X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=virtual%2Fmodules%2Fwebsites%2Fdefault.nix;h=06f51ff935752dd2d9a7c2926069c4c1c98bd52e;hb=6f4574e7b57043340a2a520c4bbeb17dde72e0ea;hp=5f92b8c2fe02f9d2aa87b5fbd503746fafbc0b62;hpb=56eba41617f405624330aa755fcbfc0af68cf64f;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/virtual/modules/websites/default.nix b/virtual/modules/websites/default.nix index 5f92b8c..06f51ff 100644 --- a/virtual/modules/websites/default.nix +++ b/virtual/modules/websites/default.nix @@ -1,8 +1,5 @@ { lib, pkgs, config, mylibs, myconfig, ... }: let - mypkgs = pkgs.callPackage ../../packages.nix { - inherit (mylibs) checkEnv fetchedGit fetchedGithub; - }; cfg = config.services.myWebsites; makeService = name: cfg: let toVhost = vhostConf: { @@ -83,6 +80,8 @@ let }); }; }; + makeModules = cfg: pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); + makeExtraConfig = cfg: (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); in { imports = [ @@ -99,6 +98,7 @@ in ./tools/git ./tools/mastodon ./tools/mediagoblin + ./tools/diaspora # built using: # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix # Removed allGranted @@ -166,6 +166,9 @@ in # ''; }); phpPackages = oldpkgs.php72Packages.override { inherit php; }; + composerEnv = import ./commons/composer-env.nix { + inherit (pkgs) stdenv writeTextFile fetchurl php unzip; + }; }; services.myWebsites.tools.databases.enable = true; @@ -175,6 +178,7 @@ in services.myWebsites.tools.git.enable = true; services.myWebsites.tools.mastodon.enable = true; services.myWebsites.tools.mediagoblin.enable = true; + services.myWebsites.tools.diaspora.enable = true; services.myWebsites.Chloe.production.enable = cfg.production.enable; services.myWebsites.Ludivine.production.enable = cfg.production.enable; @@ -201,8 +205,7 @@ in }; ldap = { modules = [ "ldap" "authnz_ldap" ]; - # FIXME: starttls - extraConfig = assert mylibs.checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; '' + extraConfig = '' LDAPSharedCacheSize 500000 LDAPCacheEntries 1024 @@ -215,7 +218,7 @@ in AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu STARTTLS AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu - AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}" + AuthLDAPBindPassword "${myconfig.env.httpd.ldap.password}" AuthType Basic AuthName "Authentification requise (Acces LDAP)" AuthBasicProvider ldap @@ -281,19 +284,17 @@ in ''; }; - # FIXME: logrotate - # FIXME: ipv6 services.httpdProd = makeService "production" config.services.myWebsites.production; - services.myWebsites.production.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); - services.myWebsites.production.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); + services.myWebsites.production.modules = makeModules cfg; + services.myWebsites.production.extraConfig = makeExtraConfig cfg; services.httpdInte = makeService "integration" config.services.myWebsites.integration; - services.myWebsites.integration.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); - services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); + services.myWebsites.integration.modules = makeModules cfg; + services.myWebsites.integration.extraConfig = makeExtraConfig cfg; services.httpdTools = makeService "tools" config.services.myWebsites.tools; - services.myWebsites.tools.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); - services.myWebsites.tools.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)) ++ + services.myWebsites.tools.modules = makeModules cfg; + services.myWebsites.tools.extraConfig = makeExtraConfig cfg ++ [ '' RedirectMatch ^/licen[cs]es?_et_tip(ping)?$ https://www.immae.eu/licences_et_tip.html RedirectMatch ^/licen[cs]es?_and_tip(ping)?$ https://www.immae.eu/licenses_and_tipping.html