X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fenvironment.nix;h=7b13870d578d948c90357da63a54da0eb4810634;hb=bc0f9fcf0d366e10c0046390e516e11d5b76b2f8;hp=193e95cf81d8cd64b9e0731af9755b617b033e74;hpb=4c42e0beb65d2a92e988a81aa12f50aa6bd1f820;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/environment.nix b/modules/private/environment.nix index 193e95c..7b13870 100644 --- a/modules/private/environment.nix +++ b/modules/private/environment.nix @@ -169,9 +169,10 @@ let type = attrsOf (submodule { options = { ip4 = mkOption { - type = str; + type = listOf str; + default = []; description = '' - ip4 address of the host + ip4 addresses of the host ''; }; ip6 = mkOption { @@ -228,6 +229,7 @@ in ''; type = submodule { options = { + rootKeys = mkOption { type = attrsOf str; description = "Keys of root users"; }; ldap = mkOption { description = '' LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn @@ -384,6 +386,16 @@ in }; type = attrsOf (attrsOf (listOf str)); }; + keys = mkOption { + default = {}; + description = "DNS keys"; + type = attrsOf (submodule { + options = { + algorithm = mkOption { type = str; description = "Algorithm"; }; + secret = mkOption { type = str; description = "Secret"; }; + }; + }); + }; slaveZones = mkOption { description = "List of slave zones"; type = listOf (submodule { @@ -393,6 +405,11 @@ in description = "NS master groups of this zone"; type = listOf str; }; + keys = mkOption { + default = []; + description = "Keys associated to the server"; + type = listOf str; + }; }; }); }; @@ -401,6 +418,7 @@ in type = listOf (submodule { options = { name = mkOption { type = str; description = "zone name"; }; + withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; }; slaves = mkOption { description = "NS slave groups of this zone"; type = listOf str; @@ -462,6 +480,31 @@ in }; }; }; + zrepl_backup = mkOption { + type = submodule { + options = { + ssh_key = mkOption { + description = "SSH key information"; + type = submodule { + options = { + public = mkOption { type = str; description = "Public part of the key"; }; + private = mkOption { type = lines; description = "Private part of the key"; }; + }; + }; + }; + mysql = mkMysqlOptions "Zrepl" {}; + certs = mkOption { + description = "Certificates"; + type = attrsOf (submodule { + options = { + key = mkOption { type = str; description = "Key"; }; + certificate = mkOption { type = str; description = "Certificate"; }; + }; + }); + }; + }; + }; + }; rsync_backup = mkOption { description ='' Rsync backup configuration from controlled host @@ -545,6 +588,8 @@ in nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; }; slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; }; slack_channel = mkOption { type = str; description = "Slack channel to push status update"; }; + netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; }; + netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; }; contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; }; email_check = mkOption { description = "Emails services to check"; @@ -577,7 +622,10 @@ in description = "FTP configuration"; type = submodule { options = { - ldap = mkLdapOptions "FTP" {}; + ldap = mkLdapOptions "FTP" { + proftpd_filter = mkOption { type = str; description = "Filter for proftpd listing in LDAP"; }; + pure-ftpd_filter = mkOption { type = str; description = "Filter for pure-ftpd listing in LDAP"; }; + }; }; }; }; @@ -757,10 +805,28 @@ in }; }; }; + coturn = mkOption { + description = "Coturn configuration"; + type = submodule { + options = { + auth_access_key = mkOption { type = str; description = "key to access coturn"; }; + }; + }; + }; buildbot = mkOption { description = "Buildbot configuration"; type = submodule { options = { + ssh_key = mkOption { + description = "SSH key information"; + type = submodule { + options = { + public = mkOption { type = str; description = "Public part of the key"; }; + private = mkOption { type = lines; description = "Private part of the key"; }; + }; + }; + }; + workerPassword = mkOption { description = "Buildbot worker password"; type = str; }; user = mkOption { description = "Buildbot user"; type = submodule { @@ -800,26 +866,18 @@ in Takes pkgs as argument. ''; }; - pythonPackages = mkOption { - type = unspecified; - example = literalExample '' - p: pkgs: [ pkgs.python3Packages.pip ]; - ''; - description = '' - Function. - Builds python packages list to make available to buildbot project. - Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list. - ''; - }; pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; }; + workerPort = mkOption { type = port; description = "Port for the worker"; }; secrets = mkOption { - type = attrsOf str; - description = "Secrets for the project to dump as files"; + #type = attrsOf (either str (functionTo str)); + type = attrsOf unspecified; + description = "Secrets for the project to dump as files. Might be a function that takes pkgs as argument"; }; environment = mkOption { - type = attrsOf str; + #type = attrsOf (either str (functionTo str)); + type = attrsOf unspecified; description = '' - Environment variables for the project. + Environment variables for the project. Might be a function that takes pkgs as argument. BUILDBOT_ is prefixed to the variable names ''; }; @@ -906,7 +964,6 @@ in adminPassword = mkOption { type = str; description = "Admin password for mypads / admin"; }; session_key = mkOption { type = str; description = "Session key"; }; api_key = mkOption { type = str; description = "API key"; }; - redirects = mkOption { type = str; description = "Redirects for apache"; }; }; }; }; @@ -915,6 +972,15 @@ in type = submodule { options = { ldap = mkLdapOptions "Gitolite" {}; + ssh_key = mkOption { + description = "SSH key information"; + type = submodule { + options = { + public = mkOption { type = str; description = "Public part of the key"; }; + private = mkOption { type = lines; description = "Private part of the key"; }; + }; + }; + }; }; }; }; @@ -1108,7 +1174,6 @@ in options = { report_uri = mkOption { type = str; description = "URI to report CSP violations to"; }; policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; }; - postgresql = mkPsqlOptions "CSP reports"; }; }; }; @@ -1122,6 +1187,16 @@ in }; }; }; + cryptpad = mkOption { + description = "Cryptpad configuration"; + type = attrsOf (submodule { + options = { + email = mkOption { type = str; description = "Admin e-mail"; }; + admins = mkOption { type = listOf str; description = "Instance admin public keys"; }; + port = mkOption { type = port; description = "Port to listen to"; }; + }; + }); + }; ympd = mkOption { description = "Ympd configuration"; type = submodule { @@ -1140,6 +1215,16 @@ in }; }; }; + umami = mkOption { + description = "Umami configuration"; + type = submodule { + options = { + listenPort = mkOption { type = port; description = "Port to listen to"; }; + postgresql = mkPsqlOptions "Umami"; + hashSalt = mkOption { type = str; description = "Hash salt"; }; + }; + }; + }; yourls = mkOption { description = "Yourls configuration"; type = submodule { @@ -1153,10 +1238,28 @@ in }; }; }; + serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; }; websites = mkOption { description = "Websites configurations"; type = submodule { options = { + christophe_carpentier = mkOption { + description = "Christophe Carpentier configuration by environment"; + type = submodule { + options = { + agorakit = mkOption { + description = "Agorakit configuration"; + type = submodule { + options = { + mysql = mkMysqlOptions "Agorakit" {}; + smtp = mkSmtpOptions "Agorakit"; + appkey = mkOption { type = str; description = "App key"; }; + }; + }; + }; + }; + }; + }; immae = mkOption { description = "Immae configuration by environment"; type = submodule { @@ -1225,6 +1328,16 @@ in options = { production = chloeSubmodule; integration = chloeSubmodule; + new = mkOption { + description = "environment configuration"; + type = submodule { + options = { + mysql = mkMysqlOptions "ChloeNew" {}; + ldap = mkLdapOptions "ChloeNew" {}; + secret = mkOption { type = str; description = "Symfony App secret"; }; + }; + }; + }; }; }; }; @@ -1291,6 +1404,35 @@ in }; }; }; + nicecoop = mkOption { + description = "Nicecoop configuration"; + type = submodule { + options = { + odoo = { + port = mkOption { description = "Port to listen to"; type = port; }; + longpoll_port = mkOption { description = "Port to listen to"; type = port; }; + postgresql = mkPsqlOptions "Odoo"; + admin_password = mkOption { type = str; description = "Admin password"; }; + }; + gestion-compte = { + smtp = mkSmtpOptions "GestionCompte"; + mysql = mkMysqlOptions "gestion-compte" {}; + secret = mkOption { type = str; description = "Application secret"; }; + adminpassword = mkOption { type = str; description = "Admin password"; }; + }; + gestion-compte-integration = { + smtp = mkSmtpOptions "GestionCompte"; + mysql = mkMysqlOptions "gestion-compte" {}; + secret = mkOption { type = str; description = "Application secret"; }; + adminpassword = mkOption { type = str; description = "Admin password"; }; + }; + copanier = { + smtp = mkSmtpOptions "Copanier"; + staff = mkOption { type = listOf str; description = "List of staff members"; }; + }; + }; + }; + }; emilia = mkOption { description = "Emilia configuration"; type = submodule { @@ -1354,6 +1496,21 @@ in }; }; }; + caldance = mkOption { + description = "Caldance configurations by environment"; + type = submodule { + options = { + integration = mkOption { + description = "environment configuration"; + type = submodule { + options = { + password = mkOption { type = str; description = "Password file content for basic auth"; }; + }; + }; + }; + }; + }; + }; tellesflorian = mkOption { description = "Tellesflorian configurations by environment"; type = @@ -1379,13 +1536,6 @@ in }; }; }; - - privateFiles = mkOption { - type = path; - description = '' - Path to secret files to make available during build - ''; - }; }; options.hostEnv = mkOption { readOnly = true;