./ftp/florian.nix
./ftp/denisejerome.nix
./ftp/leila.nix
+ ./ftp/papa.nix
./ftp/immae.nix
./ftp/release.nix
./ftp/temp.nix
services.myWebsites.Nassime.production.enable = cfg.production.enable;
services.myWebsites.Florian.production.enable = cfg.production.enable;
services.myWebsites.Leila.production.enable = cfg.production.enable;
+ services.myWebsites.Papa.production.enable = cfg.production.enable;
services.myWebsites.DeniseJerome.production.enable = cfg.production.enable;
services.myWebsites.Emilia.production.enable = cfg.production.enable;
services.myWebsites.Capitaines.production.enable = cfg.production.enable;
--- /dev/null
+{ lib, pkgs, config, myconfig, mylibs, ... }:
+let
+ cfg = config.services.myWebsites.Papa;
+ varDir = "/var/lib/ftp/papa";
+in {
+ options.services.myWebsites.Papa = {
+ production = {
+ enable = lib.mkEnableOption "enable Papa's website";
+ };
+ };
+
+ config = lib.mkIf cfg.production.enable {
+ security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
+ security.acme.certs."papa" = config.services.myCertificates.certConfig // {
+ domain = "surveillance.maison.bbc.bouya.org";
+ };
+
+ services.cron = {
+ systemCronJobs = let
+ script = pkgs.writeScript "cleanup-papa" ''
+ #!${pkgs.stdenv.shell}
+ d=$(date -d "7 days ago" +%Y%m%d)
+ for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
+ if [ "$d" -gt $(basename $i) ]; then
+ rm -rf "$i"
+ fi
+ done
+ '';
+ in
+ [
+ ''
+ 0 6 * * * wwwrun ${script}
+ ''
+ ];
+ };
+
+ services.myWebsites.production.vhostConfs.papa = {
+ certName = "papa";
+ hosts = [ "surveillance.maison.bbc.bouya.org" ];
+ root = varDir;
+ extraConfig = [
+ ''
+ Use Apaxy "${varDir}" "title .duplicity-ignore"
+ <Directory ${varDir}>
+ Use LDAPConnect
+ Options Indexes
+ AllowOverride None
+ Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
+ </Directory>
+ ''
+ ];
+ };
+ };
+}
+
projects / perso / Immae / Config / Nix.git / commitdiff
