nixops/modules/websites/ftp/papa.nix

   1 { lib, pkgs, config, myconfig,  ... }:
   2 let
   3     cfg = config.services.myWebsites.Papa;
   4     varDir = "/var/lib/ftp/papa";
   5 in {
   6   options.services.myWebsites.Papa = {
   7     production = {
   8       enable = lib.mkEnableOption "enable Papa's website";
   9     };
  10   };
  11
  12   config = lib.mkIf cfg.production.enable {
  13     security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
  14
  15     services.cron = {
  16       systemCronJobs = let
  17         script = pkgs.writeScript "cleanup-papa" ''
  18           #!${pkgs.stdenv.shell}
  19           d=$(date -d "7 days ago" +%Y%m%d)
  20           for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
  21             if [ "$d" -gt $(basename $i) ]; then
  22               rm -rf "$i"
  23             fi
  24           done
  25           '';
  26       in
  27         [
  28         ''
  29           0 6 * * * wwwrun ${script}
  30         ''
  31       ];
  32     };
  33
  34     services.websites.production.vhostConfs.papa = {
  35       certName     = "papa";
  36       certMainHost = "surveillance.maison.bbc.bouya.org";
  37       hosts        = [ "surveillance.maison.bbc.bouya.org" ];
  38       root         = varDir;
  39       extraConfig  = [
  40         ''
  41         Use Apaxy "${varDir}" "title .duplicity-ignore"
  42         <Directory ${varDir}>
  43           Use LDAPConnect
  44           Options Indexes
  45           AllowOverride None
  46           Require ldap-group   cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
  47         </Directory>
  48           ''
  49       ];
  50     };
  51   };
  52 }
  53