X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fdiaspora%2Fdiaspora.nix;fp=nixops%2Fmodules%2Fwebsites%2Ftools%2Fdiaspora%2Fdiaspora.nix;h=0000000000000000000000000000000000000000;hb=3bb8a82ab2d07c82682885ee6f8f08ad8170ebc0;hp=01aac89e4339e33f7168c8522eb6925473ab46ff;hpb=452c23140ea93ce301e7fafdc37d28009bd6f613;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/tools/diaspora/diaspora.nix b/nixops/modules/websites/tools/diaspora/diaspora.nix deleted file mode 100644 index 01aac89..0000000 --- a/nixops/modules/websites/tools/diaspora/diaspora.nix +++ /dev/null @@ -1,187 +0,0 @@ -{ env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }: -let - varDir = "/var/lib/diaspora_immae"; - socketsDir = "/run/diaspora"; - diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec { - buildPhase = '' - patch -p1 < ${./ldap.patch} - # FIXME: bundlerEnv below doesn't take postgresql group for some - # reason - echo 'gem "pg", "1.1.3"' >> Gemfile - ''; - installPhase = '' - cp -a . $out - ''; - }); - gems = bundlerEnv { - name = "diaspora-env"; - # https://git.immae.eu/mantisbt/view.php?id=131 - ruby = ruby_2_4.overrideAttrs(old: { - postInstall = builtins.replaceStrings [" --destdir $GEM_HOME"] [""] old.postInstall; - }); - gemfile = "${diaspora}/Gemfile"; - lockfile = "${diaspora}/Gemfile.lock"; - gemset = ./gemset.nix; - groups = [ "postgresql" "default" "production" ]; - gemConfig = defaultGemConfig // { - kostya-sigar = attrs: { - buildInputs = [ pkgs.perl ]; - }; - }; - }; - keys = { - secret_token = { - dest = "webapps/tools-diaspora-secret_token"; - user = "diaspora"; - group = "diaspora"; - permissions = "0400"; - text = '' - Diaspora::Application.config.secret_key_base = '${env.secret_token}' - ''; - }; - config = { - dest = "webapps/tools-diaspora-config"; - user = "diaspora"; - group = "diaspora"; - permissions = "0400"; - text = '' - configuration: - environment: - url: "https://diaspora.immae.eu/" - certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt' - redis: '${env.redis_url}' - sidekiq: - s3: - assets: - logging: - logrotate: - debug: - server: - listen: '${socketsDir}/diaspora.sock' - rails_environment: 'production' - chat: - server: - bosh: - log: - map: - mapbox: - privacy: - piwik: - statistics: - camo: - settings: - enable_registrations: false - welcome_message: - invitations: - open: false - paypal_donations: - community_spotlight: - captcha: - enable: false - terms: - maintenance: - remove_old_users: - default_metas: - csp: - services: - twitter: - tumblr: - wordpress: - mail: - enable: true - sender_address: 'diaspora@tools.immae.eu' - method: 'sendmail' - smtp: - sendmail: - location: '/run/wrappers/bin/sendmail' - admins: - account: "ismael" - podmin_email: 'diaspora@tools.immae.eu' - relay: - outbound: - inbound: - ldap: - enable: true - host: ldap.immae.eu - port: 636 - only_ldap: true - mail_attribute: mail - skip_email_confirmation: true - use_bind_dn: true - bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu" - bind_pw: "${env.ldap.password}" - search_base: "dc=immae,dc=eu" - search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))" - production: - environment: - development: - environment: - ''; - }; - database = { - dest = "webapps/tools-diaspora-database_config"; - user = "diaspora"; - group = "diaspora"; - permissions = "0400"; - text = '' - postgresql: &postgresql - adapter: postgresql - host: "${env.postgresql.socket}" - port: "${env.postgresql.port}" - username: "${env.postgresql.user}" - password: "${env.postgresql.password}" - encoding: unicode - common: &common - <<: *postgresql - combined: &combined - <<: *common - development: - <<: *combined - database: diaspora_development - production: - <<: *combined - database: ${env.postgresql.database} - test: - <<: *combined - database: "diaspora_test" - integration1: - <<: *combined - database: diaspora_integration1 - integration2: - <<: *combined - database: diaspora_integration2 - ''; - }; - }; - railsRoot = stdenv.mkDerivation { - name = "diaspora_immae"; - inherit diaspora; - # FIXME: build machine will contain some passwords in the nix store - builder = writeText "build_diaspora_immae" '' - source $stdenv/setup - cp -a $diaspora $out - cd $out - chmod -R u+rwX . - tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru} - ln -s ${writeText "database.yml" keys.database.text} config/database.yml - ln -s ${writeText "diaspora.yml" keys.config.text} config/diaspora.yml - ln -s ${writeText "secret_token.rb" keys.secret_token.text} config/initializers/secret_token.rb - ln -sf ${varDir}/schedule.yml config/schedule.yml - ln -sf ${varDir}/oidc_key.pem config/oidc_key.pem - ln -sf ${varDir}/uploads public/uploads - RAILS_ENV=production ${gems}/bin/rake assets:precompile - ln -sf /var/secrets/webapps/tools-diaspora-database_config config/database.yml - ln -sf /var/secrets/webapps/tools-diaspora-config config/diaspora.yml - ln -sf /var/secrets/webapps/tools-diaspora-secret_token config/initializers/secret_token.rb - rm -rf tmp log - ln -sf ${varDir}/tmp tmp - ln -sf ${varDir}/log log - ''; - propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ]; - }; -in - { - inherit railsRoot varDir socketsDir gems; - keys = builtins.attrValues keys; - railsSocket = "${socketsDir}/diaspora.sock"; - }