1 { env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
3 varDir = "/var/lib/diaspora_immae";
4 socketsDir = "/run/diaspora";
5 diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
7 patch -p1 < ${./ldap.patch}
8 # FIXME: bundlerEnv below doesn't take postgresql group for some
10 echo 'gem "pg", "1.1.3"' >> Gemfile
17 name = "diaspora-env";
18 # https://git.immae.eu/mantisbt/view.php?id=131
19 ruby = ruby_2_4.overrideAttrs(old: {
20 postInstall = builtins.replaceStrings [" --destdir $GEM_HOME"] [""] old.postInstall;
22 gemfile = "${diaspora}/Gemfile";
23 lockfile = "${diaspora}/Gemfile.lock";
24 gemset = ./gemset.nix;
25 groups = [ "postgresql" "default" "production" ];
26 gemConfig = defaultGemConfig // {
27 kostya-sigar = attrs: {
28 buildInputs = [ pkgs.perl ];
32 keys.tools-diaspora-secret_token = {
33 destDir = "/run/keys/webapps";
38 Diaspora::Application.config.secret_key_base = '${env.secret_token}'
41 keys.tools-diaspora-config = {
42 destDir = "/run/keys/webapps";
49 url: "https://diaspora.immae.eu/"
50 certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt'
51 redis: '${env.redis_url}'
59 listen: '${socketsDir}/diaspora.sock'
60 rails_environment: 'production'
72 enable_registrations: false
91 sender_address: 'diaspora@tools.immae.eu'
95 location: '/run/wrappers/bin/sendmail'
98 podmin_email: 'diaspora@tools.immae.eu'
108 skip_email_confirmation: true
110 bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
111 bind_pw: "${env.ldap.password}"
112 search_base: "dc=immae,dc=eu"
113 search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
120 keys.tools-diaspora-database_config = {
121 destDir = "/run/keys/webapps";
124 permissions = "0400";
126 postgresql: &postgresql
128 host: "${env.postgresql.socket}"
129 port: "${env.postgresql.port}"
130 username: "${env.postgresql.user}"
131 password: "${env.postgresql.password}"
139 database: diaspora_development
142 database: ${env.postgresql.database}
145 database: "diaspora_test"
148 database: diaspora_integration1
151 database: diaspora_integration2
154 railsRoot = stdenv.mkDerivation {
155 name = "diaspora_immae";
157 # FIXME: build machine will contain some passwords in the nix store
158 builder = writeText "build_diaspora_immae" ''
163 tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
164 ln -s ${writeText "database.yml" keys.tools-diaspora-database_config.text} config/database.yml
165 ln -s ${writeText "diaspora.yml" keys.tools-diaspora-config.text} config/diaspora.yml
166 ln -s ${writeText "secret_token.rb" keys.tools-diaspora-secret_token.text} config/initializers/secret_token.rb
167 ln -sf ${varDir}/schedule.yml config/schedule.yml
168 ln -sf ${varDir}/oidc_key.pem config/oidc_key.pem
169 ln -sf ${varDir}/uploads public/uploads
170 RAILS_ENV=production ${gems}/bin/rake assets:precompile
171 ln -sf /run/keys/webapps/tools-diaspora-database_config config/database.yml
172 ln -sf /run/keys/webapps/tools-diaspora-config config/diaspora.yml
173 ln -sf /run/keys/webapps/tools-diaspora-secret_token config/initializers/secret_token.rb
175 ln -sf ${varDir}/tmp tmp
176 ln -sf ${varDir}/log log
178 propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ];
182 inherit railsRoot varDir socketsDir gems keys;
183 railsSocket = "${socketsDir}/diaspora.sock";