X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=virtual%2Feldiron.nix;h=5dafe6e60b78a70482ac51605a4653299359763f;hb=3013caf18db83d43a1703b1a74cb484f70bab3a8;hp=acd2cbd3a410e2cf678585a86456354167c3891e;hpb=4d4f13f4a8e7df6480da895d80d487c891441745;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index acd2cbd..5dafe6e 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -17,13 +17,29 @@
     };
 
     imports = [
+      ./modules/certificates.nix
       ./modules/gitolite.nix
       ./modules/gitweb.nix
       ./modules/databases.nix
+      ./modules/websites/chloe.nix
+      ./modules/websites/ludivine.nix
+      ./modules/websites/aten.nix
+      ./modules/websites/piedsjaloux.nix
+      ./modules/websites/connexionswing.nix
     ];
     services.myGitolite.enable = true;
     services.myGitweb.enable = true;
     services.myDatabases.enable = true;
+    services.myWebsites.Chloe.production.enable = true;
+    services.myWebsites.Chloe.integration.enable = true;
+    services.myWebsites.Ludivine.production.enable = true;
+    services.myWebsites.Ludivine.integration.enable = true;
+    services.myWebsites.Aten.production.enable = true;
+    services.myWebsites.Aten.integration.enable = true;
+    services.myWebsites.PiedsJaloux.production.enable = true;
+    services.myWebsites.PiedsJaloux.integration.enable = true;
+    services.myWebsites.Connexionswing.production.enable = true;
+    services.myWebsites.Connexionswing.integration.enable = true;
 
     nixpkgs.config.packageOverrides = oldpkgs: rec {
       goaccess = oldpkgs.goaccess.overrideAttrs(old: rec {
@@ -84,95 +100,11 @@
       occ
     ];
 
-    # FIXME: doesn't work with httpd?
-    security.acme.preliminarySelfsigned = true;
-    security.acme.certs = {
-      # FIXME: /!\ To create a new certificate, create it before using
-      # it in httpd
-      "eldiron" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "eldiron.immae.eu";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        allowKeysForGroup = true;
-        extraDomains = {
-          "db-1.immae.eu" = null;
-          "tools.immae.eu" = null;
-          "connexionswing.immae.eu" = null;
-          "sandetludo.immae.eu" = null;
-          "cloud.immae.eu" = null;
-          "ludivine.immae.eu" = null;
-          "dev.aten.pro" = null;
-          "piedsjaloux.immae.eu" = null;
-          "chloe.immae.eu" = null;
-          "dav.immae.eu" = null;
-        };
-      };
-      "ludivinecassal" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "ludivinecassal.com";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        extraDomains = {
-          "www.ludivinecassal.com" = null;
-        };
-      };
-      "aten" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "aten.pro";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        extraDomains = {
-          "www.aten.pro" = null;
-        };
-      };
-      "piedsjaloux" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "piedsjaloux.fr";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        extraDomains = {
-          "www.piedsjaloux.fr" = null;
-        };
-      };
-      "chloe" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "osteopathe-cc.fr";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        extraDomains = {
-          "www.osteopathe-cc.fr" = null;
-        };
-      };
-      "connexionswing" = {
-        webroot = "/var/lib/acme/acme-challenge";
-        email = "ismael@bouya.org";
-        domain = "connexionswing.com";
-        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
-        postRun = ''
-          systemctl reload httpd.service
-        '';
-        extraDomains = {
-          "www.connexionswing.com" = null;
-          "sandetludo.com" = null;
-          "www.sandetludo.com" = null;
-        };
-      };
+    security.acme.certs."eldiron".extraDomains = {
+      "db-1.immae.eu" = null;
+      "tools.immae.eu" = null;
+      "cloud.immae.eu" = null;
+      "dav.immae.eu" = null;
     };
 
     services.openssh.extraConfig = ''