X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmediagoblin.nix;fp=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmediagoblin.nix;h=0000000000000000000000000000000000000000;hb=4288c2f2431fb782b0d512b1b3749187f2374b6a;hp=eb56b3593972b5e6d15bdabf661b5f461776d160;hpb=f40f5b235b890f46770a22f005f8a0f664cf0562;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/nixops/modules/websites/tools/mediagoblin.nix b/nixops/modules/websites/tools/mediagoblin.nix
deleted file mode 100644
index eb56b35..0000000
--- a/nixops/modules/websites/tools/mediagoblin.nix
+++ /dev/null
@@ -1,122 +0,0 @@
-{ lib, pkgs, config, myconfig, ... }:
-let
- env = myconfig.env.tools.mediagoblin;
- cfg = config.services.myWebsites.tools.mediagoblin;
- mcfg = config.services.mediagoblin;
-in {
- options.services.myWebsites.tools.mediagoblin = {
- enable = lib.mkEnableOption "enable mediagoblin's website";
- };
-
- config = lib.mkIf cfg.enable {
- secrets.keys = [{
- dest = "webapps/tools-mediagoblin";
- user = "mediagoblin";
- group = "mediagoblin";
- permissions = "0400";
- text = ''
- [DEFAULT]
- data_basedir = "${mcfg.dataDir}"
-
- [mediagoblin]
- direct_remote_path = /mgoblin_static/
- email_sender_address = "mediagoblin@tools.immae.eu"
-
- #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db
- sql_engine = ${env.psql_url}
-
- email_debug_mode = false
- allow_registration = false
- allow_reporting = true
-
- theme = airymodified
-
- user_privilege_scheme = "uploader,commenter,reporter"
-
- # We need to redefine them here since we override data_basedir
- # cf /usr/share/webapps/mediagoblin/mediagoblin/config_spec.ini
- workbench_path = %(data_basedir)s/media/workbench
- crypto_path = %(data_basedir)s/crypto
- theme_install_dir = %(data_basedir)s/themes/
- theme_linked_assets_dir = %(data_basedir)s/theme_static/
- plugin_linked_assets_dir = %(data_basedir)s/plugin_static/
-
- [storage:queuestore]
- base_dir = %(data_basedir)s/media/queue
-
- [storage:publicstore]
- base_dir = %(data_basedir)s/media/public
- base_url = /mgoblin_media/
-
- [celery]
- CELERY_RESULT_DBURI = ${env.redis_url}
- BROKER_URL = ${env.redis_url}
- CELERYD_CONCURRENCY = 1
-
- [plugins]
- [[mediagoblin.plugins.geolocation]]
- [[mediagoblin.plugins.ldap]]
- [[[immae.eu]]]
- LDAP_SERVER_URI = 'ldaps://ldap.immae.eu:636'
- LDAP_SEARCH_BASE = 'dc=immae,dc=eu'
- LDAP_BIND_DN = 'cn=mediagoblin,ou=services,dc=immae,dc=eu'
- LDAP_BIND_PW = '${env.ldap.password}'
- LDAP_SEARCH_FILTER = '(&(memberOf=cn=users,cn=mediagoblin,ou=services,dc=immae,dc=eu)(uid={username}))'
- EMAIL_SEARCH_FIELD = 'mail'
- [[mediagoblin.plugins.basicsearch]]
- [[mediagoblin.plugins.piwigo]]
- [[mediagoblin.plugins.processing_info]]
- [[mediagoblin.media_types.image]]
- [[mediagoblin.media_types.video]]
- '';
- }];
-
- users.users.mediagoblin.extraGroups = [ "keys" ];
-
- services.mediagoblin = {
- enable = true;
- plugins = builtins.attrValues pkgs.webapps.mediagoblin-plugins;
- configFile = "/var/secrets/webapps/tools-mediagoblin";
- };
-
- services.websites.tools.modules = [
- "proxy" "proxy_http"
- ];
- users.users.wwwrun.extraGroups = [ "mediagoblin" ];
- services.websites.tools.vhostConfs.mgoblin = {
- certName = "eldiron";
- addToCerts = true;
- hosts = ["mgoblin.immae.eu" ];
- root = null;
- extraConfig = [ ''
- Alias /mgoblin_media ${mcfg.dataDir}/media/public
-
- Options -Indexes +FollowSymLinks +MultiViews +Includes
- Require all granted
-
-
- Alias /theme_static ${mcfg.dataDir}/theme_static
-
- Options -Indexes +FollowSymLinks +MultiViews +Includes
- Require all granted
-
-
- Alias /plugin_static ${mcfg.dataDir}/plugin_static
-
- Options -Indexes +FollowSymLinks +MultiViews +Includes
- Require all granted
-
-
- ProxyPreserveHost on
- ProxyVia On
- ProxyRequests Off
- ProxyPass /mgoblin_media !
- ProxyPass /theme_static !
- ProxyPass /plugin_static !
- ProxyPassMatch ^/.well-known/acme-challenge !
- ProxyPass / unix://${mcfg.sockets.paster}|http://mgoblin.immae.eu/
- ProxyPassReverse / unix://${mcfg.sockets.paster}|http://mgoblin.immae.eu/
- '' ];
- };
- };
-}