X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=virtual%2Feldiron.nix;h=4087be8e9758935dd4652b101230c16cf5e685e0;hb=94818b7506f7284e2115863364b571daf0b5f5fc;hp=b29ad062da85d8eb4eb4601323a1a12552cb8ba6;hpb=ce6ee3b80a97a6de84431bc8272c10accf9150bb;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index b29ad06..4087be8 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -114,41 +114,67 @@
sslServerKey = "/var/lib/acme/${domain}/key.pem";
sslServerChain = "/var/lib/acme/${domain}/fullchain.pem";
};
+ apacheConfig = {
+ gzip = {
+ modules = [ "deflate" "filter" ];
+ extraConfig = ''
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
+ '';
+ };
+ ldap = {
+ modules = [ "ldap" "authnz_ldap" ];
+ extraConfig = assert mylibs.checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
+
+ LDAPSharedCacheSize 500000
+ LDAPCacheEntries 1024
+ LDAPCacheTTL 600
+ LDAPOpCacheEntries 1024
+ LDAPOpCacheTTL 600
+
+
+
+
+ AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu
+ AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
+ AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
+ AuthType Basic
+ AuthName "Authentification requise (Acces LDAP)"
+ AuthBasicProvider ldap
+
+
+ '';
+ };
+ };
in rec {
enable = true;
logPerVirtualHost = true;
multiProcessingModule = "worker";
adminAddr = "httpd@immae.eu";
# FIXME: http2
+ # FIXME: voir les autres modules:
+ # authz_core_module
+ # reqtimeout_module
+ # http2_module
+ # version_module
+ # proxy_connect_module
+ # proxy_ftp_module
+ # proxy_scgi_module
+ # proxy_ajp_module
+ # proxy_balancer_module
+ # proxy_express_module
+ # lbmethod_byrequests_module
+ # lbmethod_bytraffic_module
+ # lbmethod_bybusyness_module
+ # lbmethod_heartbeat_module
+
extraModules = pkgs.lib.lists.unique (
mypkgs.adminer.apache.modules ++
mypkgs.connexionswing_dev.apache.modules ++
mypkgs.connexionswing_prod.apache.modules ++
- [
- "macro"
- "ldap"
- "authnz_ldap"
- ]);
- extraConfig = assert mylibs.checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
-
- LDAPSharedCacheSize 500000
- LDAPCacheEntries 1024
- LDAPCacheTTL 600
- LDAPOpCacheEntries 1024
- LDAPOpCacheTTL 600
-
-
-
-
- AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu
- AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
- AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
- AuthType Basic
- AuthName "Authentification requise (Acces LDAP)"
- AuthBasicProvider ldap
-
-
- '';
+ pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
+ [ "macro" ]);
+ extraConfig = builtins.concatStringsSep "\n"
+ (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig) apacheConfig);
virtualHosts = [
(withSSL "eldiron" // {
listen = [ { ip = "*"; port = 443; } ];