Squash changes containing private information

[perso/Immae/Config/Nix.git] / systems / eldiron / websites / cryptpad / default.nix

diff --git a/systems/eldiron/websites/cryptpad/default.nix b/systems/eldiron/websites/cryptpad/default.nix
new file mode 100644 (file)
index 0000000..4635548
--- /dev/null
+++ b/systems/eldiron/websites/cryptpad/default.nix
@@ -0,0 +1,89 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.myServices.websites.tools.cryptpad;
+  envCfg = config.myEnv.tools.cryptpad;
+  domain = "cryptpad.immae.eu";
+  port = envCfg.port;
+  configFile = pkgs.writeText "config.js" ''
+    // ${pkgs.cryptpad}/lib/node_modules/cryptpad/config/config.example.js
+    module.exports = {
+      httpUnsafeOrigin: 'https://${domain}',
+      httpPort: ${toString port},
+      adminEmail: '${envCfg.email}',
+      filePath: './datastore/',
+      archivePath: './data/archive',
+      pinPath: './data/pins',
+      taskPath: './data/tasks',
+      blockPath: './block',
+      blobPath: './blob',
+      blobStagingPath: './data/blobstage',
+      decreePath: './data/decrees',
+      logPath: './data/logs',
+      logToStdout: false,
+      logLevel: 'info',
+      logFeedback: false,
+      verbose: false,
+      inactiveTime: false,
+      maxUploadSize: 100 * 1024 * 1024,
+      adminKeys: ${builtins.toJSON envCfg.admins},
+    };
+  '';
+in
+{
+  options.myServices.websites.tools.cryptpad.enable = lib.mkEnableOption "Enable Cryptpad";
+  config = lib.mkIf cfg.enable {
+    myServices.dns.zones."immae.eu".subdomains.cryptpad =
+      with config.myServices.dns.helpers; ips servers.eldiron.ips.main;
+
+    myServices.chatonsProperties.hostings.cryptpad = {
+      file.datetime = "2022-08-21T01:20:00";
+      hosting = {
+        name = "Cryptpad";
+        description = "Collaboration suite, encrypted and open-source";
+        website = "https://cryptpad.immae.eu/";
+        logo = "https://cryptpad.immae.eu/customize/favicon/main-favicon.png";
+        type = "INSTANCE";
+        status.level = "OK";
+        status.description = "OK";
+        registration.load = "OPEN";
+        install.type = "PACKAGE";
+      };
+    };
+    myServices.chatonsProperties.services.cryptpad = {
+      file.datetime = "2022-08-21T01:20:00";
+      service = {
+        name = "Cryptpad";
+        description = "Collaboration suite, encrypted and open-source";
+        website = "https://cryptpad.immae.eu/";
+        logo = "https://cryptpad.immae.eu/customize/favicon/main-favicon.png";
+        status.level = "OK";
+        status.description = "OK";
+        registration."" = ["NONE" "FREE" "MEMBER" "CLIENT"];
+        registration.load = "OPEN";
+        install.type = "PACKAGE";
+      };
+      software = {
+        name = "Cryptpad";
+        website = "https://cryptpad.org/";
+        license.url = "https://github.com/xwiki-labs/cryptpad/blob/main/LICENSE";
+        license.name = "GNU Affero General Public License v3.0";
+        version = pkgs.cryptpad.version;
+        source.url = "https://github.com/xwiki-labs/cryptpad";
+      };
+    };
+    myServices.tools.cryptpad.farm.hosts.immaeEu = {
+      inherit domain port;
+      config = configFile;
+    };
+    services.websites.env.tools.modules = [ "proxy_wstunnel" ];
+    security.acme.certs.eldiron.extraDomainNames = [ domain ];
+    services.websites.env.tools.vhostConfs.cryptpad = {
+      certName = "eldiron";
+      hosts = [domain];
+      root = config.myServices.tools.cryptpad.farm.vhostRoots.immaeEu;
+      extraConfig = [
+        config.myServices.tools.cryptpad.farm.vhosts.immaeEu
+      ];
+    };
+  };
+}