1 { lib, pkgs, config, ... }:
3 env = config.myEnv.tools.diaspora;
4 root = "/run/current-system/webapps/tools_diaspora";
5 cfg = config.myServices.websites.tools.diaspora;
6 dcfg = config.services.diaspora;
8 options.myServices.websites.tools.diaspora = {
9 enable = lib.mkEnableOption "enable diaspora's website";
12 config = lib.mkIf cfg.enable {
13 services.duplyBackup.profiles.diaspora = {
14 rootDir = dcfg.dataDir;
15 remotes = [ "eriomem" "ovh" ];
17 users.users.diaspora.extraGroups = [ "keys" ];
21 dest = "webapps/diaspora";
28 dest = "webapps/diaspora/diaspora.yml";
35 url: "https://diaspora.immae.eu/"
36 certificate_authorities: '${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt'
37 redis: 'redis://${env.redis.host}:${env.redis.port}/${env.redis.db}'
45 listen: '${dcfg.sockets.rails}'
46 rails_environment: 'production'
58 enable_registrations: false
77 sender_address: 'diaspora@tools.immae.eu'
81 location: '/run/wrappers/bin/sendmail'
84 podmin_email: 'diaspora@tools.immae.eu'
90 host: ${env.ldap.host}
94 skip_email_confirmation: true
96 bind_dn: "${env.ldap.dn}"
97 bind_pw: "${env.ldap.password}"
98 search_base: "${env.ldap.base}"
99 search_filter: "${env.ldap.filter}"
107 dest = "webapps/diaspora/database.yml";
110 permissions = "0400";
112 postgresql: &postgresql
114 host: "${env.postgresql.socket}"
115 port: "${env.postgresql.port}"
116 username: "${env.postgresql.user}"
117 password: "${env.postgresql.password}"
125 database: diaspora_development
128 database: ${env.postgresql.database}
131 database: "diaspora_test"
134 database: diaspora_integration1
137 database: diaspora_integration2
141 dest = "webapps/diaspora/secret_token.rb";
144 permissions = "0400";
146 Diaspora::Application.config.secret_key_base = '${env.secret_token}'
151 services.diaspora = {
153 package = pkgs.webapps.diaspora.override { ldap = true; };
154 dataDir = "/var/lib/diaspora_immae";
155 adminEmail = "diaspora@tools.immae.eu";
156 configDir = config.secrets.fullPaths."webapps/diaspora";
159 services.filesWatcher.diaspora = {
161 paths = [ dcfg.configDir ];
164 services.websites.env.tools.modules = [
165 "headers" "proxy" "proxy_http"
167 system.extraSystemBuilderCmds = ''
168 mkdir -p $out/webapps
169 ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora
171 services.websites.env.tools.vhostConfs.diaspora = {
172 certName = "eldiron";
174 hosts = [ "diaspora.immae.eu" ];
178 RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
179 RewriteRule ^/(.*)$ unix://${dcfg.sockets.rails}|http://diaspora.immae.eu/%{REQUEST_URI} [P,NE,QSA,L]
184 RequestHeader set X_FORWARDED_PROTO https