[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / diaspora / default.nix

{ lib, pkgs, config, myconfig, mylibs, ... }:
let
  diaspora = pkgs.callPackage ./diaspora.nix {
    inherit (mylibs) fetchedGithub;
    env = myconfig.env.tools.diaspora;
  };

  cfg = config.services.myWebsites.tools.diaspora;
in {
  options.services.myWebsites.tools.diaspora = {
    enable = lib.mkEnableOption "enable diaspora's website";
  };

  config = lib.mkIf cfg.enable {
    ids.uids.diaspora = myconfig.env.tools.diaspora.user.uid;
    ids.gids.diaspora = myconfig.env.tools.diaspora.user.gid;

    users.users.diaspora = {
      name = "diaspora";
      uid = config.ids.uids.diaspora;
      group = "diaspora";
      description = "Diaspora user";
      home = diaspora.railsRoot;
      useDefaultShell = true;
      packages = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby ];
    };

    users.groups.diaspora.gid = config.ids.gids.diaspora;

    systemd.services.diaspora = {
      description = "Diaspora";
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" "redis.service" "postgresql.service" ];
      wants = [ "redis.service" "postgresql.service" ];

      environment.RAILS_ENV = "production";
      environment.BUNDLE_PATH = "${diaspora.gems}/${diaspora.gems.ruby.gemPath}";
      environment.BUNDLE_GEMFILE = "${diaspora.gems.confFiles}/Gemfile";
      environment.EYE_SOCK = "${diaspora.socketsDir}/eye.sock";
      environment.EYE_PID = "${diaspora.socketsDir}/eye.pid";

      path = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];

      preStart = ''
        ./bin/bundle exec rails db:migrate
      '';

      script = ''
        exec ${diaspora.railsRoot}/script/server
      '';

      serviceConfig = {
        User = "diaspora";
        PrivateTmp = true;
        Restart = "always";
        Type = "simple";
        WorkingDirectory = diaspora.railsRoot;
        StandardInput = "null";
        KillMode = "control-group";
      };

      unitConfig.RequiresMountsFor = diaspora.varDir;
    };

    system.activationScripts.diaspora = {
      deps = [ "users" ];
      text = ''
      install -m 0755 -o diaspora -g diaspora -d ${diaspora.socketsDir}
      install -m 0755 -o diaspora -g diaspora -d ${diaspora.varDir} \
        ${diaspora.varDir}/uploads ${diaspora.varDir}/tmp \
        ${diaspora.varDir}/log
      install -m 0700 -o diaspora -g diaspora -d ${diaspora.varDir}/tmp/pids
      if [ ! -f ${diaspora.varDir}/schedule.yml ]; then
        echo "{}" | $wrapperDir/sudo -u diaspora tee ${diaspora.varDir}/schedule.yml
      fi
      '';
    };

    services.myWebsites.tools.modules = [
      "headers" "proxy" "proxy_http"
    ];
    security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null;
    services.myWebsites.tools.vhostConfs.diaspora = {
      certName    = "eldiron";
      hosts       = [ "diaspora.immae.eu" ];
      root        = "${diaspora.railsRoot}/public/";
      extraConfig = [ ''
        RewriteEngine On
        RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
        RewriteRule ^/(.*)$ unix://${diaspora.railsSocket}|http://diaspora.immae.eu/%{REQUEST_URI} [P,NE,QSA,L]

        ProxyRequests Off
        ProxyVia On
        ProxyPreserveHost On
        RequestHeader set X_FORWARDED_PROTO https

        <Proxy *>
            Require all granted
        </Proxy>

        <Directory ${diaspora.railsRoot}/public>
            Require all granted
            Options -MultiViews
        </Directory>
      '' ];
    };
  };
}
Commit	Line	Data
9d90e7e2	1	{ lib, pkgs, config, myconfig, mylibs, ... }:
a7f7fdae IB	2	let
a7f7fdae IB	3	diaspora = pkgs.callPackage ./diaspora.nix {
9d90e7e2 IB	4	inherit (mylibs) fetchedGithub;
9d90e7e2 IB	5	env = myconfig.env.tools.diaspora;
a7f7fdae IB	6	};
	7
	8	cfg = config.services.myWebsites.tools.diaspora;
	9	in {
	10	options.services.myWebsites.tools.diaspora = {
	11	enable = lib.mkEnableOption "enable diaspora's website";
	12	};
	13
	14	config = lib.mkIf cfg.enable {
3b075825 IB	15	ids.uids.diaspora = myconfig.env.tools.diaspora.user.uid;
3b075825 IB	16	ids.gids.diaspora = myconfig.env.tools.diaspora.user.gid;
a7f7fdae IB	17
	18	users.users.diaspora = {
	19	name = "diaspora";
	20	uid = config.ids.uids.diaspora;
	21	group = "diaspora";
	22	description = "Diaspora user";
	23	home = diaspora.railsRoot;
	24	useDefaultShell = true;
	25	packages = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby ];
	26	};
	27
	28	users.groups.diaspora.gid = config.ids.gids.diaspora;
	29
	30	systemd.services.diaspora = {
	31	description = "Diaspora";
	32	wantedBy = [ "multi-user.target" ];
	33	after = [ "network.target" "redis.service" "postgresql.service" ];
	34	wants = [ "redis.service" "postgresql.service" ];
	35
	36	environment.RAILS_ENV = "production";
159d8ff3	37	environment.BUNDLE_PATH = "${diaspora.gems}/${diaspora.gems.ruby.gemPath}";
a7f7fdae IB	38	environment.BUNDLE_GEMFILE = "${diaspora.gems.confFiles}/Gemfile";
	39	environment.EYE_SOCK = "${diaspora.socketsDir}/eye.sock";
	40	environment.EYE_PID = "${diaspora.socketsDir}/eye.pid";
	41
	42	path = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];
	43
	44	preStart = ''
	45	./bin/bundle exec rails db:migrate
	46	'';
	47
	48	script = ''
	49	exec ${diaspora.railsRoot}/script/server
	50	'';
	51
	52	serviceConfig = {
	53	User = "diaspora";
	54	PrivateTmp = true;
	55	Restart = "always";
	56	Type = "simple";
	57	WorkingDirectory = diaspora.railsRoot;
	58	StandardInput = "null";
	59	KillMode = "control-group";
	60	};
	61
	62	unitConfig.RequiresMountsFor = diaspora.varDir;
	63	};
	64
a7f7fdae IB	65	system.activationScripts.diaspora = {
	66	deps = [ "users" ];
	67	text = ''
	68	install -m 0755 -o diaspora -g diaspora -d ${diaspora.socketsDir}
	69	install -m 0755 -o diaspora -g diaspora -d ${diaspora.varDir} \
	70	${diaspora.varDir}/uploads ${diaspora.varDir}/tmp \
	71	${diaspora.varDir}/log
	72	install -m 0700 -o diaspora -g diaspora -d ${diaspora.varDir}/tmp/pids
	73	if [ ! -f ${diaspora.varDir}/schedule.yml ]; then
	74	echo "{}" \| $wrapperDir/sudo -u diaspora tee ${diaspora.varDir}/schedule.yml
	75	fi
	76	'';
	77	};
	78
	79	services.myWebsites.tools.modules = [
a952acc4	80	"headers" "proxy" "proxy_http"
a7f7fdae IB	81	];
	82	security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null;
	83	services.myWebsites.tools.vhostConfs.diaspora = {
	84	certName = "eldiron";
	85	hosts = [ "diaspora.immae.eu" ];
	86	root = "${diaspora.railsRoot}/public/";
	87	extraConfig = [ ''
	88	RewriteEngine On
	89	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
a952acc4	90	RewriteRule ^/(.*)$ unix://${diaspora.railsSocket}\|http://diaspora.immae.eu/%{REQUEST_URI} [P,NE,QSA,L]
a7f7fdae IB	91
	92	ProxyRequests Off
	93	ProxyVia On
	94	ProxyPreserveHost On
	95	RequestHeader set X_FORWARDED_PROTO https
	96
	97	<Proxy *>
	98	Require all granted
	99	</Proxy>
	100
	101	<Directory ${diaspora.railsRoot}/public>
	102	Require all granted
	103	Options -MultiViews
	104	</Directory>
	105	'' ];
	106	};
	107	};
	108	}