[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / diaspora / diaspora.nix

{ env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
let
  gems = bundlerEnv {
    name = "diaspora-env";
    ruby = ruby_2_4;
    gemdir = ./.;
    gemConfig = defaultGemConfig // {
      kostya-sigar = attrs: {
        buildInputs = with pkgs; [ pkgs.perl ];
      };
    };
  };
  varDir = "/var/lib/diaspora_immae";
  socketsDir = "/run/diaspora";
  diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
    buildPhase = ''
      patch -p1 < ${./ldap.patch}
    '';
    installPhase = ''
      cp -a . $out
    '';
  });
  secret_token = writeText "secret_token.rb" ''
    Diaspora::Application.config.secret_key_base = '${env.secret_token}'
    '';
  config = writeText "diaspora.yml" ''
      configuration:
        environment:
          url: "https://diaspora.immae.eu/"
          certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt'
          redis: '${env.redis_url}'
          sidekiq:
          s3:
          assets:
          logging:
            logrotate:
            debug:
        server:
          listen: '${socketsDir}/diaspora.sock'
          rails_environment: 'production'
        chat:
          server:
            bosh:
            log:
        map:
          mapbox:
        privacy:
          piwik:
          statistics:
          camo:
        settings:
          enable_registrations: false
          welcome_message:
          invitations:
            open: false
          paypal_donations:
          community_spotlight:
          captcha:
            enable: false
          terms:
          maintenance:
            remove_old_users:
          default_metas:
          csp:
        services:
          twitter:
          tumblr:
          wordpress:
        mail:
          enable: true
          sender_address: 'diaspora@immae.eu'
          method: 'smtp'
          smtp:
            host: 'mail.immae.eu'
          sendmail:
        admins:
          account: "ismael"
          podmin_email: 'diaspora@immae.eu'
        relay:
          outbound:
          inbound:
        ldap:
            enable: true
            host: ldap.immae.eu
            port: 636
            only_ldap: true
            mail_attribute: mail
            skip_email_confirmation: true
            use_bind_dn: true
            bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
            bind_pw: "${env.ldap.password}"
            search_base: "dc=immae,dc=eu"
            search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
      production:
        environment:
      development:
        environment:
    '';
  database_config = writeText "database.yml" ''
      postgresql: &postgresql
        adapter: postgresql
        host: db-1.immae.eu
        port: 5432
        username: "diaspora"
        password: "${env.postgresql.password}"
        encoding: unicode
      common: &common
        <<: *postgresql
      combined: &combined
        <<: *common
      development:
        <<: *combined
        database: diaspora_development
      production:
        <<: *combined
        database: diaspora
      test:
        <<: *combined
        database: "diaspora_test"
      integration1:
        <<: *combined
        database: diaspora_integration1
      integration2:
        <<: *combined
        database: diaspora_integration2
    '';

    railsRoot = stdenv.mkDerivation {
      name = "diaspora_immae";
      inherit diaspora;
      builder = writeText "build_diaspora_immae" ''
        source $stdenv/setup
        cp -a $diaspora $out
        cd $out
        chmod -R u+rwX .
        tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
        ln -s ${database_config} config/database.yml
        ln -s ${config} config/diaspora.yml
        ln -s ${secret_token} config/initializers/secret_token.rb
        ln -sf ../../../../../../${varDir}/schedule.yml config/schedule.yml
        ln -sf ../../../../../../${varDir}/oidc_key.pem config/oidc_key.pem
        ln -sf ../../../../../../${varDir}/uploads public/uploads
        RAILS_ENV=production ${gems}/bin/rake assets:precompile
        rm -rf tmp log
        ln -sf ../../../../../${varDir}/tmp tmp
        ln -sf ../../../../../${varDir}/log log
        '';
      propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ];
    };
in
  {
    inherit railsRoot varDir socketsDir gems;
    railsSocket = "${socketsDir}/diaspora.sock";
  }