Rename virtual folder to nixops

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / diaspora / diaspora.nix

diff --git a/nixops/modules/websites/tools/diaspora/diaspora.nix b/nixops/modules/websites/tools/diaspora/diaspora.nix
new file mode 100644 (file)
index 0000000..798ebe6
--- /dev/null
+++ b/nixops/modules/websites/tools/diaspora/diaspora.nix
@@ -0,0 +1,154 @@
+{ env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
+let
+  gems = bundlerEnv {
+    name = "diaspora-env";
+    ruby = ruby_2_4;
+    gemdir = ./.;
+    gemConfig = defaultGemConfig // {
+      kostya-sigar = attrs: {
+        buildInputs = with pkgs; [ pkgs.perl ];
+      };
+    };
+  };
+  varDir = "/var/lib/diaspora_immae";
+  socketsDir = "/run/diaspora";
+  diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
+    buildPhase = ''
+      patch -p1 < ${./ldap.patch}
+    '';
+    installPhase = ''
+      cp -a . $out
+    '';
+  });
+  secret_token = writeText "secret_token.rb" ''
+    Diaspora::Application.config.secret_key_base = '${env.secret_token}'
+    '';
+  config = writeText "diaspora.yml" ''
+      configuration:
+        environment:
+          url: "https://diaspora.immae.eu/"
+          certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt'
+          redis: '${env.redis_url}'
+          sidekiq:
+          s3:
+          assets:
+          logging:
+            logrotate:
+            debug:
+        server:
+          listen: '${socketsDir}/diaspora.sock'
+          rails_environment: 'production'
+        chat:
+          server:
+            bosh:
+            log:
+        map:
+          mapbox:
+        privacy:
+          piwik:
+          statistics:
+          camo:
+        settings:
+          enable_registrations: false
+          welcome_message:
+          invitations:
+            open: false
+          paypal_donations:
+          community_spotlight:
+          captcha:
+            enable: false
+          terms:
+          maintenance:
+            remove_old_users:
+          default_metas:
+          csp:
+        services:
+          twitter:
+          tumblr:
+          wordpress:
+        mail:
+          enable: true
+          sender_address: 'diaspora@immae.eu'
+          method: 'smtp'
+          smtp:
+            host: 'mail.immae.eu'
+          sendmail:
+        admins:
+          account: "ismael"
+          podmin_email: 'diaspora@immae.eu'
+        relay:
+          outbound:
+          inbound:
+        ldap:
+            enable: true
+            host: ldap.immae.eu
+            port: 636
+            only_ldap: true
+            mail_attribute: mail
+            skip_email_confirmation: true
+            use_bind_dn: true
+            bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
+            bind_pw: "${env.ldap.password}"
+            search_base: "dc=immae,dc=eu"
+            search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
+      production:
+        environment:
+      development:
+        environment:
+    '';
+  database_config = writeText "database.yml" ''
+      postgresql: &postgresql
+        adapter: postgresql
+        host: db-1.immae.eu
+        port: 5432
+        username: "diaspora"
+        password: "${env.postgresql.password}"
+        encoding: unicode
+      common: &common
+        <<: *postgresql
+      combined: &combined
+        <<: *common
+      development:
+        <<: *combined
+        database: diaspora_development
+      production:
+        <<: *combined
+        database: diaspora
+      test:
+        <<: *combined
+        database: "diaspora_test"
+      integration1:
+        <<: *combined
+        database: diaspora_integration1
+      integration2:
+        <<: *combined
+        database: diaspora_integration2
+    '';
+
+    railsRoot = stdenv.mkDerivation {
+      name = "diaspora_immae";
+      inherit diaspora;
+      builder = writeText "build_diaspora_immae" ''
+        source $stdenv/setup
+        cp -a $diaspora $out
+        cd $out
+        chmod -R u+rwX .
+        tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
+        ln -s ${database_config} config/database.yml
+        ln -s ${config} config/diaspora.yml
+        ln -s ${secret_token} config/initializers/secret_token.rb
+        ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
+        ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
+        ln -sf ../../../../../../${varDir}/uploads public/uploads
+        RAILS_ENV=production ${gems}/bin/rake assets:precompile
+        rm -rf tmp log
+        ln -sf ../../../../../${varDir}/tmp tmp
+        ln -sf ../../../../../${varDir}/log log
+        '';
+      propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ];
+    };
+in
+  {
+    inherit railsRoot varDir socketsDir gems;
+    railsSocket = "${socketsDir}/diaspora.sock";
+  }