};
};
};
+ smtpOptions = {
+ host = mkOption { description = "Host to access SMTP"; type = str; };
+ port = mkOption { description = "Port to access SMTP"; type = str; };
+ };
+ mkSmtpOptions = name: mkOption {
+ description = "${name} smtp configuration";
+ type = submodule {
+ options = smtpOptions // {
+ email = mkOption { description = "${name} email"; type = str; };
+ password = mkOption { description = "SMTP password of the ${name} user"; type = str; };
+ };
+ };
+ };
hostEnv = submodule {
options = {
fqdn = mkOption {
'';
type = submodule {
options = {
- password = mkOption { type = string; description = "Password for the LDAP connection"; };
- dn = mkOption { type = string; description = "DN for the LDAP connection"; };
+ password = mkOption { type = str; description = "Password for the LDAP connection"; };
+ dn = mkOption { type = str; description = "DN for the LDAP connection"; };
};
};
};
type = attrsOf (submodule {
options = {
ip4 = mkOption {
- type = string;
+ type = listOf str;
+ default = [];
description = ''
- ip4 address of the host
+ ip4 addresses of the host
'';
};
ip6 = mkOption {
- type = listOf string;
+ type = listOf str;
default = [];
description = ''
ip6 addresses of the host
'';
type = submodule {
options = {
+ rootKeys = mkOption { type = attrsOf str; description = "Keys of root users"; };
ldap = mkOption {
description = ''
LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
};
};
};
+ smtp = mkOption {
+ type = submodule { options = smtpOptions; };
+ description = "SMTP configuration";
+ };
ldap = mkOption {
description = ''
LDAP server configuration
};
type = attrsOf (attrsOf (listOf str));
};
+ keys = mkOption {
+ default = {};
+ description = "DNS keys";
+ type = attrsOf (submodule {
+ options = {
+ algorithm = mkOption { type = str; description = "Algorithm"; };
+ secret = mkOption { type = str; description = "Secret"; };
+ };
+ });
+ };
slaveZones = mkOption {
description = "List of slave zones";
type = listOf (submodule {
description = "NS master groups of this zone";
type = listOf str;
};
+ keys = mkOption {
+ default = [];
+ description = "Keys associated to the server";
+ type = listOf str;
+ };
};
});
};
type = listOf (submodule {
options = {
name = mkOption { type = str; description = "zone name"; };
+ withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; };
slaves = mkOption {
description = "NS slave groups of this zone";
type = listOf str;
type = submodule {
options = {
password = mkOption { type = str; description = "Password for encrypting files"; };
- remote = mkOption { type = str; description = "Remote url access"; };
- accessKeyId = mkOption { type = str; description = "Remote access-key"; };
- secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
+ remotes = mkOption {
+ type = attrsOf (submodule {
+ options = {
+ remote = mkOption {
+ type = unspecified;
+ example = literalExample ''
+ bucket: "s3://some_host/${bucket}";
+ '';
+ description = ''
+ Function.
+ Takes a bucket name as argument and returns a url
+ '';
+ };
+ accessKeyId = mkOption { type = str; description = "Remote access-key"; };
+ secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
+ };
+ });
+ };
+ };
+ };
+ };
+ zrepl_backup = mkOption {
+ type = submodule {
+ options = {
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
+ mysql = mkMysqlOptions "Zrepl" {};
+ certs = mkOption {
+ description = "Certificates";
+ type = attrsOf (submodule {
+ options = {
+ key = mkOption { type = str; description = "Key"; };
+ certificate = mkOption { type = str; description = "Certificate"; };
+ };
+ });
+ };
};
};
};
type = attrsOf (submodule {
options = {
keep = mkOption { type = int; description = "Number of backups to keep"; };
+ check_command = mkOption { type = str; description = "command to check if backup needs to be done"; default = "backup"; };
login = mkOption { type = str; description = "Login to connect to host"; };
port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
host = mkOption { type = str; description = "Host to connect to"; };
};
};
nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
- slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
- slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
+ apprise_urls = mkOption { type = str; description = "Apprise space-separated urls to push status update"; };
+ netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; };
+ netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; };
contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
email_check = mkOption {
description = "Emails services to check";
description = "FTP configuration";
type = submodule {
options = {
- ldap = mkLdapOptions "FTP" {};
+ ldap = mkLdapOptions "FTP" {
+ proftpd_filter = mkOption { type = str; description = "Filter for proftpd listing in LDAP"; };
+ pure-ftpd_filter = mkOption { type = str; description = "Filter for pure-ftpd listing in LDAP"; };
+ };
};
};
};
user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
+ postfix_mailbox_filter = mkOption { type = str; description = "Postfix filter to get mailboxes"; };
};
};
};
};
});
};
+ sympa = mkOption {
+ description = "Sympa configuration";
+ type = submodule {
+ options = {
+ listmasters = mkOption {
+ type = listOf str;
+ description = "Listmasters";
+ };
+ postgresql = mkPsqlOptions "Sympa";
+ data_sources = mkOption {
+ type = attrsOf str;
+ default = {};
+ description = "Data sources to make available to sympa";
+ };
+ scenari = mkOption {
+ type = attrsOf str;
+ default = {};
+ description = "Scenari to make available to sympa";
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ coturn = mkOption {
+ description = "Coturn configuration";
+ type = submodule {
+ options = {
+ auth_access_key = mkOption { type = str; description = "key to access coturn"; };
};
};
};
description = "Buildbot configuration";
type = submodule {
options = {
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
+ workerPassword = mkOption { description = "Buildbot worker password"; type = str; };
user = mkOption {
description = "Buildbot user";
type = submodule {
Takes pkgs as argument.
'';
};
- pythonPackages = mkOption {
- type = unspecified;
- example = literalExample ''
- p: pkgs: [ pkgs.python3Packages.pip ];
- '';
- description = ''
- Function.
- Builds python packages list to make available to buildbot project.
- Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
- '';
- };
pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
+ workerPort = mkOption { type = port; description = "Port for the worker"; };
secrets = mkOption {
- type = attrsOf str;
- description = "Secrets for the project to dump as files";
+ #type = attrsOf (either str (functionTo str));
+ type = attrsOf unspecified;
+ description = "Secrets for the project to dump as files. Might be a function that takes pkgs as argument";
};
environment = mkOption {
- type = attrsOf str;
+ #type = attrsOf (either str (functionTo str));
+ type = attrsOf unspecified;
description = ''
- Environment variables for the project.
+ Environment variables for the project. Might be a function that takes pkgs as argument.
BUILDBOT_ is prefixed to the variable names
'';
};
Activation script to run during deployment
'';
};
- builderPaths = mkOption {
- type = attrsOf unspecified;
- default = {};
- description = ''
- Attrs of functions to make accessible specifically per builder.
- Takes pkgs as argument and should return a single path containing binaries.
- This path will be accessible as BUILDBOT_PATH_<attrskey>
- '';
- };
webhookTokens = mkOption {
type = nullOr (listOf str);
default = null;
description = "Tools configurations";
type = submodule {
options = {
+ contact = mkOption { type = str; description = "Contact e-mail address"; };
+ assets = mkOption {
+ default = {};
+ type = attrsOf (submodule {
+ options = {
+ assetType = mkOption { type = enum ["tgz" "url" "googleFont"]; default = "url"; description = "Type of asset"; };
+ tgzRemoveComponents = mkOption { type = int; default = 0; description = "Remove components when extracting"; };
+ url = mkOption { type = str; description = "URL to fetch"; };
+ sha256 = mkOption { type = str; description = "Hash of the url"; };
+ };
+ });
+ description = "Assets to provide on assets.immae.eu";
+ };
davical = mkOption {
description = "Davical configuration";
type = submodule {
};
};
};
+ dmarc_reports = mkOption {
+ description = "DMARC reports configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "DMARC" {};
+ anonymous_key = mkOption { type = str; description = "Anonymous hashing key"; };
+ };
+ };
+ };
etherpad-lite = mkOption {
description = "Etherpad configuration";
type = submodule {
ldap = mkLdapOptions "Etherpad" {
group_filter = mkOption { type = str; description = "Filter for groups"; };
};
+ adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
session_key = mkOption { type = str; description = "Session key"; };
api_key = mkOption { type = str; description = "API key"; };
- redirects = mkOption { type = str; description = "Redirects for apache"; };
};
};
};
type = submodule {
options = {
ldap = mkLdapOptions "Gitolite" {};
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
};
};
};
};
};
};
+ syden_peertube = mkOption {
+ description = "Peertube Syden configuration";
+ type = submodule {
+ options = {
+ listenPort = mkOption { type = port; description = "Port to listen to"; };
+ postgresql = mkPsqlOptions "Peertube";
+ redis = mkRedisOptions "Peertube";
+ };
+ };
+ };
phpldapadmin = mkOption {
description = "phpLdapAdmin configuration";
type = submodule {
};
};
};
+ status_engine = mkOption {
+ description = "Status Engine configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "StatusEngine" {};
+ ldap = mkLdapOptions "StatusEngine" {};
+ };
+ };
+ };
task = mkOption {
description = "Taskwarrior configuration";
type = submodule {
};
};
};
+ webhooks = mkOption {
+ type = attrsOf str;
+ description = "Mapping 'name'.php => script for webhooks";
+ };
+ csp_reports = mkOption {
+ description = "CSP report configuration";
+ type = submodule {
+ options = {
+ report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
+ policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
+ };
+ };
+ };
+ commento = mkOption {
+ description = "Commento configuration";
+ type = submodule {
+ options = {
+ listenPort = mkOption { type = port; description = "Port to listen to"; };
+ postgresql = mkPsqlOptions "Commento";
+ smtp = mkSmtpOptions "Commento";
+ };
+ };
+ };
+ cryptpad = mkOption {
+ description = "Cryptpad configuration";
+ type = attrsOf (submodule {
+ options = {
+ email = mkOption { type = str; description = "Admin e-mail"; };
+ admins = mkOption { type = listOf str; description = "Instance admin public keys"; };
+ port = mkOption { type = port; description = "Port to listen to"; };
+ };
+ });
+ };
ympd = mkOption {
description = "Ympd configuration";
type = submodule {
};
};
};
+ umami = mkOption {
+ description = "Umami configuration";
+ type = submodule {
+ options = {
+ listenPort = mkOption { type = port; description = "Port to listen to"; };
+ postgresql = mkPsqlOptions "Umami";
+ hashSalt = mkOption { type = str; description = "Hash salt"; };
+ };
+ };
+ };
yourls = mkOption {
description = "Yourls configuration";
type = submodule {
};
};
};
+ serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; };
websites = mkOption {
description = "Websites configurations";
type = submodule {
options = {
+ christophe_carpentier = mkOption {
+ description = "Christophe Carpentier configuration by environment";
+ type = submodule {
+ options = {
+ agorakit = mkOption {
+ description = "Agorakit configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "Agorakit" {};
+ smtp = mkSmtpOptions "Agorakit";
+ appkey = mkOption { type = str; description = "App key"; };
+ };
+ };
+ };
+ };
+ };
+ };
+ immae = mkOption {
+ description = "Immae configuration by environment";
+ type = submodule {
+ options = {
+ temp = mkOption {
+ description = "Temp configuration";
+ type = submodule {
+ options = {
+ ldap = mkLdapOptions "Immae temp" {
+ filter = mkOption { type = str; description = "Filter for user access"; };
+ };
+ };
+ };
+ };
+ };
+ };
+ };
isabelle = mkOption {
description = "Isabelle configurations by environment";
type =
options = {
production = chloeSubmodule;
integration = chloeSubmodule;
+ new = mkOption {
+ description = "environment configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "ChloeNew" {};
+ ldap = mkLdapOptions "ChloeNew" {};
+ secret = mkOption { type = str; description = "Symfony App secret"; };
+ };
+ };
+ };
};
};
};
};
};
};
- telioTortay = mkOption {
+ telio_tortay = mkOption {
description = "Telio Tortay configuration";
type = submodule {
options = {
};
};
};
- ludivinecassal = mkOption {
+ ludivine = mkOption {
description = "Ludivinecassal configurations by environment";
type =
let
};
};
};
+ nicecoop = mkOption {
+ description = "Nicecoop configuration";
+ type = submodule {
+ options = {
+ odoo = {
+ port = mkOption { description = "Port to listen to"; type = port; };
+ longpoll_port = mkOption { description = "Port to listen to"; type = port; };
+ postgresql = mkPsqlOptions "Odoo";
+ admin_password = mkOption { type = str; description = "Admin password"; };
+ };
+ gestion-compte = {
+ smtp = mkSmtpOptions "GestionCompte";
+ mysql = mkMysqlOptions "gestion-compte" {};
+ secret = mkOption { type = str; description = "Application secret"; };
+ adminpassword = mkOption { type = str; description = "Admin password"; };
+ };
+ gestion-compte-integration = {
+ smtp = mkSmtpOptions "GestionCompte";
+ mysql = mkMysqlOptions "gestion-compte" {};
+ secret = mkOption { type = str; description = "Application secret"; };
+ adminpassword = mkOption { type = str; description = "Admin password"; };
+ };
+ copanier = {
+ smtp = mkSmtpOptions "Copanier";
+ staff = mkOption { type = listOf str; description = "List of staff members"; };
+ };
+ };
+ };
+ };
emilia = mkOption {
description = "Emilia configuration";
type = submodule {
};
};
};
+ caldance = mkOption {
+ description = "Caldance configurations by environment";
+ type = submodule {
+ options = {
+ integration = mkOption {
+ description = "environment configuration";
+ type = submodule {
+ options = {
+ password = mkOption { type = str; description = "Password file content for basic auth"; };
+ };
+ };
+ };
+ };
+ };
+ };
tellesflorian = mkOption {
description = "Tellesflorian configurations by environment";
type =
};
};
};
-
- privateFiles = mkOption {
- type = path;
- description = ''
- Path to secret files to make available during build
- '';
- };
};
options.hostEnv = mkOption {
readOnly = true;