./modules/gitolite.nix
./modules/gitweb.nix
./modules/databases.nix
- ./modules/websites/chloe.nix
- ./modules/websites/ludivine.nix
- ./modules/websites/aten.nix
- ./modules/websites/piedsjaloux.nix
- ./modules/websites/connexionswing.nix
+ ./modules/websites.nix
];
services.myGitolite.enable = true;
services.myGitweb.enable = true;
services.myDatabases.enable = true;
- services.myWebsites.Chloe.production.enable = true;
- services.myWebsites.Chloe.integration.enable = true;
- services.myWebsites.Ludivine.production.enable = true;
- services.myWebsites.Ludivine.integration.enable = true;
- services.myWebsites.Aten.production.enable = true;
- services.myWebsites.Aten.integration.enable = true;
- services.myWebsites.PiedsJaloux.production.enable = true;
- services.myWebsites.PiedsJaloux.integration.enable = true;
- services.myWebsites.Connexionswing.production.enable = true;
- services.myWebsites.Connexionswing.integration.enable = true;
+ services.myWebsites.production.enable = true;
+ services.myWebsites.integration.enable = true;
nixpkgs.config.packageOverrides = oldpkgs: rec {
goaccess = oldpkgs.goaccess.overrideAttrs(old: rec {
install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss
install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
'';
- redis = ''
- mkdir -p /run/redis
- chown redis /run/redis
- '';
# FIXME: initial sync
goaccess = ''
mkdir -p /var/lib/goaccess
logFormat = "combinedVhost";
listen = [ { ip = "*"; port = 443; } ];
};
- apacheConfig = {
- gzip = {
- modules = [ "deflate" "filter" ];
- extraConfig = ''
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
- '';
- };
- ldap = {
- modules = [ "ldap" "authnz_ldap" ];
- extraConfig = assert checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
- <IfModule ldap_module>
- LDAPSharedCacheSize 500000
- LDAPCacheEntries 1024
- LDAPCacheTTL 600
- LDAPOpCacheEntries 1024
- LDAPOpCacheTTL 600
- </IfModule>
-
- <Macro LDAPConnect>
- <IfModule authnz_ldap_module>
- AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu
- AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
- AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
- AuthType Basic
- AuthName "Authentification requise (Acces LDAP)"
- AuthBasicProvider ldap
- </IfModule>
- </Macro>
-
- <Macro Stats %{domain}>
- Alias /awstats /var/lib/goaccess/%{domain}
- <Directory /var/lib/goaccess/%{domain}>
- DirectoryIndex index.html
- AllowOverride None
- Require all granted
- </Directory>
- <Location /awstats>
- Use LDAPConnect
- Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
- </Location>
- </Macro>
- '';
- };
- http2 = {
- modules = [ "http2" ];
- extraConfig = ''
- Protocols h2 http/1.1
- '';
- };
- customLog = {
- modules = [];
- extraConfig = ''
- LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedVhost
- '';
- };
- };
+ apacheConfig = config.services.myWebsites.apacheConfig;
in rec {
enable = true;
logPerVirtualHost = true;
extraModules = pkgs.lib.lists.unique (
mypkgs.adminer.apache.modules ++
mypkgs.nextcloud.apache.modules ++
- mypkgs.connexionswing_dev.apache.modules ++
- mypkgs.connexionswing_prod.apache.modules ++
- mypkgs.ludivinecassal_dev.apache.modules ++
- mypkgs.ludivinecassal_prod.apache.modules ++
- mypkgs.piedsjaloux_dev.apache.modules ++
- mypkgs.piedsjaloux_prod.apache.modules ++
- mypkgs.chloe_dev.apache.modules ++
- mypkgs.chloe_prod.apache.modules ++
- mypkgs.aten_dev.apache.modules ++
- mypkgs.aten_prod.apache.modules ++
mypkgs.ympd.apache.modules ++
mypkgs.git.web.apache.modules ++
mypkgs.mantisbt.apache.modules ++
mypkgs.ttrss.apache.modules ++
mypkgs.roundcubemail.apache.modules ++
- pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
- [ "macro" ]);
+ pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) apacheConfig));
extraConfig = builtins.concatStringsSep "\n"
- (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig) apacheConfig);
+ (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) apacheConfig));
virtualHosts = [
(withConf "eldiron" // {
hostName = "eldiron.immae.eu";
projects / perso / Immae / Config / Nix.git / blobdiff