X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=inline;f=modules%2Fprivate%2Fwebsites%2Fdefault.nix;h=aba30e37f73c2606c7c828ea90676e8fc8a31a7a;hb=3c50eea8d946bf8417f49fa8a4a6e109e0439c7b;hp=f55f7e3e120331b8869141c6b0da22a3ab464f08;hpb=93531b30f0c08f6c549fac338a1cb8070c3c0a9a;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index f55f7e3..aba30e3 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
let
www_root = "/run/current-system/webapps/_www";
theme_root = "/run/current-system/webapps/_theme";
@@ -43,7 +43,21 @@ let
'';
};
global = {
- extraConfig = (pkgs.webapps.apache-default.override { inherit www_root;}).apacheConfig;
+ extraConfig = ''
+ ErrorDocument 500 /maintenance_immae.html
+ ErrorDocument 501 /maintenance_immae.html
+ ErrorDocument 502 /maintenance_immae.html
+ ErrorDocument 503 /maintenance_immae.html
+ ErrorDocument 504 /maintenance_immae.html
+ Alias /maintenance_immae.html ${www_root}/maintenance_immae.html
+ ProxyPass /maintenance_immae.html !
+
+ AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${www_root}/googleb6d69446ff4ca3e5.html
+
+ AllowOverride None
+ Require all granted
+
+ '';
};
apaxy = {
extraConfig = (pkgs.webapps.apache-theme.override { inherit theme_root; }).apacheConfig;
@@ -64,15 +78,12 @@ let
makeExtraConfig = (builtins.filter (x: x != null) (lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) apacheConfig));
in
{
- options.myServices.websites.webappDirs = lib.mkOption {
- type = lib.types.attrsOf lib.types.path;
- description = ''
- Webapp paths to create in /run/current-system/webapps
- '';
- default = {};
- };
+ options.myServices.websites.enable = lib.mkEnableOption "enable websites";
- config = {
+ config = lib.mkIf config.myServices.websites.enable {
+ services.duplyBackup.profiles.php = {
+ rootDir = "/var/lib/php";
+ };
users.users.wwwrun.extraGroups = [ "keys" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
@@ -80,9 +91,9 @@ in
#openssl = self.openssl_1_1;
php = php72;
php72 = (super.php72.override {
- mysql.connector-c = self.mariadb;
- config.php.mysqlnd = false;
+ config.php.mysqlnd = true;
config.php.mysqli = false;
+ config.php.mhash = true; # Is it needed?
}).overrideAttrs(old: rec {
# Didn't manage to build with mysqli + mysql_config connector
configureFlags = old.configureFlags ++ [
@@ -107,7 +118,7 @@ in
AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu STARTTLS
AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
- AuthLDAPBindPassword "${myconfig.env.httpd.ldap.password}"
+ AuthLDAPBindPassword "${config.myEnv.httpd.ldap.password}"
AuthType Basic
AuthName "Authentification requise (Acces LDAP)"
AuthBasicProvider ldap
@@ -118,7 +129,7 @@ in
system.activationScripts = {
httpd = ''
- install -d -m 0755 ${config.security.acme.directory}/acme-challenge
+ install -d -m 0755 /var/lib/acme/acme-challenges
install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
'';
};
@@ -133,9 +144,9 @@ in
; 30 days (minutes)
session.cache_expire = 43200
'';
- extraConfig = ''
- log_level = notice
- '';
+ settings = {
+ log_level = "notice";
+ };
};
services.filesWatcher.httpdProd.paths = [ "/var/secrets/apache-ldap" ];
@@ -147,7 +158,7 @@ in
adminAddr = "httpd@immae.eu";
httpdName = "Prod";
ips =
- let ips = myconfig.env.servers.eldiron.ips.production;
+ let ips = config.myEnv.servers.eldiron.ips.production;
in [ips.ip4] ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig;
@@ -164,7 +175,7 @@ in
adminAddr = "httpd@immae.eu";
httpdName = "Inte";
ips =
- let ips = myconfig.env.servers.eldiron.ips.integration;
+ let ips = config.myEnv.servers.eldiron.ips.integration;
in [ips.ip4] ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig;
@@ -181,7 +192,7 @@ in
adminAddr = "httpd@immae.eu";
httpdName = "Tools";
ips =
- let ips = myconfig.env.servers.eldiron.ips.main;
+ let ips = config.myEnv.servers.eldiron.ips.main;
in [ips.ip4] ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig ++
@@ -206,54 +217,76 @@ in
};
};
- system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues config.myServices.websites.webappDirs) > 0) ''
- mkdir -p $out/webapps
- ${builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") config.myServices.websites.webappDirs)}
- '';
-
+ services.websites.webappDirs = {
+ _www = ./_www;
+ _theme = pkgs.webapps.apache-theme.theme;
+ };
myServices.websites = {
- webappDirs = {
- _www = pkgs.webapps.apache-default.www;
- _theme = pkgs.webapps.apache-theme.theme;
- };
+ capitaines.landing_pages.enable = true;
- aten.integration.enable = true;
- aten.production.enable = true;
+ chloe = {
+ integration.enable = true;
+ production.enable = true;
+ };
- capitaines.production.enable = true;
+ connexionswing = {
+ integration.enable = true;
+ production.enable = true;
+ };
- chloe.integration.enable = true;
- chloe.production.enable = true;
+ denise = {
+ evariste.enable = true;
+ denisejerome.enable = true;
+ };
- connexionswing.integration.enable = true;
- connexionswing.production.enable = true;
+ emilia.moodle.enable = true;
- denisejerome.production.enable = true;
+ florian = {
+ app.enable = true;
+ integration.enable = true;
+ production.enable = true;
+ };
- emilia.production.enable = true;
+ immae = {
+ production.enable = true;
+ release.enable = true;
+ temp.enable = true;
+ };
- florian.app.enable = true;
- florian.integration.enable = true;
- florian.production.enable = true;
+ isabelle = {
+ aten_integration.enable = true;
+ aten_production.enable = true;
+ iridologie.enable = true;
+ };
- immae.production.enable = true;
- immae.release.enable = true;
- immae.temp.enable = true;
+ jerome.naturaloutil.enable = true;
leila.production.enable = true;
- ludivinecassal.integration.enable = true;
- ludivinecassal.production.enable = true;
+ ludivine = {
+ integration.enable = true;
+ production.enable = true;
+ };
nassime.production.enable = true;
- naturaloutil.production.enable = true;
- telioTortay.production.enable = true;
+ nathanael.villon.enable = true;
- papa.surveillance.enable = true;
+ papa = {
+ surveillance.enable = true;
+ maison_bbc.enable = true;
+ };
+
+ piedsjaloux = {
+ integration.enable = true;
+ production.enable = true;
+ };
- piedsjaloux.integration.enable = true;
- piedsjaloux.production.enable = true;
+ richie.production.enable = true;
+
+ syden.peertube.enable = true;
+
+ telio_tortay.production.enable = true;
tools.cloud.enable = true;
tools.dav.enable = true;
@@ -266,6 +299,8 @@ in
tools.peertube.enable = true;
tools.tools.enable = true;
tools.email.enable = true;
+
+ games.codenames.enable = true;
};
};
}