WIP openfoodnetwork

[perso/Immae/Config/Nix.git] / modules / private / tasks / default.nix

diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix
index a6783741658acb809ebc2b073a5446a1868bfca5..64802550ac73a8e9591a1d76dd414daba66d1715 100644 (file)
--- a/modules/private/tasks/default.nix
+++ b/modules/private/tasks/default.nix
@@ -86,18 +86,8 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    services.duplyBackup.profiles.tasks = {
-      rootDir = "/var/lib";
-      excludeFile = ''
-        + /var/lib/taskserver
-        + /var/lib/taskwarrior-web
-        - /var/lib
-        '';
-    };
-
-    secrets.keys = [
-      {
-        dest = "webapps/tools-taskwarrior-web";
+    secrets.keys = {
+      "webapps/tools-taskwarrior-web" = {
         user = "wwwrun";
         group = "wwwrun";
         permissions = "0400";
@@ -110,9 +100,8 @@ in {
             SetEnv TASKD_LDAP_BASE     "${env.ldap.base}"
             SetEnv TASKD_LDAP_FILTER   "${env.ldap.filter}"
           '';
-      }
-    ] ++ (lib.mapAttrsToList (name: userConfig: {
-      dest = "webapps/tools-taskwarrior/${name}-taskrc";
+      };
+    } // (lib.mapAttrs' (name: userConfig: lib.nameValuePair "webapps/tools-taskwarrior/${name}-taskrc" {
       inherit user group;
       permissions = "0400";
       text = let
@@ -161,22 +150,22 @@ in {
         dateformat=${dateFormat}
       '';
     }) env.taskwarrior-web);
-    services.websites.env.tools.watchPaths = [ "/var/secrets/webapps/tools-taskwarrior-web" ];
+    services.websites.env.tools.watchPaths = [ config.secrets.fullPaths."webapps/tools-taskwarrior-web" ];
     services.websites.env.tools.modules = [ "proxy_fcgi" "sed" ];
     services.websites.env.tools.vhostConfs.task = {
       certName    = "eldiron";
       addToCerts  = true;
       hosts       = [ "task.immae.eu" ];
-      root        = "/run/current-system/webapps/_task";
+      root        = ./www;
       extraConfig = [ ''
-        <Directory /run/current-system/webapps/_task>
+        <Directory ${./www}>
           DirectoryIndex index.php
           Use LDAPConnect
           Require ldap-group cn=users,cn=taskwarrior,ou=services,dc=immae,dc=eu
           <FilesMatch "\.php$">
             SetHandler "proxy:unix:${config.services.phpfpm.pools.tasks.socket}|fcgi://localhost"
           </FilesMatch>
-          Include /var/secrets/webapps/tools-taskwarrior-web
+          Include ${config.secrets.fullPaths."webapps/tools-taskwarrior-web"}
         </Directory>
         ''
         ''
@@ -245,8 +234,6 @@ in {
       };
     };
 
-    services.websites.webappDirs._task = ./www;
-
     security.acme.certs."task" = config.myServices.certificates.certConfig // {
       inherit user group;
       domain = fqdn;
@@ -328,7 +315,7 @@ in {
         after = [ "network.target" ];
         path = [ pkgs.taskwarrior ];
 
-        environment.TASKRC = "/var/secrets/webapps/tools-taskwarrior/${name}-taskrc";
+        environment.TASKRC = config.secrets.fullPaths."webapps/tools-taskwarrior/${name}-taskrc";
         environment.BUNDLE_PATH = "${taskwarrior-web.gems}/${taskwarrior-web.gems.ruby.gemPath}";
         environment.BUNDLE_GEMFILE = "${taskwarrior-web.gems.confFiles}/Gemfile";
         environment.LC_ALL = "fr_FR.UTF-8";