X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Ftask%2Fdefault.nix;h=2001eaa7d1ed34e640d0f4c9c0047ee7d650f568;hb=cd85801d01ddadbe00f26f4f257621ee1cd81e4b;hp=cda2302b542705a5047aa397041fba536778f908;hpb=ea7bf00c5af841b6f3980cb8d957daec5e609422;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/task/default.nix b/nixops/modules/task/default.nix index cda2302..2001eaa 100644 --- a/nixops/modules/task/default.nix +++ b/nixops/modules/task/default.nix @@ -87,6 +87,21 @@ in { }; config = lib.mkIf cfg.enable { + deployment.keys.tools-taskwarrior-web = { + destDir = "/run/keys/webapps"; + user = "wwwrun"; + group = "wwwrun"; + permissions = "0400"; + text = '' + SetEnv TASKD_HOST "${fqdn}:${toString config.services.taskserver.listenPort}" + SetEnv TASKD_VARDIR "${vardir}" + SetEnv TASKD_LDAP_HOST "ldaps://${env.ldap.host}" + SetEnv TASKD_LDAP_DN "${env.ldap.dn}" + SetEnv TASKD_LDAP_PASSWORD "${env.ldap.password}" + SetEnv TASKD_LDAP_BASE "${env.ldap.base}" + SetEnv TASKD_LDAP_FILTER "${env.ldap.search}" + ''; + }; security.acme.certs."eldiron".extraDomains.${fqdn} = null; services.myWebsites.tools.modules = [ "proxy_fcgi" "sed" ]; services.myWebsites.tools.vhostConfs.task = { @@ -101,13 +116,7 @@ in { SetHandler "proxy:unix:/var/run/phpfpm/task.sock|fcgi://localhost" - SetEnv TASKD_HOST "${fqdn}:${toString config.services.taskserver.listenPort}" - SetEnv TASKD_VARDIR "${vardir}" - SetEnv TASKD_LDAP_HOST "ldaps://${env.ldap.host}" - SetEnv TASKD_LDAP_DN "${env.ldap.dn}" - SetEnv TASKD_LDAP_PASSWORD "${env.ldap.password}" - SetEnv TASKD_LDAP_BASE "${env.ldap.base}" - SetEnv TASKD_LDAP_FILTER "${env.ldap.search}" + Include /run/keys/webapps/tools-taskwarrior-web '' ''