1 { config, lib, name, ... }:
7 base = mkOption { description = "Base of the LDAP tree"; type = str; };
8 host = mkOption { description = "Host to access LDAP"; type = str; };
9 root_dn = mkOption { description = "DN of the root user"; type = str; };
10 root_pw = mkOption { description = "Hashed password of the root user"; type = str; };
11 replication_dn = mkOption { description = "DN of the user allowed to replicate the LDAP directory"; type = str; };
12 replication_pw = mkOption { description = "Password of the user allowed to replicate the LDAP directory"; type = str; };
14 mkLdapOptions = name: more: mkOption {
15 description = "${name} LDAP configuration";
17 options = ldapOptions // {
18 dn = mkOption { description = "DN of the ${name} user"; type = str; };
19 password = mkOption { description = "password of the ${name} user"; type = str; };
20 filter = mkOption { description = "Filter for ${name} users"; type = str; default = ""; };
25 host = mkOption { description = "Host to access Mysql"; type = str; };
26 remoteHost = mkOption { description = "Host to access Mysql from outside"; type = str; };
27 port = mkOption { description = "Port to access Mysql"; type = str; };
28 socket = mkOption { description = "Socket to access Mysql"; type = path; };
29 systemUsers = mkOption {
30 description = "Attrs of user-passwords allowed to access mysql";
34 description = "PAM configuration for mysql";
37 dn = mkOption { description = "DN to connect as to check users"; type = str; };
38 password = mkOption { description = "DN password to connect as to check users"; type = str; };
39 filter = mkOption { description = "filter to match users"; type = str; };
44 mkMysqlOptions = name: more: mkOption {
45 description = "${name} mysql configuration";
47 options = mysqlOptions // {
48 database = mkOption { description = "${name} database"; type = str; };
49 user = mkOption { description = "${name} user"; type = str; };
50 password = mkOption { description = "mysql password of the ${name} user"; type = str; };
55 host = mkOption { description = "Host to access Postgresql"; type = str; };
56 port = mkOption { description = "Port to access Postgresql"; type = str; };
57 socket = mkOption { description = "Socket to access Postgresql"; type = path; };
59 description = "PAM configuration for psql";
62 dn = mkOption { description = "DN to connect as to check users"; type = str; };
63 password = mkOption { description = "DN password to connect as to check users"; type = str; };
64 filter = mkOption { description = "filter to match users"; type = str; };
69 mkPsqlOptions = name: mkOption {
70 description = "${name} psql configuration";
72 options = psqlOptions // {
73 database = mkOption { description = "${name} database"; type = str; };
74 schema = mkOption { description = "${name} schema"; type = nullOr str; default = null; };
75 user = mkOption { description = "${name} user"; type = str; };
76 password = mkOption { description = "psql password of the ${name} user"; type = str; };
81 host = mkOption { description = "Host to access Redis"; type = str; };
82 port = mkOption { description = "Port to access Redis"; type = str; };
83 socket = mkOption { description = "Socket to access Redis"; type = path; };
85 description = "Attrs of db number. Each number should be unique to avoid collision!";
88 spiped_key = mkOption {
91 Key to use with spiped to make a secure channel to replication
95 description = "Predixy configuration. Unused yet";
98 read = mkOption { type = str; description = "Read password"; };
103 mkRedisOptions = name: mkOption {
104 description = "${name} redis configuration";
106 options = redisOptions // {
107 db = mkOption { description = "${name} database"; type = str; };
112 host = mkOption { description = "Host to access SMTP"; type = str; };
113 port = mkOption { description = "Port to access SMTP"; type = str; };
115 mkSmtpOptions = name: mkOption {
116 description = "${name} smtp configuration";
118 options = smtpOptions // {
119 email = mkOption { description = "${name} email"; type = str; };
120 password = mkOption { description = "SMTP password of the ${name} user"; type = str; };
124 hostEnv = submodule {
127 description = "Host FQDN";
134 Sublist of users from realUsers. Function that takes pkgs as
135 argument and gives an array as a result
140 description = "List of e-mails that the server can be a sender of";
145 LDAP credentials for the host
149 password = mkOption { type = str; description = "Password for the LDAP connection"; };
150 dn = mkOption { type = str; description = "DN for the LDAP connection"; };
155 description = "subdomain and priority for MX server";
156 default = { enable = false; };
159 enable = mkEnableOption "Enable MX";
160 subdomain = mkOption { type = nullOr str; description = "Subdomain name (mx-*)"; };
161 priority = mkOption { type = nullOr str; description = "Priority"; };
167 attrs of ip4/ip6 grouped by section
169 type = attrsOf (submodule {
174 ip4 address of the host
181 ip6 addresses of the host
194 Attrs of servers information in the cluster (not necessarily handled by nixops)
197 type = attrsOf hostEnv;
199 hetznerCloud = mkOption {
201 Hetzner Cloud credential information
205 authToken = mkOption {
216 Hetzner credential information
220 user = mkOption { type = str; description = "User"; };
221 pass = mkOption { type = str; description = "Password"; };
227 sshd service credential information
233 LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
237 password = mkOption { description = "Password"; type = str; };
246 non-standard reserved ports. Must be unique!
251 noDupl = x: builtins.length (builtins.attrValues x) == builtins.length (unique (builtins.attrValues x));
253 x: if isAttrs x && noDupl x then x else throw "Non unique values for ports";
257 httpd service credential information
263 LDAP credentials for cn=httpd,ou=services,dc=immae,dc=eu dn
267 password = mkOption { description = "Password"; type = str; };
275 type = submodule { options = smtpOptions; };
276 description = "SMTP configuration";
280 LDAP server configuration
283 options = ldapOptions;
286 databases = mkOption {
287 description = "Databases configuration";
291 type = submodule { options = mysqlOptions; };
292 description = "Mysql configuration";
295 type = submodule { options = redisOptions; };
296 description = "Redis configuration";
298 postgresql = mkOption {
299 type = submodule { options = psqlOptions; };
300 description = "Postgresql configuration";
306 description = "Jabber configuration";
309 postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
310 ldap = mkLdapOptions "Jabber" {};
311 postgresql = mkPsqlOptions "Jabber";
315 realUsers = mkOption {
317 Attrset of function taking pkgs as argument.
318 Real users settings, should provide a subattr of users.users.<name>
319 with at least: name, (hashed)Password, shell
321 type = attrsOf unspecified;
324 description = "System and regular users uid/gid";
325 type = attrsOf (submodule {
328 description = "user uid";
332 description = "user gid";
339 description = "DNS configuration";
343 description = "SOA information";
347 description = "Serial number. Should be incremented at each change and unique";
351 description = "Refresh time";
355 description = "Retry time";
359 description = "Expire time";
363 description = "Default TTL time";
367 description = "hostmaster e-mail";
371 description = "Primary NS";
378 description = "Attrs of NS servers group";
381 "ns1.foo.com" = [ "198.51.100.10" "2001:db8:abcd::1" ];
382 "ns2.foo.com" = [ "198.51.100.15" "2001:db8:1234::1" ];
385 type = attrsOf (attrsOf (listOf str));
387 slaveZones = mkOption {
388 description = "List of slave zones";
389 type = listOf (submodule {
391 name = mkOption { type = str; description = "zone name"; };
393 description = "NS master groups of this zone";
399 masterZones = mkOption {
400 description = "List of master zones";
401 type = listOf (submodule {
403 name = mkOption { type = str; description = "zone name"; };
405 description = "NS slave groups of this zone";
409 description = "groups names that should have their NS entries listed here";
413 description = "Extra zone configuration for bind";
419 entries = mkOption { type = lines; description = "Regular entries of the NS zone"; };
420 withEmail = mkOption {
421 description = "List of domains that should have mail entries (MX, dkim, SPF, ...)";
423 type = listOf (submodule {
425 domain = mkOption { type = str; description = "Which subdomain is concerned"; };
426 send = mkOption { type = bool; description = "Whether there can be e-mails originating from the subdomain"; };
427 receive = mkOption { type = bool; description = "Whether there can be e-mails arriving to the subdomain"; };
439 Remote backup with duplicity
443 password = mkOption { type = str; description = "Password for encrypting files"; };
445 type = attrsOf (submodule {
449 example = literalExample ''
450 bucket: "s3://some_host/${bucket}";
454 Takes a bucket name as argument and returns a url
457 accessKeyId = mkOption { type = str; description = "Remote access-key"; };
458 secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
465 zrepl_backup = mkOption {
469 description = "SSH key information";
472 public = mkOption { type = str; description = "Public part of the key"; };
473 private = mkOption { type = lines; description = "Private part of the key"; };
477 mysql = mkMysqlOptions "Zrepl" {};
481 rsync_backup = mkOption {
483 Rsync backup configuration from controlled host
488 description = "SSH key information";
491 public = mkOption { type = str; description = "Public part of the key"; };
492 private = mkOption { type = lines; description = "Private part of the key"; };
496 profiles = mkOption {
497 description = "Attrs of profiles to backup";
498 type = attrsOf (submodule {
500 keep = mkOption { type = int; description = "Number of backups to keep"; };
501 check_command = mkOption { type = str; description = "command to check if backup needs to be done"; default = "backup"; };
502 login = mkOption { type = str; description = "Login to connect to host"; };
503 port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
504 host = mkOption { type = str; description = "Host to connect to"; };
505 host_key = mkOption { type = str; description = "Host key"; };
506 host_key_type = mkOption { type = str; description = "Host key type"; };
508 description = "Parts to backup for this host";
509 type = attrsOf (submodule {
511 remote_folder = mkOption { type = path; description = "Remote folder to backup";};
512 exclude_from = mkOption {
515 description = "List of folders/files to exclude from the backup";
517 files_from = mkOption {
520 description = "List of folders/files to backup in the base folder";
525 description = "Extra arguments to pass to rsync";
536 monitoring = mkOption {
537 description = "Monitoring configuration";
540 status_url = mkOption { type = str; description = "URL to push status to"; };
541 status_token = mkOption { type = str; description = "Token for the status url"; };
542 http_user_password = mkOption { type = str; description = "HTTP credentials to check services behind wall"; };
543 email = mkOption { type = str; description = "Admin E-mail"; };
544 ssh_public_key = mkOption { type = str; description = "SSH public key"; };
545 ssh_secret_key = mkOption { type = str; description = "SSH secret key"; };
546 imap_login = mkOption { type = str; description = "IMAP login"; };
547 imap_password = mkOption { type = str; description = "IMAP password"; };
548 eriomem_keys = mkOption { type = listOf (listOf str); description = "Eriomem keys"; default = []; };
550 description = "OVH credentials for sms script";
553 endpoint = mkOption { type = str; default = "ovh-eu"; description = "OVH endpoint"; };
554 application_key = mkOption { type = str; description = "Application key"; };
555 application_secret = mkOption { type = str; description = "Application secret"; };
556 consumer_key = mkOption { type = str; description = "Consumer key"; };
557 account = mkOption { type = str; description = "Account"; };
561 nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
562 slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
563 slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
564 netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; };
565 netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; };
566 contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
567 email_check = mkOption {
568 description = "Emails services to check";
569 type = attrsOf (submodule {
571 local = mkOption { type = bool; default = false; description = "Use local configuration"; };
572 port = mkOption { type = nullOr str; default = null; description = "Port to connect to ssh"; };
573 login = mkOption { type = nullOr str; default = null; description = "Login to connect to ssh"; };
574 targets = mkOption { type = listOf str; description = "Hosts to send E-mails to"; };
575 mail_address = mkOption { type = nullOr str; default = null; description = "E-mail recipient part to send e-mail to"; };
576 mail_domain = mkOption { type = nullOr str; default = null; description = "E-mail domain part to send e-mail to"; };
584 description = "MPD configuration";
587 folder = mkOption { type = str; description = "Folder to serve from the MPD instance"; };
588 password = mkOption { type = str; description = "Password to connect to the MPD instance"; };
589 host = mkOption { type = str; description = "Host to connect to the MPD instance"; };
590 port = mkOption { type = str; description = "Port to connect to the MPD instance"; };
595 description = "FTP configuration";
598 ldap = mkLdapOptions "FTP" {};
603 description = "VPN configuration";
604 type = attrsOf (submodule {
606 prefix = mkOption { type = str; description = "ipv6 prefix for the vpn subnet"; };
607 privateKey = mkOption { type = str; description = "Private key for the host"; };
608 publicKey = mkOption { type = str; description = "Public key for the host"; };
613 description = "Mail configuration";
617 description = "DMARC configuration";
620 ignore_hosts = mkOption {
623 Hosts to ignore when checking for dmarc
630 description = "DKIM configuration";
631 type = attrsOf (submodule {
637 "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3w1a2aMxWw9+hdcmbqX4UevcVqr204y0K73Wdc7MPZiOOlUJQYsMNSYR1Y/SC7jmPKeitpcJCpQgn/cveJZbuikjjPLsDReHyFEYmC278ZLRTELHx6f1IXM8WE08JIRT69CfZiMi1rVcOh9qRT4F93PyjCauU8Y5hJjtg9ThsWwIDAQAB" )
639 description = "Public entry to put in DNS TXT field";
641 private = mkOption { type = str; description = "Private key"; };
646 description = "Postfix configuration";
649 additional_mailbox_domains = mkOption {
651 List of domains that are used as mailbox final destination, in addition to those defined in the DNS records
655 mysql = mkMysqlOptions "Postfix" {
656 password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
658 backup_domains = mkOption {
660 Domains that are accepted for relay as backup domain
662 type = attrsOf (submodule {
664 domains = mkOption { type = listOf str; description = "Domains list"; };
665 relay_restrictions = mkOption {
668 Restrictions for relaying the e-mails from the domains
671 recipient_maps = mkOption {
673 Recipient map to accept relay for.
674 Must be specified for domain, the rules apply to everyone!
676 type = listOf (submodule {
679 type = enum [ "hash" ];
680 description = "Map type";
684 description = "Map content";
696 description = "Dovecot configuration";
699 ldap = mkLdapOptions "Dovecot" {
700 pass_attrs = mkOption { type = str; description = "Password attribute in LDAP"; };
701 user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
702 iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
703 iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
704 postfix_mailbox_filter = mkOption { type = str; description = "Postfix filter to get mailboxes"; };
710 description = "rspamd configuration";
713 redis = mkRedisOptions "Redis";
714 read_password_hashed = mkOption { type = str; description = "Hashed read password for rspamd"; };
715 write_password_hashed = mkOption { type = str; description = "Hashed write password for rspamd"; };
716 read_password = mkOption {
718 description = "Read password for rspamd. Unused";
721 write_password = mkOption {
723 description = "Write password for rspamd. Unused";
730 description = "Mail script recipients";
731 type = attrsOf (submodule {
733 external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
736 git source to fetch the script from.
737 It must have a default.nix file as its root accepting a scriptEnv parameter
741 url = mkOption { type = str; description = "git url to fetch"; };
742 rev = mkOption { type = str; description = "git reference to fetch"; };
747 description = "Variables to pass to the script";
754 description = "Sympa configuration";
757 listmasters = mkOption {
759 description = "Listmasters";
761 postgresql = mkPsqlOptions "Sympa";
762 data_sources = mkOption {
765 description = "Data sources to make available to sympa";
770 description = "Scenari to make available to sympa";
778 buildbot = mkOption {
779 description = "Buildbot configuration";
783 description = "Buildbot user";
787 description = "user uid";
791 description = "user gid";
798 description = "Ldap configuration for buildbot";
801 password = mkOption { type = str; description = "Buildbot password"; };
805 projects = mkOption {
806 description = "Projects to make a buildbot for";
807 type = attrsOf (submodule {
809 name = mkOption { type = str; description = "Project name"; };
810 packages = mkOption {
812 example = literalExample ''
813 pkgs: [ pkgs.bash pkgs.git pkgs.gzip pkgs.openssh ];
817 Builds packages list to make available to buildbot project.
818 Takes pkgs as argument.
821 pythonPackages = mkOption {
823 example = literalExample ''
824 p: pkgs: [ pkgs.python3Packages.pip ];
828 Builds python packages list to make available to buildbot project.
829 Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
832 pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
835 description = "Secrets for the project to dump as files";
837 environment = mkOption {
840 Environment variables for the project.
841 BUILDBOT_ is prefixed to the variable names
844 activationScript = mkOption {
847 Activation script to run during deployment
850 builderPaths = mkOption {
851 type = attrsOf unspecified;
854 Attrs of functions to make accessible specifically per builder.
855 Takes pkgs as argument and should return a single path containing binaries.
856 This path will be accessible as BUILDBOT_PATH_<attrskey>
859 webhookTokens = mkOption {
860 type = nullOr (listOf str);
863 List of tokens allowed to push to project’s change_hook/base endpoint
873 description = "Tools configurations";
876 contact = mkOption { type = str; description = "Contact e-mail address"; };
879 type = attrsOf (submodule {
881 url = mkOption { type = str; description = "URL to fetch"; };
882 sha256 = mkOption { type = str; description = "Hash of the url"; };
885 description = "Assets to provide on assets.immae.eu";
888 description = "Davical configuration";
891 postgresql = mkPsqlOptions "Davical";
892 ldap = mkLdapOptions "Davical" {};
896 diaspora = mkOption {
897 description = "Diaspora configuration";
900 postgresql = mkPsqlOptions "Diaspora";
901 redis = mkRedisOptions "Diaspora";
902 ldap = mkLdapOptions "Diaspora" {};
903 secret_token = mkOption { type = str; description = "Secret token"; };
907 dmarc_reports = mkOption {
908 description = "DMARC reports configuration";
911 mysql = mkMysqlOptions "DMARC" {};
912 anonymous_key = mkOption { type = str; description = "Anonymous hashing key"; };
916 etherpad-lite = mkOption {
917 description = "Etherpad configuration";
920 postgresql = mkPsqlOptions "Etherpad";
921 ldap = mkLdapOptions "Etherpad" {
922 group_filter = mkOption { type = str; description = "Filter for groups"; };
924 adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
925 session_key = mkOption { type = str; description = "Session key"; };
926 api_key = mkOption { type = str; description = "API key"; };
927 redirects = mkOption { type = str; description = "Redirects for apache"; };
931 gitolite = mkOption {
932 description = "Gitolite configuration";
935 ldap = mkLdapOptions "Gitolite" {};
939 kanboard = mkOption {
940 description = "Kanboard configuration";
943 postgresql = mkPsqlOptions "Kanboard";
944 ldap = mkLdapOptions "Kanboard" {
945 admin_dn = mkOption { type = str; description = "Admin DN"; };
950 mantisbt = mkOption {
951 description = "Mantisbt configuration";
954 postgresql = mkPsqlOptions "Mantisbt";
955 ldap = mkLdapOptions "Mantisbt" {};
956 master_salt = mkOption { type = str; description = "Master salt for password hash"; };
960 mastodon = mkOption {
961 description = "Mastodon configuration";
964 postgresql = mkPsqlOptions "Mastodon";
965 redis = mkRedisOptions "Mastodon";
966 ldap = mkLdapOptions "Mastodon" {};
967 paperclip_secret = mkOption { type = str; description = "Paperclip secret"; };
968 otp_secret = mkOption { type = str; description = "OTP secret"; };
969 secret_key_base = mkOption { type = str; description = "Secret key base"; };
971 description = "vapid key";
974 private = mkOption { type = str; description = "Private key"; };
975 public = mkOption { type = str; description = "Public key"; };
982 mediagoblin = mkOption {
983 description = "Mediagoblin configuration";
986 postgresql = mkPsqlOptions "Mediagoblin";
987 redis = mkRedisOptions "Mediagoblin";
988 ldap = mkLdapOptions "Mediagoblin" {};
992 nextcloud = mkOption {
993 description = "Nextcloud configuration";
996 postgresql = mkPsqlOptions "Peertube";
997 redis = mkRedisOptions "Peertube";
998 password_salt = mkOption { type = str; description = "Password salt"; };
999 instance_id = mkOption { type = str; description = "Instance ID"; };
1000 secret = mkOption { type = str; description = "App secret"; };
1004 peertube = mkOption {
1005 description = "Peertube configuration";
1008 listenPort = mkOption { type = port; description = "Port to listen to"; };
1009 postgresql = mkPsqlOptions "Peertube";
1010 redis = mkRedisOptions "Peertube";
1011 ldap = mkLdapOptions "Peertube" {};
1015 syden_peertube = mkOption {
1016 description = "Peertube Syden configuration";
1019 listenPort = mkOption { type = port; description = "Port to listen to"; };
1020 postgresql = mkPsqlOptions "Peertube";
1021 redis = mkRedisOptions "Peertube";
1025 phpldapadmin = mkOption {
1026 description = "phpLdapAdmin configuration";
1029 ldap = mkLdapOptions "phpldapadmin" {};
1034 description = "Rompr configuration";
1038 description = "MPD configuration";
1041 host = mkOption { type = str; description = "Host for MPD"; };
1042 port = mkOption { type = port; description = "Port to access MPD host"; };
1049 roundcubemail = mkOption {
1050 description = "Roundcubemail configuration";
1053 postgresql = mkPsqlOptions "TT-RSS";
1054 secret = mkOption { type = str; description = "Secret"; };
1058 shaarli = mkOption {
1059 description = "Shaarli configuration";
1062 ldap = mkLdapOptions "Shaarli" {};
1066 status_engine = mkOption {
1067 description = "Status Engine configuration";
1070 mysql = mkMysqlOptions "StatusEngine" {};
1071 ldap = mkLdapOptions "StatusEngine" {};
1076 description = "Taskwarrior configuration";
1079 ldap = mkLdapOptions "Taskwarrior" {};
1080 taskwarrior-web = mkOption {
1081 description = "taskwarrior-web profiles";
1082 type = attrsOf (submodule {
1086 description = "List of ldap uids having access to this profile";
1088 org = mkOption { type = str; description = "Taskd organisation"; };
1089 key = mkOption { type = str; description = "Taskd key"; };
1090 date = mkOption { type = str; description = "Preferred date format"; };
1098 description = "TT-RSS configuration";
1101 postgresql = mkPsqlOptions "TT-RSS";
1102 ldap = mkLdapOptions "TT-RSS" {};
1106 wallabag = mkOption {
1107 description = "Wallabag configuration";
1110 postgresql = mkPsqlOptions "Wallabag";
1111 ldap = mkLdapOptions "Wallabag" {
1112 admin_filter = mkOption { type = str; description = "Admin users filter"; };
1114 redis = mkRedisOptions "Wallabag";
1115 secret = mkOption { type = str; description = "App secret"; };
1119 webhooks = mkOption {
1121 description = "Mapping 'name'.php => script for webhooks";
1123 csp_reports = mkOption {
1124 description = "CSP report configuration";
1127 report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
1128 policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
1129 postgresql = mkPsqlOptions "CSP reports";
1133 commento = mkOption {
1134 description = "Commento configuration";
1137 listenPort = mkOption { type = port; description = "Port to listen to"; };
1138 postgresql = mkPsqlOptions "Commento";
1139 smtp = mkSmtpOptions "Commento";
1144 description = "Ympd configuration";
1147 listenPort = mkOption { type = port; description = "Port to listen to"; };
1149 description = "MPD configuration";
1152 password = mkOption { type = str; description = "Password to access MPD host"; };
1153 host = mkOption { type = str; description = "Host for MPD"; };
1154 port = mkOption { type = port; description = "Port to access MPD host"; };
1162 description = "Yourls configuration";
1165 mysql = mkMysqlOptions "Yourls" {};
1166 ldap = mkLdapOptions "Yourls" {};
1167 cookieKey = mkOption { type = str; description = "Cookie key"; };
1174 serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; };
1175 websites = mkOption {
1176 description = "Websites configurations";
1180 description = "Immae configuration by environment";
1184 description = "Temp configuration";
1187 ldap = mkLdapOptions "Immae temp" {
1188 filter = mkOption { type = str; description = "Filter for user access"; };
1196 isabelle = mkOption {
1197 description = "Isabelle configurations by environment";
1200 atenSubmodule = mkOption {
1201 description = "environment configuration";
1204 environment = mkOption { type = str; description = "Symfony environment"; };
1205 secret = mkOption { type = str; description = "Symfony App secret"; };
1206 postgresql = mkPsqlOptions "Aten";
1213 aten_production = atenSubmodule;
1214 aten_integration = atenSubmodule;
1215 iridologie = mkOption {
1216 description = "environment configuration";
1219 environment = mkOption { type = str; description = "SPIP environment"; };
1220 mysql = mkMysqlOptions "Iridologie" {};
1221 ldap = mkLdapOptions "Iridologie" {};
1229 description = "Chloe configurations by environment";
1232 chloeSubmodule = mkOption {
1233 description = "environment configuration";
1236 environment = mkOption { type = str; description = "SPIP environment"; };
1237 mysql = mkMysqlOptions "Chloe" {};
1238 ldap = mkLdapOptions "Chloe" {};
1245 production = chloeSubmodule;
1246 integration = chloeSubmodule;
1250 connexionswing = mkOption {
1251 description = "Connexionswing configurations by environment";
1254 csSubmodule = mkOption {
1255 description = "environment configuration";
1258 environment = mkOption { type = str; description = "Symfony environment"; };
1259 mysql = mkMysqlOptions "Connexionswing" {};
1260 secret = mkOption { type = str; description = "Symfony App secret"; };
1261 email = mkOption { type = str; description = "Symfony email notification"; };
1268 production = csSubmodule;
1269 integration = csSubmodule;
1274 description = "Naturaloutil configuration";
1277 mysql = mkMysqlOptions "Naturaloutil" {};
1278 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1282 telio_tortay = mkOption {
1283 description = "Telio Tortay configuration";
1286 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1290 ludivine = mkOption {
1291 description = "Ludivinecassal configurations by environment";
1294 lcSubmodule = mkOption {
1295 description = "environment configuration";
1298 environment = mkOption { type = str; description = "Symfony environment"; };
1299 mysql = mkMysqlOptions "LudivineCassal" {};
1300 ldap = mkLdapOptions "LudivineCassal" {};
1301 secret = mkOption { type = str; description = "Symfony App secret"; };
1308 production = lcSubmodule;
1309 integration = lcSubmodule;
1314 description = "Emilia configuration";
1317 postgresql = mkPsqlOptions "Emilia";
1321 florian = mkOption {
1322 description = "Florian configuration";
1325 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1329 nassime = mkOption {
1330 description = "Nassime configuration";
1333 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1337 piedsjaloux = mkOption {
1338 description = "Piedsjaloux configurations by environment";
1341 pjSubmodule = mkOption {
1342 description = "environment configuration";
1345 environment = mkOption { type = str; description = "Symfony environment"; };
1346 mysql = mkMysqlOptions "Piedsjaloux" {};
1347 secret = mkOption { type = str; description = "Symfony App secret"; };
1354 production = pjSubmodule;
1355 integration = pjSubmodule;
1360 description = "Europe Richie configurations by environment";
1363 mysql = mkMysqlOptions "Richie" {};
1364 smtp_mailer = mkOption {
1365 description = "SMTP mailer configuration";
1368 user = mkOption { type = str; description = "Username"; };
1369 password = mkOption { type = str; description = "Password"; };
1376 caldance = mkOption {
1377 description = "Caldance configurations by environment";
1380 integration = mkOption {
1381 description = "environment configuration";
1384 password = mkOption { type = str; description = "Password file content for basic auth"; };
1391 tellesflorian = mkOption {
1392 description = "Tellesflorian configurations by environment";
1395 tfSubmodule = mkOption {
1396 description = "environment configuration";
1399 environment = mkOption { type = str; description = "Symfony environment"; };
1400 mysql = mkMysqlOptions "Tellesflorian" {};
1401 secret = mkOption { type = str; description = "Symfony App secret"; };
1402 invite_passwords = mkOption { type = str; description = "Password basic auth"; };
1409 integration = tfSubmodule;
1417 privateFiles = mkOption {
1420 Path to secret files to make available during build
1424 options.hostEnv = mkOption {
1427 default = config.myEnv.servers."${name}";
1428 description = "Host environment";