1 { lib, pkgs, config, ... }:
3 cfg = config.myServices.websites.immae.temp;
4 varDir = "/var/lib/immae_temp";
5 env = config.myEnv.websites.immae.temp;
7 options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website";
9 config = lib.mkIf cfg.enable {
10 services.duplyBackup.profiles.immae_temp.rootDir = varDir;
11 services.duplyBackup.profiles.immae_temp_surfer.rootDir = "/var/lib/surfer";
12 services.websites.env.production.vhostConfs.immae_temp = {
15 hosts = [ "temp.immae.eu" ];
21 ProxyPass / unix:///run/surfer/listen.sock|http://temp.immae.eu/
22 ProxyPassReverse / unix:///run/surfer/listen.sock|http://temp.immae.eu/
24 Options FollowSymLinks MultiViews
33 dest = "webapps/surfer";
38 CLOUDRON_LDAP_URL=ldaps://${env.ldap.host}
39 CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
40 TOKENSTORE_FILE=/var/lib/surfer/tokens.json
41 CLOUDRON_LDAP_BIND_DN=${env.ldap.dn}
42 CLOUDRON_LDAP_BIND_PASSWORD=${env.ldap.password}
43 CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
44 CLOUDRON_LDAP_FILTER="${env.ldap.filter}"
45 LISTEN=/run/surfer/listen.sock
50 systemd.services.surfer = {
51 description = "Surfer";
52 wantedBy = [ "multi-user.target" ];
53 after = [ "network.target" ];
56 exec ${pkgs.webapps.surfer}/bin/surfer-server ${varDir}
59 EnvironmentFile = config.secrets.fullPaths."webapps/surfer";
62 StateDirectory = "surfer";
63 RuntimeDirectory = "surfer";