X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fmastodon%2Fdefault.nix;h=3512cf177471048cf6a3a6cb8f4e27b60907aa18;hb=750fe5a43b957b91a26069cf8a4fe19fc7b2633c;hp=1a4b387c769a3cd55cf568afd7181dbbc4de1186;hpb=17f6eae9907a122d4472da727ae8b1ac1c40c027;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index 1a4b387..3512cf1 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -1,7 +1,7 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config,  ... }:
 let
-  env = myconfig.env.tools.mastodon;
-  root = "/run/current-system/webapps/tools_mastodon";
+  env = config.myEnv.tools.mastodon;
+  root = "${mcfg.workdir}/public/";
   cfg = config.myServices.websites.tools.mastodon;
   mcfg = config.services.mastodon;
 in {
@@ -10,8 +10,10 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    secrets.keys = [{
-      dest = "webapps/tools-mastodon";
+    services.duplyBackup.profiles.mastodon = {
+      rootDir = mcfg.dataDir;
+    };
+    secrets.keys."webapps/tools-mastodon" = {
       user = "mastodon";
       group = "mastodon";
       permissions = "0400";
@@ -47,19 +49,19 @@ in {
 
         # LDAP authentication (optional)
         LDAP_ENABLED=true
-        LDAP_HOST=ldap.immae.eu
+        LDAP_HOST=${env.ldap.host}
         LDAP_PORT=636
         LDAP_METHOD=simple_tls
-        LDAP_BASE="dc=immae,dc=eu"
-        LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
+        LDAP_BASE="${env.ldap.base}"
+        LDAP_BIND_DN="${env.ldap.dn}"
         LDAP_PASSWORD="${env.ldap.password}"
         LDAP_UID="uid"
-        LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
+        LDAP_SEARCH_FILTER="${env.ldap.filter}"
       '';
-    }];
+    };
     services.mastodon = {
       enable = true;
-      configFile = "/var/secrets/webapps/tools-mastodon";
+      configFile = config.secrets.fullPaths."webapps/tools-mastodon";
       socketsPrefix = "live_immae";
       dataDir = "/var/lib/mastodon_immae";
     };
@@ -77,14 +79,10 @@ in {
     };
 
 
-    services.websites.tools.modules = [
+    services.websites.env.tools.modules = [
       "headers" "proxy" "proxy_wstunnel" "proxy_http"
     ];
-    system.extraSystemBuilderCmds = ''
-      mkdir -p $out/webapps
-      ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
-      '';
-    services.websites.tools.vhostConfs.mastodon = {
+    services.websites.env.tools.vhostConfs.mastodon = {
       certName    = "eldiron";
       addToCerts  = true;
       hosts       = ["mastodon.immae.eu" ];