X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fenvironment.nix;h=9cd591ef081585b874013af41dd3c37c5fe66b90;hb=c41d0de83b1841097c6be8d8baeed557b065657b;hp=3a805c601b7693cf87f3f68ab95e5dfc96bd1180;hpb=a97118c489a59d723538292214efaa10dfcb96df;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/environment.nix b/modules/private/environment.nix index 3a805c6..9cd591e 100644 --- a/modules/private/environment.nix +++ b/modules/private/environment.nix @@ -401,6 +401,7 @@ in type = listOf (submodule { options = { name = mkOption { type = str; description = "zone name"; }; + withCAA = mkOption { type = nullOr str; description = "CAA entry"; default = null; }; slaves = mkOption { description = "NS slave groups of this zone"; type = listOf str; @@ -441,9 +442,40 @@ in type = submodule { options = { password = mkOption { type = str; description = "Password for encrypting files"; }; - remote = mkOption { type = str; description = "Remote url access"; }; - accessKeyId = mkOption { type = str; description = "Remote access-key"; }; - secretAccessKey = mkOption { type = str; description = "Remote access secret"; }; + remotes = mkOption { + type = attrsOf (submodule { + options = { + remote = mkOption { + type = unspecified; + example = literalExample '' + bucket: "s3://some_host/${bucket}"; + ''; + description = '' + Function. + Takes a bucket name as argument and returns a url + ''; + }; + accessKeyId = mkOption { type = str; description = "Remote access-key"; }; + secretAccessKey = mkOption { type = str; description = "Remote access secret"; }; + }; + }); + }; + }; + }; + }; + zrepl_backup = mkOption { + type = submodule { + options = { + ssh_key = mkOption { + description = "SSH key information"; + type = submodule { + options = { + public = mkOption { type = str; description = "Public part of the key"; }; + private = mkOption { type = lines; description = "Private part of the key"; }; + }; + }; + }; + mysql = mkMysqlOptions "Zrepl" {}; }; }; }; @@ -527,9 +559,20 @@ in }; }; }; + eban = mkOption { + description = "Eban credentials for webhook"; + type = submodule { + options = { + user = mkOption { type = str; description = "User"; }; + password = mkOption { type = str; description = "Password"; }; + }; + }; + }; nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; }; slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; }; slack_channel = mkOption { type = str; description = "Slack channel to push status update"; }; + netdata_aggregator = mkOption { type = str; description = "Url where netdata information should be sent"; }; + netdata_keys = mkOption { type = attrsOf str; description = "netdata host keys"; }; contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; }; email_check = mkOption { description = "Emails services to check"; @@ -841,6 +884,16 @@ in type = submodule { options = { contact = mkOption { type = str; description = "Contact e-mail address"; }; + assets = mkOption { + default = {}; + type = attrsOf (submodule { + options = { + url = mkOption { type = str; description = "URL to fetch"; }; + sha256 = mkOption { type = str; description = "Hash of the url"; }; + }; + }); + description = "Assets to provide on assets.immae.eu"; + }; davical = mkOption { description = "Davical configuration"; type = submodule { @@ -1077,6 +1130,16 @@ in type = attrsOf str; description = "Mapping 'name'.php => script for webhooks"; }; + csp_reports = mkOption { + description = "CSP report configuration"; + type = submodule { + options = { + report_uri = mkOption { type = str; description = "URI to report CSP violations to"; }; + policies = mkOption { type = attrsOf str; description = "CSP policies to apply"; }; + postgresql = mkPsqlOptions "CSP reports"; + }; + }; + }; commento = mkOption { description = "Commento configuration"; type = submodule { @@ -1118,6 +1181,7 @@ in }; }; }; + serverSpecific = mkOption { type = attrsOf unspecified; description = "Server specific configuration"; }; websites = mkOption { description = "Websites configurations"; type = submodule { @@ -1319,6 +1383,21 @@ in }; }; }; + caldance = mkOption { + description = "Caldance configurations by environment"; + type = submodule { + options = { + integration = mkOption { + description = "environment configuration"; + type = submodule { + options = { + password = mkOption { type = str; description = "Password file content for basic auth"; }; + }; + }; + }; + }; + }; + }; tellesflorian = mkOption { description = "Tellesflorian configurations by environment"; type =