1 { checkEnv, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
7 gemConfig = defaultGemConfig // {
8 kostya-sigar = attrs: {
9 buildInputs = with pkgs; [ pkgs.perl ];
13 varDir = "/var/lib/diaspora_immae";
14 socketsDir = "/run/diaspora";
15 buildInputs = [ gems ] ++ (with pkgs; [
16 git redis imagemagick libxslt nodejs
17 jemalloc cacert ruby_2_4
18 openssl postgresql curl libnghttp2
21 diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
23 export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
24 export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
26 patch -p1 < ${./ldap.patch}
31 propagatedBuildInputs = buildInputs;
33 secret_token = assert checkEnv "NIXOPS_DIASPORA_SECRET_TOKEN";
34 writeText "secret_token.rb" ''
35 Diaspora::Application.config.secret_key_base = '${builtins.getEnv "NIXOPS_DIASPORA_SECRET_TOKEN"}'
38 assert checkEnv "NIXOPS_DIASPORA_LDAP_PASSWORD";
39 writeText "diaspora.yml" ''
42 url: "https://diaspora.immae.eu/"
43 certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
44 redis: 'redis://localhost:6379/15'
52 listen: '${socketsDir}/diaspora.sock'
53 rails_environment: 'production'
65 enable_registrations: false
84 sender_address: 'diaspora@immae.eu'
91 podmin_email: 'diaspora@immae.eu'
101 skip_email_confirmation: true
103 bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
104 bind_pw: "${builtins.getEnv "NIXOPS_DIASPORA_LDAP_PASSWORD"}"
105 search_base: "dc=immae,dc=eu"
106 search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
113 assert checkEnv "NIXOPS_DIASPORA_SQL_PASSWORD";
114 writeText "database.yml" ''
115 postgresql: &postgresql
120 password: "${builtins.getEnv "NIXOPS_DIASPORA_SQL_PASSWORD"}"
128 database: diaspora_development
134 database: "diaspora_test"
137 database: diaspora_integration1
140 database: diaspora_integration2
143 railsRoot = stdenv.mkDerivation {
144 name = "diaspora_immae";
146 builder = writeText "build_diaspora_immae" ''
151 tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
152 ln -s ${database_config} config/database.yml
153 ln -s ${config} config/diaspora.yml
154 ln -s ${secret_token} config/initializers/secret_token.rb
155 ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
156 ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
157 ln -sf ../../../../../../${varDir}/uploads public/uploads
158 RAILS_ENV=production ${gems}/bin/rake assets:precompile
160 ln -sf ../../../../../${varDir}/tmp tmp
161 ln -sf ../../../../../${varDir}/log log
163 propagatedBuildInputs = buildInputs;
167 inherit railsRoot varDir socketsDir gems;
168 railsSocket = "${socketsDir}/diaspora.sock";