[perso/Immae/Config/Nix.git] / modules / private / websites / papa / surveillance.nix

{ lib, pkgs, config,  ... }:
let
  cfg = config.myServices.websites.papa.surveillance;
  varDir = "/var/lib/ftp/papa";
  apacheUser = config.services.httpd.Prod.user;
in {
  options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website";

  config = lib.mkIf cfg.enable {
    security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;

    services.cron = {
      systemCronJobs = let
        script = pkgs.writeScript "cleanup-papa" ''
          #!${pkgs.stdenv.shell}
          d=$(date -d "7 days ago" +%Y%m%d)
          for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
            if [ "$d" -gt $(basename $i) ]; then
              rm -rf "$i"
            fi
          done
          '';
      in
        [
        ''
          0 6 * * * ${apacheUser} ${script}
        ''
      ];
    };

    services.websites.env.production.vhostConfs.papa_surveillance = {
      certName     = "papa";
      certMainHost = "surveillance.maison.bbc.bouya.org";
      hosts        = [ "surveillance.maison.bbc.bouya.org" ];
      root         = varDir;
      extraConfig  = [
        ''
        Use Apaxy "${varDir}" "title .duplicity-ignore"
        <Directory ${varDir}>
          Use LDAPConnect
          Options Indexes
          AllowOverride None
          Require ldap-group   cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
        </Directory>
          ''
      ];
    };
  };
}
Commit	Line	Data
ab8f306d	1	{ lib, pkgs, config, ... }:
97953ca4	2	let
f8026b6e IB	3	cfg = config.myServices.websites.papa.surveillance;
f8026b6e IB	4	varDir = "/var/lib/ftp/papa";
d3452fc5	5	apacheUser = config.services.httpd.Prod.user;
97953ca4	6	in {
f8026b6e	7	options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website";
97953ca4	8
f8026b6e	9	config = lib.mkIf cfg.enable {
5400b9b6	10	security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
97953ca4 IB	11
	12	services.cron = {
	13	systemCronJobs = let
	14	script = pkgs.writeScript "cleanup-papa" ''
	15	#!${pkgs.stdenv.shell}
	16	d=$(date -d "7 days ago" +%Y%m%d)
	17	for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
	18	if [ "$d" -gt $(basename $i) ]; then
	19	rm -rf "$i"
	20	fi
	21	done
	22	'';
	23	in
	24	[
	25	''
d3452fc5	26	0 6 * * * ${apacheUser} ${script}
97953ca4 IB	27	''
	28	];
	29	};
	30
d3452fc5	31	services.websites.env.production.vhostConfs.papa_surveillance = {
7df420c2 IB	32	certName = "papa";
	33	certMainHost = "surveillance.maison.bbc.bouya.org";
	34	hosts = [ "surveillance.maison.bbc.bouya.org" ];
	35	root = varDir;
	36	extraConfig = [
97953ca4 IB	37	''
	38	Use Apaxy "${varDir}" "title .duplicity-ignore"
	39	<Directory ${varDir}>
	40	Use LDAPConnect
	41	Options Indexes
	42	AllowOverride None
	43	Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
	44	</Directory>
	45	''
	46	];
	47	};
	48	};
	49	}
	50