[perso/Immae/Config/Nix.git] / virtual / modules / websites / tools / diaspora / default.nix

{ lib, pkgs, config, mylibs, ... }:
let
  diaspora = pkgs.callPackage ./diaspora.nix {
    inherit (mylibs) fetchedGithub checkEnv;
  };

  cfg = config.services.myWebsites.tools.diaspora;
in {
  options.services.myWebsites.tools.diaspora = {
    enable = lib.mkEnableOption "enable diaspora's website";
  };

  config = lib.mkIf cfg.enable {
    ids.uids.diaspora = 398;
    ids.gids.diaspora = 398;

    users.users.diaspora = {
      name = "diaspora";
      uid = config.ids.uids.diaspora;
      group = "diaspora";
      description = "Diaspora user";
      home = diaspora.railsRoot;
      useDefaultShell = true;
      packages = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby ];
    };

    users.groups.diaspora.gid = config.ids.gids.diaspora;

    systemd.services.diaspora = {
      description = "Diaspora";
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" "redis.service" "postgresql.service" ];
      wants = [ "redis.service" "postgresql.service" ];

      environment.RAILS_ENV = "production";
      environment.BUNDLE_PATH = "${diaspora.gems}/lib/ruby/gems/2.4.0";
      environment.BUNDLE_GEMFILE = "${diaspora.gems.confFiles}/Gemfile";
      environment.EYE_SOCK = "${diaspora.socketsDir}/eye.sock";
      environment.EYE_PID = "${diaspora.socketsDir}/eye.pid";

      path = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];

      preStart = ''
        ./bin/bundle exec rails db:migrate
      '';

      script = ''
        exec ${diaspora.railsRoot}/script/server
      '';

      serviceConfig = {
        User = "diaspora";
        PrivateTmp = true;
        Restart = "always";
        Type = "simple";
        WorkingDirectory = diaspora.railsRoot;
        StandardInput = "null";
        KillMode = "control-group";
      };

      unitConfig.RequiresMountsFor = diaspora.varDir;
    };

    system.activationScripts.diaspora = {
      deps = [ "users" ];
      text = ''
      install -m 0755 -o diaspora -g diaspora -d ${diaspora.socketsDir}
      install -m 0755 -o diaspora -g diaspora -d ${diaspora.varDir} \
        ${diaspora.varDir}/uploads ${diaspora.varDir}/tmp \
        ${diaspora.varDir}/log
      install -m 0700 -o diaspora -g diaspora -d ${diaspora.varDir}/tmp/pids
      if [ ! -f ${diaspora.varDir}/schedule.yml ]; then
        echo "{}" | $wrapperDir/sudo -u diaspora tee ${diaspora.varDir}/schedule.yml
      fi
      '';
    };

    services.myWebsites.tools.modules = [
      "headers" "proxy" "proxy_http" "proxy_balancer"
      "lbmethod_byrequests" "lbmethod_bytraffic" "lbmethod_bybusyness" "lbmethod_heartbeat"
    ];
    security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null;
    services.myWebsites.tools.vhostConfs.diaspora = {
      certName    = "eldiron";
      hosts       = [ "diaspora.immae.eu" ];
      root        = "${diaspora.railsRoot}/public/";
      extraConfig = [ ''
        RewriteEngine On
        RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
        RewriteRule ^/(.*)$ balancer://thinservers%{REQUEST_URI} [P,QSA,L]

        <Proxy balancer://thinservers>
            BalancerMember unix://${diaspora.railsSocket}|http://
        </Proxy>

        ProxyRequests Off
        ProxyVia On
        ProxyPreserveHost On
        RequestHeader set X_FORWARDED_PROTO https

        <Proxy *>
            Require all granted
        </Proxy>

        <Directory ${diaspora.railsRoot}/public>
            Require all granted
            Options -MultiViews
        </Directory>
      '' ];
    };
  };
}
Commit	Line	Data
a7f7fdae IB	1	{ lib, pkgs, config, mylibs, ... }:
	2	let
	3	diaspora = pkgs.callPackage ./diaspora.nix {
	4	inherit (mylibs) fetchedGithub checkEnv;
	5	};
	6
	7	cfg = config.services.myWebsites.tools.diaspora;
	8	in {
	9	options.services.myWebsites.tools.diaspora = {
	10	enable = lib.mkEnableOption "enable diaspora's website";
	11	};
	12
	13	config = lib.mkIf cfg.enable {
a7f7fdae IB	14	ids.uids.diaspora = 398;
	15	ids.gids.diaspora = 398;
	16
	17	users.users.diaspora = {
	18	name = "diaspora";
	19	uid = config.ids.uids.diaspora;
	20	group = "diaspora";
	21	description = "Diaspora user";
	22	home = diaspora.railsRoot;
	23	useDefaultShell = true;
	24	packages = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby ];
	25	};
	26
	27	users.groups.diaspora.gid = config.ids.gids.diaspora;
	28
	29	systemd.services.diaspora = {
	30	description = "Diaspora";
	31	wantedBy = [ "multi-user.target" ];
	32	after = [ "network.target" "redis.service" "postgresql.service" ];
	33	wants = [ "redis.service" "postgresql.service" ];
	34
	35	environment.RAILS_ENV = "production";
	36	environment.BUNDLE_PATH = "${diaspora.gems}/lib/ruby/gems/2.4.0";
	37	environment.BUNDLE_GEMFILE = "${diaspora.gems.confFiles}/Gemfile";
	38	environment.EYE_SOCK = "${diaspora.socketsDir}/eye.sock";
	39	environment.EYE_PID = "${diaspora.socketsDir}/eye.pid";
	40
	41	path = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];
	42
	43	preStart = ''
	44	./bin/bundle exec rails db:migrate
	45	'';
	46
	47	script = ''
	48	exec ${diaspora.railsRoot}/script/server
	49	'';
	50
	51	serviceConfig = {
	52	User = "diaspora";
	53	PrivateTmp = true;
	54	Restart = "always";
	55	Type = "simple";
	56	WorkingDirectory = diaspora.railsRoot;
	57	StandardInput = "null";
	58	KillMode = "control-group";
	59	};
	60
	61	unitConfig.RequiresMountsFor = diaspora.varDir;
	62	};
	63
a7f7fdae IB	64	system.activationScripts.diaspora = {
	65	deps = [ "users" ];
	66	text = ''
	67	install -m 0755 -o diaspora -g diaspora -d ${diaspora.socketsDir}
	68	install -m 0755 -o diaspora -g diaspora -d ${diaspora.varDir} \
	69	${diaspora.varDir}/uploads ${diaspora.varDir}/tmp \
	70	${diaspora.varDir}/log
	71	install -m 0700 -o diaspora -g diaspora -d ${diaspora.varDir}/tmp/pids
	72	if [ ! -f ${diaspora.varDir}/schedule.yml ]; then
	73	echo "{}" \| $wrapperDir/sudo -u diaspora tee ${diaspora.varDir}/schedule.yml
	74	fi
	75	'';
	76	};
	77
	78	services.myWebsites.tools.modules = [
	79	"headers" "proxy" "proxy_http" "proxy_balancer"
a7f7fdae IB	80	"lbmethod_byrequests" "lbmethod_bytraffic" "lbmethod_bybusyness" "lbmethod_heartbeat"
	81	];
	82	security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null;
	83	services.myWebsites.tools.vhostConfs.diaspora = {
	84	certName = "eldiron";
	85	hosts = [ "diaspora.immae.eu" ];
	86	root = "${diaspora.railsRoot}/public/";
	87	extraConfig = [ ''
	88	RewriteEngine On
	89	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
	90	RewriteRule ^/(.*)$ balancer://thinservers%{REQUEST_URI} [P,QSA,L]
	91
	92	<Proxy balancer://thinservers>
	93	BalancerMember unix://${diaspora.railsSocket}\|http://
	94	</Proxy>
	95
	96	ProxyRequests Off
	97	ProxyVia On
	98	ProxyPreserveHost On
	99	RequestHeader set X_FORWARDED_PROTO https
	100
	101	<Proxy *>
	102	Require all granted
	103	</Proxy>
	104
	105	<Directory ${diaspora.railsRoot}/public>
	106	Require all granted
	107	Options -MultiViews
	108	</Directory>
	109	'' ];
	110	};
	111	};
	112	}