[perso/Immae/Config/Nix.git] / virtual / modules / websites / tools / diaspora / diaspora.nix

{ env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
let
  gems = bundlerEnv {
    name = "diaspora-env";
    ruby = ruby_2_4;
    gemdir = ./.;
    gemConfig = defaultGemConfig // {
      kostya-sigar = attrs: {
        buildInputs = with pkgs; [ pkgs.perl ];
      };
    };
  };
  varDir = "/var/lib/diaspora_immae";
  socketsDir = "/run/diaspora";
  buildInputs =  [ gems ] ++ (with pkgs; [
    git redis imagemagick libxslt nodejs
    jemalloc cacert ruby_2_4
    openssl postgresql curl libnghttp2
    pkgconfig which
  ]);
  diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
    buildPhase = ''
      export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
      export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt

      patch -p1 < ${./ldap.patch}
    '';
    installPhase = ''
      cp -a . $out
    '';
    propagatedBuildInputs = buildInputs;
  });
  secret_token = writeText "secret_token.rb" ''
    Diaspora::Application.config.secret_key_base = '${env.secret_token}'
    '';
  config = writeText "diaspora.yml" ''
      configuration:
        environment:
          url: "https://diaspora.immae.eu/"
          certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
          redis: 'redis://localhost:6379/15'
          sidekiq:
          s3:
          assets:
          logging:
            logrotate:
            debug:
        server:
          listen: '${socketsDir}/diaspora.sock'
          rails_environment: 'production'
        chat:
          server:
            bosh:
            log:
        map:
          mapbox:
        privacy:
          piwik:
          statistics:
          camo:
        settings:
          enable_registrations: false
          welcome_message:
          invitations:
            open: false
          paypal_donations:
          community_spotlight:
          captcha:
            enable: false
          terms:
          maintenance:
            remove_old_users:
          default_metas:
          csp:
        services:
          twitter:
          tumblr:
          wordpress:
        mail:
          enable: true
          sender_address: 'diaspora@immae.eu'
          method: 'smtp'
          smtp:
            host: 'mail.immae.eu'
          sendmail:
        admins:
          account: "ismael"
          podmin_email: 'diaspora@immae.eu'
        relay:
          outbound:
          inbound:
        ldap:
            enable: true
            host: ldap.immae.eu
            port: 636
            only_ldap: true
            mail_attribute: mail
            skip_email_confirmation: true
            use_bind_dn: true
            bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
            bind_pw: "${env.ldap.password}"
            search_base: "dc=immae,dc=eu"
            search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
      production:
        environment:
      development:
        environment:
    '';
  database_config = writeText "database.yml" ''
      postgresql: &postgresql
        adapter: postgresql
        host: db-1.immae.eu
        port: 5432
        username: "diaspora"
        password: "${env.postgresql.password}"
        encoding: unicode
      common: &common
        <<: *postgresql
      combined: &combined
        <<: *common
      development:
        <<: *combined
        database: diaspora_development
      production:
        <<: *combined
        database: diaspora
      test:
        <<: *combined
        database: "diaspora_test"
      integration1:
        <<: *combined
        database: diaspora_integration1
      integration2:
        <<: *combined
        database: diaspora_integration2
    '';

    railsRoot = stdenv.mkDerivation {
      name = "diaspora_immae";
      inherit diaspora;
      builder = writeText "build_diaspora_immae" ''
        source $stdenv/setup
        cp -a $diaspora $out
        cd $out
        chmod -R u+rwX .
        tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
        ln -s ${database_config} config/database.yml
        ln -s ${config} config/diaspora.yml
        ln -s ${secret_token} config/initializers/secret_token.rb
        ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
        ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
        ln -sf ../../../../../../${varDir}/uploads public/uploads
        RAILS_ENV=production ${gems}/bin/rake assets:precompile
        rm -rf tmp log
        ln -sf ../../../../../${varDir}/tmp tmp
        ln -sf ../../../../../${varDir}/log log
        '';
      propagatedBuildInputs = buildInputs;
    };
in
  {
    inherit railsRoot varDir socketsDir gems;
    railsSocket = "${socketsDir}/diaspora.sock";
  }
Commit	Line	Data
9d90e7e2	1	{ env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
a7f7fdae IB	2	let
	3	gems = bundlerEnv {
	4	name = "diaspora-env";
	5	ruby = ruby_2_4;
	6	gemdir = ./.;
a7f7fdae IB	7	gemConfig = defaultGemConfig // {
	8	kostya-sigar = attrs: {
	9	buildInputs = with pkgs; [ pkgs.perl ];
	10	};
	11	};
	12	};
	13	varDir = "/var/lib/diaspora_immae";
	14	socketsDir = "/run/diaspora";
	15	buildInputs = [ gems ] ++ (with pkgs; [
	16	git redis imagemagick libxslt nodejs
	17	jemalloc cacert ruby_2_4
	18	openssl postgresql curl libnghttp2
	19	pkgconfig which
	20	]);
	21	diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
	22	buildPhase = ''
	23	export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
	24	export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
	25
	26	patch -p1 < ${./ldap.patch}
	27	'';
	28	installPhase = ''
	29	cp -a . $out
	30	'';
	31	propagatedBuildInputs = buildInputs;
	32	});
9d90e7e2 IB	33	secret_token = writeText "secret_token.rb" ''
9d90e7e2 IB	34	Diaspora::Application.config.secret_key_base = '${env.secret_token}'
a7f7fdae	35	'';
9d90e7e2	36	config = writeText "diaspora.yml" ''
a7f7fdae IB	37	configuration:
	38	environment:
	39	url: "https://diaspora.immae.eu/"
	40	certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
	41	redis: 'redis://localhost:6379/15'
	42	sidekiq:
	43	s3:
	44	assets:
	45	logging:
	46	logrotate:
	47	debug:
	48	server:
	49	listen: '${socketsDir}/diaspora.sock'
	50	rails_environment: 'production'
	51	chat:
	52	server:
	53	bosh:
	54	log:
	55	map:
	56	mapbox:
	57	privacy:
	58	piwik:
	59	statistics:
	60	camo:
	61	settings:
	62	enable_registrations: false
	63	welcome_message:
	64	invitations:
	65	open: false
	66	paypal_donations:
	67	community_spotlight:
	68	captcha:
	69	enable: false
	70	terms:
	71	maintenance:
	72	remove_old_users:
	73	default_metas:
	74	csp:
	75	services:
	76	twitter:
	77	tumblr:
	78	wordpress:
	79	mail:
	80	enable: true
	81	sender_address: 'diaspora@immae.eu'
	82	method: 'smtp'
	83	smtp:
	84	host: 'mail.immae.eu'
	85	sendmail:
	86	admins:
	87	account: "ismael"
	88	podmin_email: 'diaspora@immae.eu'
	89	relay:
	90	outbound:
	91	inbound:
	92	ldap:
	93	enable: true
	94	host: ldap.immae.eu
	95	port: 636
	96	only_ldap: true
	97	mail_attribute: mail
	98	skip_email_confirmation: true
	99	use_bind_dn: true
	100	bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
9d90e7e2	101	bind_pw: "${env.ldap.password}"
a7f7fdae IB	102	search_base: "dc=immae,dc=eu"
	103	search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
	104	production:
	105	environment:
	106	development:
	107	environment:
	108	'';
9d90e7e2	109	database_config = writeText "database.yml" ''
a7f7fdae IB	110	postgresql: &postgresql
	111	adapter: postgresql
	112	host: db-1.immae.eu
	113	port: 5432
	114	username: "diaspora"
9d90e7e2	115	password: "${env.postgresql.password}"
a7f7fdae IB	116	encoding: unicode
	117	common: &common
	118	<<: *postgresql
	119	combined: &combined
	120	<<: *common
	121	development:
	122	<<: *combined
	123	database: diaspora_development
	124	production:
	125	<<: *combined
	126	database: diaspora
	127	test:
	128	<<: *combined
	129	database: "diaspora_test"
	130	integration1:
	131	<<: *combined
	132	database: diaspora_integration1
	133	integration2:
	134	<<: *combined
	135	database: diaspora_integration2
	136	'';
	137
	138	railsRoot = stdenv.mkDerivation {
	139	name = "diaspora_immae";
	140	inherit diaspora;
	141	builder = writeText "build_diaspora_immae" ''
	142	source $stdenv/setup
	143	cp -a $diaspora $out
	144	cd $out
	145	chmod -R u+rwX .
	146	tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
	147	ln -s ${database_config} config/database.yml
	148	ln -s ${config} config/diaspora.yml
	149	ln -s ${secret_token} config/initializers/secret_token.rb
	150	ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
	151	ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
	152	ln -sf ../../../../../../${varDir}/uploads public/uploads
	153	RAILS_ENV=production ${gems}/bin/rake assets:precompile
	154	rm -rf tmp log
	155	ln -sf ../../../../../${varDir}/tmp tmp
	156	ln -sf ../../../../../${varDir}/log log
	157	'';
	158	propagatedBuildInputs = buildInputs;
	159	};
	160	in
	161	{
	162	inherit railsRoot varDir socketsDir gems;
	163	railsSocket = "${socketsDir}/diaspora.sock";
	164	}