 type = submodule { options = redisOptions; };
297 description = "Redis configuration";
299 postgresql = mkOption {
300 type = submodule { options = psqlOptions; };
301 description = "Postgresql configuration";
307 description = "Jabber configuration";
310 postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
311 ldap = mkLdapOptions "Jabber" {};
312 postgresql = mkPsqlOptions "Jabber";
316 realUsers = mkOption {
318 Attrset of function taking pkgs as argument.
319 Real users settings, should provide a subattr of users.users.<name>
320 with at least: name, (hashed)Password, shell
322 type = attrsOf unspecified;
325 description = "System and regular users uid/gid";
326 type = attrsOf (submodule {
329 description = "user uid";
333 description = "user gid";
340 description = "DNS configuration";
344 description = "SOA information";
348 description = "Serial number. Should be incremented at each change and unique";
352 description = "Refresh time";
356 description = "Retry time";
360 description = "Expire time";
364 description = "Default TTL time";
368 description = "hostmaster e-mail";
372 description = "Primary NS";
379 description = "Attrs of NS servers group";
382 "ns1.foo.com" = [ "198.51.100.10" "2001:db8:abcd::1" ];
383 "ns2.foo.com" = [ "198.51.100.15" "2001:db8:1234::1" ];
386 type = attrsOf (attrsOf (listOf str));
390 description = "DNS keys";
391 type = attrsOf (submodule {
393 algorithm = mkOption { type = str; description = "Algorithm"; };
394 secret = mkOption { type = str; description = "Secret"; };
398 slaveZones = mkOption {
399 description = "List of slave zones";
400 type = listOf (submodule {
402 name = mkOption { type = str; description = "zone name"; };
404 description = "NS master groups of this zone";
409 description = "Keys associated to the server";
415 masterZones = mkOption {
416 description = "List of master zones";
417 type = listOf (submodule {
419 name = mkOption { type = str; description = "zone name"; };
420 withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; };
422 description = "NS slave groups of this zone";
426 description = "groups names that should have their NS entries listed here";
430 description = "Extra zone configuration for bind";
436 entries = mkOption { type = lines; description = "Regular entries of the NS zone"; };
437 withEmail = mkOption {
438 description = "List of domains that should have mail entries (MX, dkim, SPF, ...)";
440 type = listOf (submodule {
442 domain = mkOption { type = str; description = "Which subdomain is concerned"; };
443 send = mkOption { type = bool; description = "Whether there can be e-mails originating from the subdomain"; };
444 receive = mkOption { type = bool; description = "Whether there can be e-mails arriving to the subdomain"; };
456 Remote backup with duplicity
460 password = mkOption { type = str; description = "Password for encrypting files"; };
462 type = attrsOf (submodule {
466 example = literalExample ''
467 bucket: "s3://some_host/${bucket}";
471 Takes a bucket name as argument and returns a url
474 accessKeyId = mkOption { type = str; description = "Remote access-key"; };
475 secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
482 zrepl_backup = mkOption {
486 description = "SSH key information";
489 public = mkOption { type = str; description = "Public part of the key"; };
490 private = mkOption { type = lines; description = "Private part of the key"; };
494 mysql = mkMysqlOptions "Zrepl" {};
498 rsync_backup = mkOption {
500 Rsync backup configuration from controlled host
505 description = "SSH key information";
508 public = mkOption { type = str; description = "Public part of the key"; };
509 private = mkOption { type = lines; description = "Private part of the key"; };
513 profiles = mkOption {
514 description = "Attrs of profiles to backup";
515 type = attrsOf (submodule {
517 keep = mkOption { type = int; description = "Number of backups to keep"; };
518 check_command = mkOption { type = str; description = "command to check if backup needs to be done"; default = "backup"; };
519 login = mkOption { type = str; description = "Login to connect to host"; };
520 port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
521 host = mkOption { type = str; description = "Host to connect to"; };
522 host_key = mkOption { type = str; description = "Host key"; };
523 host_key_type = mkOption { type = str; description = "Host key type"; };
525 description = "Parts to backup for this host";
526 type = attrsOf (submodule {
528 remote_folder = mkOption { type = path; description = "Remote folder to backup";};
529 exclude_from = mkOption {
532 description = "List of folders/files to exclude from the backup";
534 files_from = mkOption {
537 description = "List of folders/files to backup in the base folder";
542 description = "Extra arguments to pass to rsync";
553 monitoring = mkOption {
554 description = "Monitoring configuration";
557 status_url = mkOption { type = str; description = "URL to push status to"; };
558 status_token = mkOption { type = str; description = "Token for the status url"; };
559 http_user_password = mkOption { type = str; description = "HTTP credentials to check services behind wall"; };
560 email = mkOption { type = str; description = "Admin E-mail"; };
561 ssh_public_key = mkOption { type = str; description = "SSH public key"; };
562 ssh_secret_key = mkOption { type = str; description = "SSH secret key"; };
563 imap_login = mkOption { type = str; description = "IMAP login"; };
564 imap_password = mkOption { type = str; description = "IMAP password"; };
565 eriomem_keys = mkOption { type = listOf (listOf str); description = "Eriomem keys"; default = []; };
567 description = "OVH credentials for sms script";
570 endpoint = mkOption { type = str; default = "ovh-eu"; description = "OVH endpoint"; };
571 application_key = mkOption { type = str; description = "Application key"; };
572 application_secret = mkOption { type = str; description = "Application secret"; };
573 consumer_key = mkOption { type = str; description = "Consumer key"; };
574 account = mkOption { type = str; description = "Account"; };
578 nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
579 slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
580 slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
581 netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; };
582 netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; };
583 contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
584 email_check = mkOption {
585 description = "Emails services to check";
586 type = attrsOf (submodule {
588 local = mkOption { type = bool; default = false; description = "Use local configuration"; };
589 port = mkOption { type = nullOr str; default = null; description = "Port to connect to ssh"; };
590 login = mkOption { type = nullOr str; default = null; description = "Login to connect to ssh"; };
591 targets = mkOption { type = listOf str; description = "Hosts to send E-mails to"; };
592 mail_address = mkOption { type = nullOr str; default = null; description = "E-mail recipient part to send e-mail to"; };
593 mail_domain = mkOption { type = nullOr str; default = null; description = "E-mail domain part to send e-mail to"; };
601 description = "MPD configuration";
604 folder = mkOption { type = str; description = "Folder to serve from the MPD instance"; };
605 password = mkOption { type = str; description = "Password to connect to the MPD instance"; };
606 host = mkOption { type = str; description = "Host to connect to the MPD instance"; };
607 port = mkOption { type = str; description = "Port to connect to the MPD instance"; };
612 description = "FTP configuration";
615 ldap = mkLdapOptions "FTP" {
616 proftpd_filter = mkOption { type = str; description = "Filter for proftpd listing in LDAP"; };
617 pure-ftpd_filter = mkOption { type = str; description = "Filter for pure-ftpd listing in LDAP"; };
623 description = "VPN configuration";
624 type = attrsOf (submodule {
626 prefix = mkOption { type = str; description = "ipv6 prefix for the vpn subnet"; };
627 privateKey = mkOption { type = str; description = "Private key for the host"; };
628 publicKey = mkOption { type = str; description = "Public key for the host"; };
633 description = "Mail configuration";
637 description = "DMARC configuration";
640 ignore_hosts = mkOption {
643 Hosts to ignore when checking for dmarc
650 description = "DKIM configuration";
651 type = attrsOf (submodule {
657 "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3w1a2aMxWw9+hdcmbqX4UevcVqr204y0K73Wdc7MPZiOOlUJQYsMNSYR1Y/SC7jmPKeitpcJCpQgn/cveJZbuikjjPLsDReHyFEYmC278ZLRTELHx6f1IXM8WE08JIRT69CfZiMi1rVcOh9qRT4F93PyjCauU8Y5hJjtg9ThsWwIDAQAB" )
659 description = "Public entry to put in DNS TXT field";
661 private = mkOption { type = str; description = "Private key"; };
666 description = "Postfix configuration";
669 additional_mailbox_domains = mkOption {
671 List of domains that are used as mailbox final destination, in addition to those defined in the DNS records
675 mysql = mkMysqlOptions "Postfix" {
676 password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
678 backup_domains = mkOption {
680 Domains that are accepted for relay as backup domain
682 type = attrsOf (submodule {
684 domains = mkOption { type = listOf str; description = "Domains list"; };
685 relay_restrictions = mkOption {
688 Restrictions for relaying the e-mails from the domains
691 recipient_maps = mkOption {
693 Recipient map to accept relay for.
694 Must be specified for domain, the rules apply to everyone!
696 type = listOf (submodule {
699 type = enum [ "hash" ];
700 description = "Map type";
704 description = "Map content";
716 description = "Dovecot configuration";
719 ldap = mkLdapOptions "Dovecot" {
720 pass_attrs = mkOption { type = str; description = "Password attribute in LDAP"; };
721 user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
722 iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
723 iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
724 postfix_mailbox_filter = mkOption { type = str; description = "Postfix filter to get mailboxes"; };
730 description = "rspamd configuration";
733 redis = mkRedisOptions "Redis";
734 read_password_hashed = mkOption { type = str; description = "Hashed read password for rspamd"; };
735 write_password_hashed = mkOption { type = str; description = "Hashed write password for rspamd"; };
736 read_password = mkOption {
738 description = "Read password for rspamd. Unused";
741 write_password = mkOption {
743 description = "Write password for rspamd. Unused";
750 description = "Mail script recipients";
751 type = attrsOf (submodule {
753 external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
756 git source to fetch the script from.
757 It must have a default.nix file as its root accepting a scriptEnv parameter
761 url = mkOption { type = str; description = "git url to fetch"; };
762 rev = mkOption { type = str; description = "git reference to fetch"; };
767 description = "Variables to pass to the script";
774 description = "Sympa configuration";
777 listmasters = mkOption {
779 description = "Listmasters";
781 postgresql = mkPsqlOptions "Sympa";
782 data_sources = mkOption {
785 description = "Data sources to make available to sympa";
790 description = "Scenari to make available to sympa";
799 description = "Coturn configuration";
802 auth_access_key = mkOption { type = str; description = "key to access coturn"; };
806 buildbot = mkOption {
807 description = "Buildbot configuration";
811 description = "SSH key information";
814 public = mkOption { type = str; description = "Public part of the key"; };
815 private = mkOption { type = lines; description = "Private part of the key"; };
819 workerPassword = mkOption { description = "Buildbot worker password"; type = str; };
821 description = "Buildbot user";
825 description = "user uid";
829 description = "user gid";
836 description = "Ldap configuration for buildbot";
839 password = mkOption { type = str; description = "Buildbot password"; };
843 projects = mkOption {
844 description = "Projects to make a buildbot for";
845 type = attrsOf (submodule {
847 name = mkOption { type = str; description = "Project name"; };
848 packages = mkOption {
850 example = literalExample ''
851 pkgs: [ pkgs.bash pkgs.git pkgs.gzip pkgs.openssh ];
855 Builds packages list to make available to buildbot project.
856 Takes pkgs as argument.
859 pythonPackages = mkOption {
861 example = literalExample ''
862 p: pkgs: [ pkgs.python3Packages.pip ];
866 Builds python packages list to make available to buildbot project.
867 Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
870 pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
871 workerPort = mkOption { type = port; description = "Port for the worker"; };
873 #type = attrsOf (either str (functionTo str));
874 type = attrsOf unspecified;
875 description = "Secrets for the project to dump as files. Might be a function that takes pkgs as argument";
877 environment = mkOption {
878 #type = attrsOf (either str (functionTo str));
879 type = attrsOf unspecified;
881 Environment variables for the project. Might be a function that takes pkgs as argument.
882 BUILDBOT_ is prefixed to the variable names
885 activationScript = mkOption {
888 Activation script to run during deployment
891 builderPaths = mkOption {
892 type = attrsOf unspecified;
895 Attrs of functions to make accessible specifically per builder.
896 Takes pkgs as argument and should return a single path containing binaries.
897 This path will be accessible as BUILDBOT_PATH_<attrskey>
900 webhookTokens = mkOption {
901 type = nullOr (listOf str);
904 List of tokens allowed to push to project’s change_hook/base endpoint
914 description = "Tools configurations";
917 contact = mkOption { type = str; description = "Contact e-mail address"; };
920 type = attrsOf (submodule {
922 url = mkOption { type = str; description = "URL to fetch"; };
923 sha256 = mkOption { type = str; description = "Hash of the url"; };
926 description = "Assets to provide on assets.immae.eu";
929 description = "Davical configuration";
932 postgresql = mkPsqlOptions "Davical";
933 ldap = mkLdapOptions "Davical" {};
937 diaspora = mkOption {
938 description = "Diaspora configuration";
941 postgresql = mkPsqlOptions "Diaspora";
942 redis = mkRedisOptions "Diaspora";
943 ldap = mkLdapOptions "Diaspora" {};
944 secret_token = mkOption { type = str; description = "Secret token"; };
948 dmarc_reports = mkOption {
949 description = "DMARC reports configuration";
952 mysql = mkMysqlOptions "DMARC" {};
953 anonymous_key = mkOption { type = str; description = "Anonymous hashing key"; };
957 etherpad-lite = mkOption {
958 description = "Etherpad configuration";
961 postgresql = mkPsqlOptions "Etherpad";
962 ldap = mkLdapOptions "Etherpad" {
963 group_filter = mkOption { type = str; description = "Filter for groups"; };
965 adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
966 session_key = mkOption { type = str; description = "Session key"; };
967 api_key = mkOption { type = str; description = "API key"; };
968 redirects = mkOption { type = str; description = "Redirects for apache"; };
972 gitolite = mkOption {
973 description = "Gitolite configuration";
976 ldap = mkLdapOptions "Gitolite" {};
978 description = "SSH key information";
981 public = mkOption { type = str; description = "Public part of the key"; };
982 private = mkOption { type = lines; description = "Private part of the key"; };
989 kanboard = mkOption {
990 description = "Kanboard configuration";
993 postgresql = mkPsqlOptions "Kanboard";
994 ldap = mkLdapOptions "Kanboard" {
995 admin_dn = mkOption { type = str; description = "Admin DN"; };
1000 mantisbt = mkOption {
1001 description = "Mantisbt configuration";
1004 postgresql = mkPsqlOptions "Mantisbt";
1005 ldap = mkLdapOptions "Mantisbt" {};
1006 master_salt = mkOption { type = str; description = "Master salt for password hash"; };
1010 mastodon = mkOption {
1011 description = "Mastodon configuration";
1014 postgresql = mkPsqlOptions "Mastodon";
1015 redis = mkRedisOptions "Mastodon";
1016 ldap = mkLdapOptions "Mastodon" {};
1017 paperclip_secret = mkOption { type = str; description = "Paperclip secret"; };
1018 otp_secret = mkOption { type = str; description = "OTP secret"; };
1019 secret_key_base = mkOption { type = str; description = "Secret key base"; };
1021 description = "vapid key";
1024 private = mkOption { type = str; description = "Private key"; };
1025 public = mkOption { type = str; description = "Public key"; };
1032 mediagoblin = mkOption {
1033 description = "Mediagoblin configuration";
1036 postgresql = mkPsqlOptions "Mediagoblin";
1037 redis = mkRedisOptions "Mediagoblin";
1038 ldap = mkLdapOptions "Mediagoblin" {};
1042 nextcloud = mkOption {
1043 description = "Nextcloud configuration";
1046 postgresql = mkPsqlOptions "Peertube";
1047 redis = mkRedisOptions "Peertube";
1048 password_salt = mkOption { type = str; description = "Password salt"; };
1049 instance_id = mkOption { type = str; description = "Instance ID"; };
1050 secret = mkOption { type = str; description = "App secret"; };
1054 peertube = mkOption {
1055 description = "Peertube configuration";
1058 listenPort = mkOption { type = port; description = "Port to listen to"; };
1059 postgresql = mkPsqlOptions "Peertube";
1060 redis = mkRedisOptions "Peertube";
1061 ldap = mkLdapOptions "Peertube" {};
1065 syden_peertube = mkOption {
1066 description = "Peertube Syden configuration";
1069 listenPort = mkOption { type = port; description = "Port to listen to"; };
1070 postgresql = mkPsqlOptions "Peertube";
1071 redis = mkRedisOptions "Peertube";
1075 phpldapadmin = mkOption {
1076 description = "phpLdapAdmin configuration";
1079 ldap = mkLdapOptions "phpldapadmin" {};
1084 description = "Rompr configuration";
1088 description = "MPD configuration";
1091 host = mkOption { type = str; description = "Host for MPD"; };
1092 port = mkOption { type = port; description = "Port to access MPD host"; };
1099 roundcubemail = mkOption {
1100 description = "Roundcubemail configuration";
1103 postgresql = mkPsqlOptions "TT-RSS";
1104 secret = mkOption { type = str; description = "Secret"; };
1108 shaarli = mkOption {
1109 description = "Shaarli configuration";
1112 ldap = mkLdapOptions "Shaarli" {};
1116 status_engine = mkOption {
1117 description = "Status Engine configuration";
1120 mysql = mkMysqlOptions "StatusEngine" {};
1121 ldap = mkLdapOptions "StatusEngine" {};
1126 description = "Taskwarrior configuration";
1129 ldap = mkLdapOptions "Taskwarrior" {};
1130 taskwarrior-web = mkOption {
1131 description = "taskwarrior-web profiles";
1132 type = attrsOf (submodule {
1136 description = "List of ldap uids having access to this profile";
1138 org = mkOption { type = str; description = "Taskd organisation"; };
1139 key = mkOption { type = str; description = "Taskd key"; };
1140 date = mkOption { type = str; description = "Preferred date format"; };
1148 description = "TT-RSS configuration";
1151 postgresql = mkPsqlOptions "TT-RSS";
1152 ldap = mkLdapOptions "TT-RSS" {};
1156 wallabag = mkOption {
1157 description = "Wallabag configuration";
1160 postgresql = mkPsqlOptions "Wallabag";
1161 ldap = mkLdapOptions "Wallabag" {
1162 admin_filter = mkOption { type = str; description = "Admin users filter"; };
1164 redis = mkRedisOptions "Wallabag";
1165 secret = mkOption { type = str; description = "App secret"; };
1169 webhooks = mkOption {
1171 description = "Mapping 'name'.php => script for webhooks";
1173 csp_reports = mkOption {
1174 description = "CSP report configuration";
1177 report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
1178 policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
1179 postgresql = mkPsqlOptions "CSP reports";
1183 commento = mkOption {
1184 description = "Commento configuration";
1187 listenPort = mkOption { type = port; description = "Port to listen to"; };
1188 postgresql = mkPsqlOptions "Commento";
1189 smtp = mkSmtpOptions "Commento";
1193 cryptpad = mkOption {
1194 description = "Cryptpad configuration";
1195 type = attrsOf (submodule {
1197 email = mkOption { type = str; description = "Admin e-mail"; };
1198 admins = mkOption { type = listOf str; description = "Instance admin public keys"; };
1199 port = mkOption { type = port; description = "Port to listen to"; };
1204 description = "Ympd configuration";
1207 listenPort = mkOption { type = port; description = "Port to listen to"; };
1209 description = "MPD configuration";
1212 password = mkOption { type = str; description = "Password to access MPD host"; };
1213 host = mkOption { type = str; description = "Host for MPD"; };
1214 port = mkOption { type = port; description = "Port to access MPD host"; };
1222 description = "Umami configuration";
1225 listenPort = mkOption { type = port; description = "Port to listen to"; };
1226 postgresql = mkPsqlOptions "Umami";
1227 hashSalt = mkOption { type = str; description = "Hash salt"; };
1232 description = "Yourls configuration";
1235 mysql = mkMysqlOptions "Yourls" {};
1236 ldap = mkLdapOptions "Yourls" {};
1237 cookieKey = mkOption { type = str; description = "Cookie key"; };
1244 serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; };
1245 websites = mkOption {
1246 description = "Websites configurations";
1249 christophe_carpentier = mkOption {
1250 description = "Christophe Carpentier configuration by environment";
1253 agorakit = mkOption {
1254 description = "Agorakit configuration";
1257 mysql = mkMysqlOptions "Agorakit" {};
1258 smtp = mkSmtpOptions "Agorakit";
1259 appkey = mkOption { type = str; description = "App key"; };
1267 description = "Immae configuration by environment";
1271 description = "Temp configuration";
1274 ldap = mkLdapOptions "Immae temp" {
1275 filter = mkOption { type = str; description = "Filter for user access"; };
1283 isabelle = mkOption {
1284 description = "Isabelle configurations by environment";
1287 atenSubmodule = mkOption {
1288 description = "environment configuration";
1291 environment = mkOption { type = str; description = "Symfony environment"; };
1292 secret = mkOption { type = str; description = "Symfony App secret"; };
1293 postgresql = mkPsqlOptions "Aten";
1300 aten_production = atenSubmodule;
1301 aten_integration = atenSubmodule;
1302 iridologie = mkOption {
1303 description = "environment configuration";
1306 environment = mkOption { type = str; description = "SPIP environment"; };
1307 mysql = mkMysqlOptions "Iridologie" {};
1308 ldap = mkLdapOptions "Iridologie" {};
1316 description = "Chloe configurations by environment";
1319 chloeSubmodule = mkOption {
1320 description = "environment configuration";
1323 environment = mkOption { type = str; description = "SPIP environment"; };
1324 mysql = mkMysqlOptions "Chloe" {};
1325 ldap = mkLdapOptions "Chloe" {};
1332 production = chloeSubmodule;
1333 integration = chloeSubmodule;
1335 description = "environment configuration";
1338 mysql = mkMysqlOptions "ChloeNew" {};
1339 ldap = mkLdapOptions "ChloeNew" {};
1340 secret = mkOption { type = str; description = "Symfony App secret"; };
1347 connexionswing = mkOption {
1348 description = "Connexionswing configurations by environment";
1351 csSubmodule = mkOption {
1352 description = "environment configuration";
1355 environment = mkOption { type = str; description = "Symfony environment"; };
1356 mysql = mkMysqlOptions "Connexionswing" {};
1357 secret = mkOption { type = str; description = "Symfony App secret"; };
1358 email = mkOption { type = str; description = "Symfony email notification"; };
1365 production = csSubmodule;
1366 integration = csSubmodule;
1371 description = "Naturaloutil configuration";
1374 mysql = mkMysqlOptions "Naturaloutil" {};
1375 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1379 telio_tortay = mkOption {
1380 description = "Telio Tortay configuration";
1383 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1387 ludivine = mkOption {
1388 description = "Ludivinecassal configurations by environment";
1391 lcSubmodule = mkOption {
1392 description = "environment configuration";
1395 environment = mkOption { type = str; description = "Symfony environment"; };
1396 mysql = mkMysqlOptions "LudivineCassal" {};
1397 ldap = mkLdapOptions "LudivineCassal" {};
1398 secret = mkOption { type = str; description = "Symfony App secret"; };
1405 production = lcSubmodule;
1406 integration = lcSubmodule;
1410 nicecoop = mkOption {
1411 description = "Nicecoop configuration";
1415 port = mkOption { description = "Port to listen to"; type = port; };
1416 longpoll_port = mkOption { description = "Port to listen to"; type = port; };
1417 postgresql = mkPsqlOptions "Odoo";
1418 admin_password = mkOption { type = str; description = "Admin password"; };
1421 smtp = mkSmtpOptions "GestionCompte";
1422 mysql = mkMysqlOptions "gestion-compte" {};
1423 secret = mkOption { type = str; description = "Application secret"; };
1424 adminpassword = mkOption { type = str; description = "Admin password"; };
1426 gestion-compte-integration = {
1427 smtp = mkSmtpOptions "GestionCompte";
1428 mysql = mkMysqlOptions "gestion-compte" {};
1429 secret = mkOption { type = str; description = "Application secret"; };
1430 adminpassword = mkOption { type = str; description = "Admin password"; };
1433 smtp = mkSmtpOptions "Copanier";
1434 staff = mkOption { type = listOf str; description = "List of staff members"; };
1440 description = "Emilia configuration";
1443 postgresql = mkPsqlOptions "Emilia";
1447 florian = mkOption {
1448 description = "Florian configuration";
1451 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1455 nassime = mkOption {
1456 description = "Nassime configuration";
1459 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1463 piedsjaloux = mkOption {
1464 description = "Piedsjaloux configurations by environment";
1467 pjSubmodule = mkOption {
1468 description = "environment configuration";
1471 environment = mkOption { type = str; description = "Symfony environment"; };
1472 mysql = mkMysqlOptions "Piedsjaloux" {};
1473 secret = mkOption { type = str; description = "Symfony App secret"; };
1480 production = pjSubmodule;
1481 integration = pjSubmodule;
1486 description = "Europe Richie configurations by environment";
1489 mysql = mkMysqlOptions "Richie" {};
1490 smtp_mailer = mkOption {
1491 description = "SMTP mailer configuration";
1494 user = mkOption { type = str; description = "Username"; };
1495 password = mkOption { type = str; description = "Password"; };
1502 caldance = mkOption {
1503 description = "Caldance configurations by environment";
1506 integration = mkOption {
1507 description = "environment configuration";
1510 password = mkOption { type = str; description = "Password file content for basic auth"; };
1517 tellesflorian = mkOption {
1518 description = "Tellesflorian configurations by environment";
1521 tfSubmodule = mkOption {
1522 description = "environment configuration";
1525 environment = mkOption { type = str; description = "Symfony environment"; };
1526 mysql = mkMysqlOptions "Tellesflorian" {};
1527 secret = mkOption { type = str; description = "Symfony App secret"; };
1528 invite_passwords = mkOption { type = str; description = "Password basic auth"; };
1535 integration = tfSubmodule;
1543 options.hostEnv = mkOption {
1546 default = config.myEnv.servers."${name}";
1547 description = "Host environment";