X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmediagoblin%2Fmediagoblin.nix;h=bc423db19ef37f272758aa107dc1ca384654fa08;hb=7da817e32f5e285f5fe09726f6031d8c6d4c74ea;hp=cad6225166a32a4859c24bf9e00f911f502f69dc;hpb=01f21083a897b86bf148f1d2bb9c8edca4d3786a;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/tools/mediagoblin/mediagoblin.nix b/nixops/modules/websites/tools/mediagoblin/mediagoblin.nix index cad6225..bc423db 100644 --- a/nixops/modules/websites/tools/mediagoblin/mediagoblin.nix +++ b/nixops/modules/websites/tools/mediagoblin/mediagoblin.nix @@ -1,4 +1,4 @@ -{ env, makeWrapper, stdenv, writeText, fetchurl, buildBowerComponents, fetchedGit, fetchedGithub, which, python3, pkgs, automake, autoconf, nodejs, nodePackages, git, cacert }: +{ env, makeWrapper, stdenv, writeText, fetchurl, buildBowerComponents, fetchedGit, fetchedGithub, which, python36, pkgs, automake, autoconf, nodejs, nodePackages, git, cacert }: let plugins = { basicsearch = stdenv.mkDerivation (fetchedGithub ./mediagoblin-plugin-basicsearch.json // rec { @@ -68,11 +68,11 @@ let url = "mirror://pypi/P/PasteScript/${name}.tar.gz"; sha256 = "1h3nnhn45kf4pbcv669ik4faw04j58k8vbj1hwrc532k0nc28gy0"; }; - propagatedBuildInputs = with self; [ six paste PasteDeploy argparse ]; + propagatedBuildInputs = with self; [ six paste PasteDeploy ]; }); }; in - python3.override { inherit packageOverrides; }; + python36.override { inherit packageOverrides; }; pythonEnv = python-pkgs: with python-pkgs; [ waitress alembic dateutil wtforms pybcrypt pytest pytest_xdist werkzeug celery @@ -80,7 +80,7 @@ let sqlalchemy itsdangerous pytz sphinx six oauthlib unidecode jsonschema PasteDeploy requests PyLD exifread - typing pasteScript + typing pasteScript lxml # For images plugin pillow # For video plugin @@ -190,61 +190,67 @@ in url_scheme = https ''; - mediagoblin_local = writeText "mediagoblin_local.ini" '' - [DEFAULT] - data_basedir = "${varDir}" + keys = [{ + dest = "webapps/tools-mediagoblin"; + user = "mediagoblin"; + group = "mediagoblin"; + permissions = "0400"; + text = '' + [DEFAULT] + data_basedir = "${varDir}" - [mediagoblin] - direct_remote_path = /mgoblin_static/ - email_sender_address = "mediagoblin@mail.immae.eu" + [mediagoblin] + direct_remote_path = /mgoblin_static/ + email_sender_address = "mediagoblin@tools.immae.eu" - #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db - sql_engine = ${env.psql_url} + #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db + sql_engine = ${env.psql_url} - email_debug_mode = false - allow_registration = false - allow_reporting = true + email_debug_mode = false + allow_registration = false + allow_reporting = true - theme = airymodified + theme = airymodified - user_privilege_scheme = "uploader,commenter,reporter" + user_privilege_scheme = "uploader,commenter,reporter" - # We need to redefine them here since we override data_basedir - # cf /usr/share/webapps/mediagoblin/mediagoblin/config_spec.ini - workbench_path = %(data_basedir)s/media/workbench - crypto_path = %(data_basedir)s/crypto - theme_install_dir = %(data_basedir)s/themes/ - theme_linked_assets_dir = %(data_basedir)s/theme_static/ - plugin_linked_assets_dir = %(data_basedir)s/plugin_static/ + # We need to redefine them here since we override data_basedir + # cf /usr/share/webapps/mediagoblin/mediagoblin/config_spec.ini + workbench_path = %(data_basedir)s/media/workbench + crypto_path = %(data_basedir)s/crypto + theme_install_dir = %(data_basedir)s/themes/ + theme_linked_assets_dir = %(data_basedir)s/theme_static/ + plugin_linked_assets_dir = %(data_basedir)s/plugin_static/ - [storage:queuestore] - base_dir = %(data_basedir)s/media/queue + [storage:queuestore] + base_dir = %(data_basedir)s/media/queue - [storage:publicstore] - base_dir = %(data_basedir)s/media/public - base_url = /mgoblin_media/ + [storage:publicstore] + base_dir = %(data_basedir)s/media/public + base_url = /mgoblin_media/ - [celery] - CELERY_RESULT_DBURI = ${env.redis_url} - BROKER_URL = ${env.redis_url} - CELERYD_CONCURRENCY = 1 + [celery] + CELERY_RESULT_DBURI = ${env.redis_url} + BROKER_URL = ${env.redis_url} + CELERYD_CONCURRENCY = 1 - [plugins] - [[mediagoblin.plugins.geolocation]] - [[mediagoblin.plugins.ldap]] - [[[immae.eu]]] - LDAP_SERVER_URI = 'ldaps://ldap.immae.eu:636' - LDAP_SEARCH_BASE = 'dc=immae,dc=eu' - LDAP_BIND_DN = 'cn=mediagoblin,ou=services,dc=immae,dc=eu' - LDAP_BIND_PW = '${env.ldap.password}' - LDAP_SEARCH_FILTER = '(&(memberOf=cn=users,cn=mediagoblin,ou=services,dc=immae,dc=eu)(uid={username}))' - EMAIL_SEARCH_FIELD = 'mail' - [[mediagoblin.plugins.basicsearch]] - [[mediagoblin.plugins.piwigo]] - [[mediagoblin.plugins.processing_info]] - [[mediagoblin.media_types.image]] - [[mediagoblin.media_types.video]] - ''; + [plugins] + [[mediagoblin.plugins.geolocation]] + [[mediagoblin.plugins.ldap]] + [[[immae.eu]]] + LDAP_SERVER_URI = 'ldaps://ldap.immae.eu:636' + LDAP_SEARCH_BASE = 'dc=immae,dc=eu' + LDAP_BIND_DN = 'cn=mediagoblin,ou=services,dc=immae,dc=eu' + LDAP_BIND_PW = '${env.ldap.password}' + LDAP_SEARCH_FILTER = '(&(memberOf=cn=users,cn=mediagoblin,ou=services,dc=immae,dc=eu)(uid={username}))' + EMAIL_SEARCH_FIELD = 'mail' + [[mediagoblin.plugins.basicsearch]] + [[mediagoblin.plugins.piwigo]] + [[mediagoblin.plugins.processing_info]] + [[mediagoblin.media_types.image]] + [[mediagoblin.media_types.video]] + ''; + }]; pythonRoot = with pkgs.gst_all_1; stdenv.mkDerivation { @@ -281,8 +287,8 @@ in --prefix GI_TYPELIB_PATH : ${typelib_paths} find . -type f -exec sed -i "s|$mediagoblin|$out|g" {} \; ln -s ${paste_local} ./paste_local.ini - ln -s ${mediagoblin_local} ./mediagoblin_local.ini - ln -sf ../../../../../${varDir} ./user_dev + ln -s /var/secrets/webapps/tools-mediagoblin ./mediagoblin_local.ini + ln -sf ${varDir} ./user_dev ''; }; }