1 { checkEnv, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
7 # FIXME: it fails if I don’t include all groups
8 #groups = [ "default" "postgresql" "production" "development" "test" ];
9 # Had to remove them from gemset.nix, and remove mysql2
10 # Also had to "ungroup" pg in Gemfile
11 gemConfig = defaultGemConfig // {
12 kostya-sigar = attrs: {
13 buildInputs = with pkgs; [ pkgs.perl ];
17 varDir = "/var/lib/diaspora_immae";
18 socketsDir = "/run/diaspora";
19 buildInputs = [ gems ] ++ (with pkgs; [
20 git redis imagemagick libxslt nodejs
21 jemalloc cacert ruby_2_4
22 openssl postgresql curl libnghttp2
25 diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
27 export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
28 export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
30 patch -p1 < ${./ldap.patch}
35 propagatedBuildInputs = buildInputs;
37 secret_token = assert checkEnv "NIXOPS_DIASPORA_SECRET_TOKEN";
38 writeText "secret_token.rb" ''
39 Diaspora::Application.config.secret_key_base = '${builtins.getEnv "NIXOPS_DIASPORA_SECRET_TOKEN"}'
42 assert checkEnv "NIXOPS_DIASPORA_LDAP_PASSWORD";
43 writeText "diaspora.yml" ''
46 url: "https://diaspora.immae.eu/"
47 certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
48 redis: 'redis://localhost:6379/15'
56 listen: '${socketsDir}/diaspora.sock'
57 rails_environment: 'production'
69 enable_registrations: false
88 sender_address: 'diaspora@immae.eu'
95 podmin_email: 'diaspora@immae.eu'
105 skip_email_confirmation: true
107 bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
108 bind_pw: "${builtins.getEnv "NIXOPS_DIASPORA_LDAP_PASSWORD"}"
109 search_base: "dc=immae,dc=eu"
110 search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
117 assert checkEnv "NIXOPS_DIASPORA_SQL_PASSWORD";
118 writeText "database.yml" ''
119 postgresql: &postgresql
124 password: "${builtins.getEnv "NIXOPS_DIASPORA_SQL_PASSWORD"}"
132 database: diaspora_development
138 database: "diaspora_test"
141 database: diaspora_integration1
144 database: diaspora_integration2
147 railsRoot = stdenv.mkDerivation {
148 name = "diaspora_immae";
150 builder = writeText "build_diaspora_immae" ''
155 tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
156 ln -s ${database_config} config/database.yml
157 ln -s ${config} config/diaspora.yml
158 ln -s ${secret_token} config/initializers/secret_token.rb
159 ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
160 ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
161 ln -sf ../../../../../../${varDir}/uploads public/uploads
162 RAILS_ENV=production ${gems}/bin/rake assets:precompile
164 ln -sf ../../../../../${varDir}/tmp tmp
165 ln -sf ../../../../../${varDir}/log log
167 propagatedBuildInputs = buildInputs;
171 inherit railsRoot varDir socketsDir gems;
172 railsSocket = "${socketsDir}/diaspora.sock";