[perso/Immae/Config/Nix.git] / nixops / modules / websites / ftp / papa.nix

{ lib, pkgs, config, myconfig,  ... }:
let
    cfg = config.services.myWebsites.Papa;
    varDir = "/var/lib/ftp/papa";
in {
  options.services.myWebsites.Papa = {
    production = {
      enable = lib.mkEnableOption "enable Papa's website";
    };
  };

  config = lib.mkIf cfg.production.enable {
    security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
    security.acme.certs."papa" = config.services.myCertificates.certConfig // {
      domain = "surveillance.maison.bbc.bouya.org";
    };

    services.cron = {
      systemCronJobs = let
        script = pkgs.writeScript "cleanup-papa" ''
          #!${pkgs.stdenv.shell}
          d=$(date -d "7 days ago" +%Y%m%d)
          for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
            if [ "$d" -gt $(basename $i) ]; then
              rm -rf "$i"
            fi
          done
          '';
      in
        [
        ''
          0 6 * * * wwwrun ${script}
        ''
      ];
    };

    services.websites.production.vhostConfs.papa = {
      certName    = "papa";
      hosts       = [ "surveillance.maison.bbc.bouya.org" ];
      root        = varDir;
      extraConfig = [
        ''
        Use Apaxy "${varDir}" "title .duplicity-ignore"
        <Directory ${varDir}>
          Use LDAPConnect
          Options Indexes
          AllowOverride None
          Require ldap-group   cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
        </Directory>
          ''
      ];
    };
  };
}
Commit	Line	Data
8a964143	1	{ lib, pkgs, config, myconfig, ... }:
97953ca4 IB	2	let
	3	cfg = config.services.myWebsites.Papa;
	4	varDir = "/var/lib/ftp/papa";
	5	in {
	6	options.services.myWebsites.Papa = {
	7	production = {
	8	enable = lib.mkEnableOption "enable Papa's website";
	9	};
	10	};
	11
	12	config = lib.mkIf cfg.production.enable {
	13	security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
	14	security.acme.certs."papa" = config.services.myCertificates.certConfig // {
	15	domain = "surveillance.maison.bbc.bouya.org";
	16	};
	17
	18	services.cron = {
	19	systemCronJobs = let
	20	script = pkgs.writeScript "cleanup-papa" ''
	21	#!${pkgs.stdenv.shell}
	22	d=$(date -d "7 days ago" +%Y%m%d)
	23	for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
	24	if [ "$d" -gt $(basename $i) ]; then
	25	rm -rf "$i"
	26	fi
	27	done
	28	'';
	29	in
	30	[
	31	''
	32	0 6 * * * wwwrun ${script}
	33	''
	34	];
	35	};
	36
daf64e3f	37	services.websites.production.vhostConfs.papa = {
97953ca4 IB	38	certName = "papa";
	39	hosts = [ "surveillance.maison.bbc.bouya.org" ];
	40	root = varDir;
	41	extraConfig = [
	42	''
	43	Use Apaxy "${varDir}" "title .duplicity-ignore"
	44	<Directory ${varDir}>
	45	Use LDAPConnect
	46	Options Indexes
	47	AllowOverride None
	48	Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
	49	</Directory>
	50	''
	51	];
	52	};
	53	};
	54	}
	55