X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Fdefault.nix;h=e8193242b08e2c3980de7d0c026361051656b62a;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=f84567e8c8cf85c3b6519537e8f603daceb6a328;hpb=a97118c489a59d723538292214efaa10dfcb96df;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index f84567e..e819324 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix @@ -52,7 +52,7 @@ let LDAPOpCacheTTL 600 - Include /var/secrets/apache-ldap + Include ${config.secrets.fullPaths."apache-ldap"} ''; }; global = { @@ -89,6 +89,14 @@ let }; makeModules = lib.lists.flatten (lib.attrsets.mapAttrsToList (n: v: v.modules or []) apacheConfig); makeExtraConfig = (builtins.filter (x: x != null) (lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) apacheConfig)); + moomin = let + lines = lib.splitString "\n" (lib.fileContents ./moomin.txt); + pad = width: str: let + padWidth = width - lib.stringLength str; + padding = lib.concatStrings (lib.genList (lib.const "0") padWidth); + in lib.optionalString (padWidth > 0) padding + str; + in + lib.imap0 (i: e: ''Header always set "X-Moomin-${pad 2 (builtins.toString i)}" "${e}"'') lines; in { options.myServices.websites.enable = lib.mkEnableOption "enable websites"; @@ -96,12 +104,12 @@ in config = lib.mkIf config.myServices.websites.enable { services.duplyBackup.profiles.php = { rootDir = "/var/lib/php"; + remotes = [ "eriomem" "ovh" ]; }; users.users.wwwrun.extraGroups = [ "keys" ]; networking.firewall.allowedTCPPorts = [ 80 443 ]; - secrets.keys = [{ - dest = "apache-ldap"; + secrets.keys."apache-ldap" = { user = "wwwrun"; group = "wwwrun"; permissions = "0400"; @@ -117,7 +125,7 @@ in ''; - }]; + }; system.activationScripts = { httpd = '' @@ -140,9 +148,9 @@ in }; }; - services.filesWatcher.httpdProd.paths = [ "/var/secrets/apache-ldap" ]; - services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ]; - services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ]; + services.filesWatcher.httpdProd.paths = [ config.secrets.fullPaths."apache-ldap" ]; + services.filesWatcher.httpdInte.paths = [ config.secrets.fullPaths."apache-ldap" ]; + services.filesWatcher.httpdTools.paths = [ config.secrets.fullPaths."apache-ldap" ]; services.websites.env.production = { enable = true; @@ -169,7 +177,7 @@ in let ips = config.myEnv.servers.eldiron.ips.integration; in [ips.ip4] ++ (ips.ip6 or []); modules = makeModules; - extraConfig = makeExtraConfig; + extraConfig = makeExtraConfig ++ moomin; fallbackVhost = { certName = "eldiron"; hosts = ["eldiron.immae.eu" ]; @@ -213,6 +221,7 @@ in _theme = pkgs.webapps.apache-theme.theme; }; myServices.websites = { + bakeer.cloud.enable = true; capitaines.landing_pages.enable = true; chloe = { @@ -233,10 +242,15 @@ in evariste.enable = true; denisejerome.enable = true; oms.enable = true; + bingo.enable = true; + aventuriers.enable = true; production.enable = true; }; - emilia.moodle.enable = true; + emilia = { + moodle.enable = false; + atelierfringant.enable = true; + }; florian = { app.enable = true; @@ -267,26 +281,34 @@ in nassime.production.enable = true; - nathanael.villon.enable = true; + nath.villon.enable = true; papa = { surveillance.enable = true; maison_bbc.enable = true; }; + patrick_fodella.production.enable = true; + piedsjaloux = { integration.enable = true; production.enable = true; }; + ressourcerie_banon.production.enable = true; + ressourcerie_banon.cryptpad.enable = true; + ressourcerie_banon.cloud.enable = true; + richie.production.enable = true; syden.peertube.enable = true; telio_tortay.production.enable = true; + tools.assets.enable = true; tools.cloud.enable = true; tools.commento.enable = true; + tools.cryptpad.enable = true; tools.dav.enable = true; tools.db.enable = true; tools.diaspora.enable = true; @@ -298,8 +320,10 @@ in tools.performance.enable = true; tools.tools.enable = true; tools.email.enable = true; + tools.stats.enable = false; games.codenames.enable = true; + games.terraforming-mars.enable = true; }; }; }