X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Fdefault.nix;h=3db1cfac325dd2479b3075ec1b8c7ae53b704082;hb=0eaac6ba283159841da70fdfd74cb0ef7c6203ab;hp=c439b8d8b4c8174b1a25f9ed0476312f4a5646f7;hpb=53b8fad90ea092a5ef958bd0cec50eeff9068538;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index c439b8d..3db1cfa 100644
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -16,6 +16,23 @@ let
documentRoot = vhostConf.root;
extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
};
+ nosslVhost = {
+ listen = [ { ip = cfg.ip; port = 80; } ];
+ hostName = "nossl.immae.eu";
+ enableSSL = false;
+ logFormat = "combinedVhost";
+ documentRoot = ../../www;
+ extraConfig = ''
+
+ DirectoryIndex nossl.html
+ AllowOverride None
+ Require all granted
+
+ RewriteEngine on
+ RewriteRule ^/(.+) / [L]
+
+ '';
+ };
redirectVhost = { # Should go last, catchall http -> https redirect
listen = [ { ip = cfg.ip; port = 80; } ];
hostName = "redirectSSL";
@@ -51,6 +68,7 @@ let
extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
virtualHosts = [ fallbackVhost ]
+ ++ lib.optionals (name == "tools") [ nosslVhost ]
++ (pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs)
++ [ redirectVhost ];
};
@@ -91,8 +109,15 @@ in
./piedsjaloux
./connexionswing
./tellesflorian
+ ./emilia
+ ./capitaines
./ftp/jerome.nix
./ftp/nassime.nix
+ ./ftp/florian.nix
+ ./ftp/denisejerome.nix
+ ./ftp/immae.nix
+ ./ftp/release.nix
+ ./ftp/temp.nix
./tools/db
./tools/tools
./tools/dav
@@ -102,6 +127,7 @@ in
./tools/mediagoblin
./tools/diaspora
./tools/ether
+ ./tools/peertube
# built using:
# sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
# Removed allGranted
@@ -183,6 +209,7 @@ in
services.myWebsites.tools.mediagoblin.enable = true;
services.myWebsites.tools.diaspora.enable = true;
services.myWebsites.tools.etherpad-lite.enable = true;
+ services.myWebsites.tools.peertube.enable = true;
services.myWebsites.Chloe.production.enable = cfg.production.enable;
services.myWebsites.Ludivine.production.enable = cfg.production.enable;
@@ -191,6 +218,13 @@ in
services.myWebsites.Connexionswing.production.enable = cfg.production.enable;
services.myWebsites.Jerome.production.enable = cfg.production.enable;
services.myWebsites.Nassime.production.enable = cfg.production.enable;
+ services.myWebsites.Florian.production.enable = cfg.production.enable;
+ services.myWebsites.DeniseJerome.production.enable = cfg.production.enable;
+ services.myWebsites.Emilia.production.enable = cfg.production.enable;
+ services.myWebsites.Capitaines.production.enable = cfg.production.enable;
+ services.myWebsites.Immae.production.enable = cfg.production.enable;
+ services.myWebsites.Release.production.enable = cfg.production.enable;
+ services.myWebsites.Temp.production.enable = cfg.production.enable;
services.myWebsites.Chloe.integration.enable = cfg.integration.enable;
services.myWebsites.Ludivine.integration.enable = cfg.integration.enable;
@@ -198,6 +232,7 @@ in
services.myWebsites.PiedsJaloux.integration.enable = cfg.integration.enable;
services.myWebsites.Connexionswing.integration.enable = cfg.integration.enable;
services.myWebsites.TellesFlorian.integration.enable = true;
+ services.myWebsites.Florian.integration.enable = true;
services.myWebsites.apacheConfig = {
gzip = {
@@ -209,6 +244,22 @@ in
macros = {
modules = [ "macro" ];
};
+ stats = {
+ extraConfig = ''
+
+ Alias /awstats /var/lib/goaccess/%{domain}
+
+ DirectoryIndex index.html
+ AllowOverride None
+ Require all granted
+
+
+ Use LDAPConnect
+ Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
+
+
+ '';
+ };
ldap = {
modules = [ "ldap" "authnz_ldap" ];
extraConfig = ''
@@ -230,20 +281,10 @@ in
AuthBasicProvider ldap
-
-
- Alias /awstats /var/lib/goaccess/%{domain}
-
- DirectoryIndex index.html
- AllowOverride None
- Require all granted
-
-
- Use LDAPConnect
- Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
-
-
-
+ '';
+ };
+ global = {
+ extraConfig = ''
ErrorDocument 500 /maintenance_immae.html
ErrorDocument 501 /maintenance_immae.html
ErrorDocument 502 /maintenance_immae.html
@@ -253,6 +294,94 @@ in
ProxyPass /maintenance_immae.html !
AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${../../www}/googleb6d69446ff4ca3e5.html
+
+ AllowOverride None
+ Require all granted
+
+ '';
+ };
+ apaxy = {
+ extraConfig = ''
+
+ Alias /theme ${./apache/theme}
+
+ Options -Indexes
+ AllowOverride None
+ Require all granted
+
+
+ # mod_autoindex
+
+ Options Indexes
+ AllowOverride None
+ Require all granted
+
+ # Inspired from Apaxy by @adamwhitcroft
+
+ IndexOptions +Charset=UTF-8 +FancyIndexing +IgnoreCase +FoldersFirst +XHTML +HTMLTable +SuppressRules +SuppressDescription +NameWidth=* +IconsAreLinks +ShowForbidden
+
+ IndexHeadInsert ""
+
+ IndexIgnoreReset ON
+ IndexIgnore /theme .htaccess %{ignored}
+
+ AddIcon /theme/icons/blank.png ^^BLANKICON^^
+ AddIcon /theme/icons/folder.png ^^DIRECTORY^^
+ AddIcon /theme/icons/folder-home.png ..
+
+ AddIconByType (TXT,/theme/icons/text.png) text/*
+ AddIconByType (IMG,/theme/icons/image.png) image/*
+ AddIconByType (SND,/theme/icons/audio.png) audio/*
+ AddIconByType (VID,/theme/icons/video.png) video/*
+
+ AddIcon /theme/icons/archive.png .7z .bz2 .cab .gz .tar
+ AddIcon /theme/icons/audio.png .aac .aif .aifc .aiff .ape .au .flac .iff .m4a .mid .mp3 .mpa .ra .wav .wma .f4a .f4b .oga .ogg .xm .it .s3m .mod
+ AddIcon /theme/icons/bin.png .bin .hex
+ AddIcon /theme/icons/bmp.png .bmp
+ AddIcon /theme/icons/c.png .c
+ AddIcon /theme/icons/calc.png .xlsx .xlsm .xltx .xltm .xlam .xlr .xls .csv
+ AddIcon /theme/icons/cd.png .iso
+ AddIcon /theme/icons/cpp.png .cpp
+ AddIcon /theme/icons/css.png .css .sass .scss
+ AddIcon /theme/icons/deb.png .deb
+ AddIcon /theme/icons/doc.png .doc .docx .docm .dot .dotx .dotm .log .msg .odt .pages .rtf .tex .wpd .wps
+ AddIcon /theme/icons/draw.png .svg .svgz
+ AddIcon /theme/icons/eps.png .ai .eps
+ AddIcon /theme/icons/exe.png .exe
+ AddIcon /theme/icons/gif.png .gif
+ AddIcon /theme/icons/h.png .h
+ AddIcon /theme/icons/html.png .html .xhtml .shtml .htm .URL .url
+ AddIcon /theme/icons/ico.png .ico
+ AddIcon /theme/icons/java.png .jar
+ AddIcon /theme/icons/jpg.png .jpg .jpeg .jpe
+ AddIcon /theme/icons/js.png .js .json
+ AddIcon /theme/icons/markdown.png .md
+ AddIcon /theme/icons/package.png .pkg .dmg
+ AddIcon /theme/icons/pdf.png .pdf
+ AddIcon /theme/icons/php.png .php .phtml
+ AddIcon /theme/icons/playlist.png .m3u .m3u8 .pls .pls8
+ AddIcon /theme/icons/png.png .png
+ AddIcon /theme/icons/ps.png .ps
+ AddIcon /theme/icons/psd.png .psd
+ AddIcon /theme/icons/py.png .py
+ AddIcon /theme/icons/rar.png .rar
+ AddIcon /theme/icons/rb.png .rb
+ AddIcon /theme/icons/rpm.png .rpm
+ AddIcon /theme/icons/rss.png .rss
+ AddIcon /theme/icons/script.png .bat .cmd .sh
+ AddIcon /theme/icons/sql.png .sql
+ AddIcon /theme/icons/tiff.png .tiff .tif
+ AddIcon /theme/icons/text.png .txt .nfo
+ AddIcon /theme/icons/video.png .asf .asx .avi .flv .mkv .mov .mp4 .mpg .rm .srt .swf .vob .wmv .m4v .f4v .f4p .ogv
+ AddIcon /theme/icons/xml.png .xml
+ AddIcon /theme/icons/zip.png .zip
+ DefaultIcon /theme/icons/default.png
+
+ HeaderName /theme/header.html
+ ReadmeName /theme/footer.html
+ IndexStyleSheet /theme/style.css
+
+
'';
};
http2 = {
@@ -282,6 +411,7 @@ in
phpPackage = pkgs.php;
phpOptions = ''
session.save_path = "/var/lib/php/sessions"
+ post_max_size = 20M
session.gc_maxlifetime = 60*60*24*15
session.cache_expire = 60*24*30
'';