type = attrsOf (submodule {
options = {
ip4 = mkOption {
- type = str;
+ type = listOf str;
+ default = [];
description = ''
- ip4 address of the host
+ ip4 addresses of the host
'';
};
ip6 = mkOption {
'';
type = submodule {
options = {
+ rootKeys = mkOption { type = attrsOf str; description = "Keys of root users"; };
ldap = mkOption {
description = ''
LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
};
type = attrsOf (attrsOf (listOf str));
};
+ keys = mkOption {
+ default = {};
+ description = "DNS keys";
+ type = attrsOf (submodule {
+ options = {
+ algorithm = mkOption { type = str; description = "Algorithm"; };
+ secret = mkOption { type = str; description = "Secret"; };
+ };
+ });
+ };
slaveZones = mkOption {
description = "List of slave zones";
type = listOf (submodule {
description = "NS master groups of this zone";
type = listOf str;
};
+ keys = mkOption {
+ default = [];
+ description = "Keys associated to the server";
+ type = listOf str;
+ };
};
});
};
type = listOf (submodule {
options = {
name = mkOption { type = str; description = "zone name"; };
+ withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; };
slaves = mkOption {
description = "NS slave groups of this zone";
type = listOf str;
type = submodule {
options = {
password = mkOption { type = str; description = "Password for encrypting files"; };
- remote = mkOption { type = str; description = "Remote url access"; };
- accessKeyId = mkOption { type = str; description = "Remote access-key"; };
- secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
+ remotes = mkOption {
+ type = attrsOf (submodule {
+ options = {
+ remote = mkOption {
+ type = unspecified;
+ example = literalExample ''
+ bucket: "s3://some_host/${bucket}";
+ '';
+ description = ''
+ Function.
+ Takes a bucket name as argument and returns a url
+ '';
+ };
+ accessKeyId = mkOption { type = str; description = "Remote access-key"; };
+ secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
+ };
+ });
+ };
+ };
+ };
+ };
+ zrepl_backup = mkOption {
+ type = submodule {
+ options = {
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
+ mysql = mkMysqlOptions "Zrepl" {};
+ certs = mkOption {
+ description = "Certificates";
+ type = attrsOf (submodule {
+ options = {
+ key = mkOption { type = str; description = "Key"; };
+ certificate = mkOption { type = str; description = "Certificate"; };
+ };
+ });
+ };
};
};
};
nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
+ netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; };
+ netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; };
contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
email_check = mkOption {
description = "Emails services to check";
description = "FTP configuration";
type = submodule {
options = {
- ldap = mkLdapOptions "FTP" {};
+ ldap = mkLdapOptions "FTP" {
+ proftpd_filter = mkOption { type = str; description = "Filter for proftpd listing in LDAP"; };
+ pure-ftpd_filter = mkOption { type = str; description = "Filter for pure-ftpd listing in LDAP"; };
+ };
};
};
};
};
};
};
+ coturn = mkOption {
+ description = "Coturn configuration";
+ type = submodule {
+ options = {
+ auth_access_key = mkOption { type = str; description = "key to access coturn"; };
+ };
+ };
+ };
buildbot = mkOption {
description = "Buildbot configuration";
type = submodule {
options = {
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
+ workerPassword = mkOption { description = "Buildbot worker password"; type = str; };
user = mkOption {
description = "Buildbot user";
type = submodule {
Takes pkgs as argument.
'';
};
- pythonPackages = mkOption {
- type = unspecified;
- example = literalExample ''
- p: pkgs: [ pkgs.python3Packages.pip ];
- '';
- description = ''
- Function.
- Builds python packages list to make available to buildbot project.
- Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
- '';
- };
pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
+ workerPort = mkOption { type = port; description = "Port for the worker"; };
secrets = mkOption {
- type = attrsOf str;
- description = "Secrets for the project to dump as files";
+ #type = attrsOf (either str (functionTo str));
+ type = attrsOf unspecified;
+ description = "Secrets for the project to dump as files. Might be a function that takes pkgs as argument";
};
environment = mkOption {
- type = attrsOf str;
+ #type = attrsOf (either str (functionTo str));
+ type = attrsOf unspecified;
description = ''
- Environment variables for the project.
+ Environment variables for the project. Might be a function that takes pkgs as argument.
BUILDBOT_ is prefixed to the variable names
'';
};
type = submodule {
options = {
contact = mkOption { type = str; description = "Contact e-mail address"; };
+ assets = mkOption {
+ default = {};
+ type = attrsOf (submodule {
+ options = {
+ url = mkOption { type = str; description = "URL to fetch"; };
+ sha256 = mkOption { type = str; description = "Hash of the url"; };
+ };
+ });
+ description = "Assets to provide on assets.immae.eu";
+ };
davical = mkOption {
description = "Davical configuration";
type = submodule {
adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; };
session_key = mkOption { type = str; description = "Session key"; };
api_key = mkOption { type = str; description = "API key"; };
- redirects = mkOption { type = str; description = "Redirects for apache"; };
};
};
};
type = submodule {
options = {
ldap = mkLdapOptions "Gitolite" {};
+ ssh_key = mkOption {
+ description = "SSH key information";
+ type = submodule {
+ options = {
+ public = mkOption { type = str; description = "Public part of the key"; };
+ private = mkOption { type = lines; description = "Private part of the key"; };
+ };
+ };
+ };
};
};
};
options = {
report_uri = mkOption { type = str; description = "URI to report CSP violations to"; };
policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; };
- postgresql = mkPsqlOptions "CSP reports";
};
};
};
};
};
};
+ cryptpad = mkOption {
+ description = "Cryptpad configuration";
+ type = attrsOf (submodule {
+ options = {
+ email = mkOption { type = str; description = "Admin e-mail"; };
+ admins = mkOption { type = listOf str; description = "Instance admin public keys"; };
+ port = mkOption { type = port; description = "Port to listen to"; };
+ };
+ });
+ };
ympd = mkOption {
description = "Ympd configuration";
type = submodule {
};
};
};
+ umami = mkOption {
+ description = "Umami configuration";
+ type = submodule {
+ options = {
+ listenPort = mkOption { type = port; description = "Port to listen to"; };
+ postgresql = mkPsqlOptions "Umami";
+ hashSalt = mkOption { type = str; description = "Hash salt"; };
+ };
+ };
+ };
yourls = mkOption {
description = "Yourls configuration";
type = submodule {
};
};
};
+ serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; };
websites = mkOption {
description = "Websites configurations";
type = submodule {
options = {
+ christophe_carpentier = mkOption {
+ description = "Christophe Carpentier configuration by environment";
+ type = submodule {
+ options = {
+ agorakit = mkOption {
+ description = "Agorakit configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "Agorakit" {};
+ smtp = mkSmtpOptions "Agorakit";
+ appkey = mkOption { type = str; description = "App key"; };
+ };
+ };
+ };
+ };
+ };
+ };
immae = mkOption {
description = "Immae configuration by environment";
type = submodule {
options = {
production = chloeSubmodule;
integration = chloeSubmodule;
+ new = mkOption {
+ description = "environment configuration";
+ type = submodule {
+ options = {
+ mysql = mkMysqlOptions "ChloeNew" {};
+ ldap = mkLdapOptions "ChloeNew" {};
+ secret = mkOption { type = str; description = "Symfony App secret"; };
+ };
+ };
+ };
};
};
};
};
};
};
+ nicecoop = mkOption {
+ description = "Nicecoop configuration";
+ type = submodule {
+ options = {
+ odoo = {
+ port = mkOption { description = "Port to listen to"; type = port; };
+ longpoll_port = mkOption { description = "Port to listen to"; type = port; };
+ postgresql = mkPsqlOptions "Odoo";
+ admin_password = mkOption { type = str; description = "Admin password"; };
+ };
+ gestion-compte = {
+ smtp = mkSmtpOptions "GestionCompte";
+ mysql = mkMysqlOptions "gestion-compte" {};
+ secret = mkOption { type = str; description = "Application secret"; };
+ adminpassword = mkOption { type = str; description = "Admin password"; };
+ };
+ gestion-compte-integration = {
+ smtp = mkSmtpOptions "GestionCompte";
+ mysql = mkMysqlOptions "gestion-compte" {};
+ secret = mkOption { type = str; description = "Application secret"; };
+ adminpassword = mkOption { type = str; description = "Admin password"; };
+ };
+ copanier = {
+ smtp = mkSmtpOptions "Copanier";
+ staff = mkOption { type = listOf str; description = "List of staff members"; };
+ };
+ };
+ };
+ };
emilia = mkOption {
description = "Emilia configuration";
type = submodule {
};
};
};
+ caldance = mkOption {
+ description = "Caldance configurations by environment";
+ type = submodule {
+ options = {
+ integration = mkOption {
+ description = "environment configuration";
+ type = submodule {
+ options = {
+ password = mkOption { type = str; description = "Password file content for basic auth"; };
+ };
+ };
+ };
+ };
+ };
+ };
tellesflorian = mkOption {
description = "Tellesflorian configurations by environment";
type =
};
};
};
-
- privateFiles = mkOption {
- type = path;
- description = ''
- Path to secret files to make available during build
- '';
- };
};
options.hostEnv = mkOption {
readOnly = true;
projects / perso / Immae / Config / Nix.git / blobdiff