X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmediagoblin%2Fdefault.nix;h=9b058beae04fa7f7c20b28837f850d66b9c3e8d6;hb=51900e3488284b0711083819a5ecb1b0f280a913;hp=90b115e1e3cddd11fb8d488010ac1c18f4954b8b;hpb=3b075825f1f2fc3578024454a8970e3797248209;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/nixops/modules/websites/tools/mediagoblin/default.nix b/nixops/modules/websites/tools/mediagoblin/default.nix
index 90b115e..9b058be 100644
--- a/nixops/modules/websites/tools/mediagoblin/default.nix
+++ b/nixops/modules/websites/tools/mediagoblin/default.nix
@@ -12,6 +12,7 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    deployment.keys = mediagoblin.keys;
     ids.uids.mediagoblin = myconfig.env.tools.mediagoblin.user.uid;
     ids.gids.mediagoblin = myconfig.env.tools.mediagoblin.user.gid;
 
@@ -22,6 +23,7 @@ in {
       description = "Mediagoblin user";
       home = mediagoblin.varDir;
       useDefaultShell = true;
+      extraGroups = [ "keys" ];
     };
 
     users.groups.mediagoblin.gid = config.ids.gids.mediagoblin;
@@ -29,7 +31,8 @@ in {
     systemd.services.mediagoblin-web = {
       description = "Mediagoblin service";
       wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
+      after = [ "network.target" "tools-mediagoblin-key.service" ];
+      wants = [ "postgresql.service" "redis.service" "tools-mediagoblin-key.service" ];
 
       environment.SCRIPT_NAME = "/mediagoblin/";
 
@@ -101,8 +104,7 @@ in {
     };
 
     services.myWebsites.tools.modules = [
-      "proxy" "proxy_http" "proxy_balancer"
-      "lbmethod_byrequests" "lbmethod_bytraffic" "lbmethod_bybusyness" "lbmethod_heartbeat"
+      "proxy" "proxy_http"
     ];
     users.users.wwwrun.extraGroups = [ "mediagoblin" ];
     security.acme.certs."eldiron".extraDomains."mgoblin.immae.eu" = null;
@@ -136,11 +138,8 @@ in {
         ProxyPass /theme_static !
         ProxyPass /plugin_static !
         ProxyPassMatch ^/.well-known/acme-challenge !
-        ProxyPass / balancer://paster_server/
-        ProxyPassReverse / balancer://paster_server
-        <Proxy balancer://paster_server>
-          BalancerMember unix://${mediagoblin.socketsDir}/mediagoblin.sock|http://
-        </Proxy>
+        ProxyPass / unix://${mediagoblin.socketsDir}/mediagoblin.sock|http://mgoblin.immae.eu/
+        ProxyPassReverse / unix://${mediagoblin.socketsDir}/mediagoblin.sock|http://mgoblin.immae.eu/
       '' ];
     };
   };