nixops/modules/websites/tools/diaspora/diaspora.nix

   1 { env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
   2 let
   3   varDir = "/var/lib/diaspora_immae";
   4   socketsDir = "/run/diaspora";
   5   diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
   6     buildPhase = ''
   7       patch -p1 < ${./ldap.patch}
   8       # FIXME: bundlerEnv below doesn't take postgresql group for some
   9       # reason
  10       echo 'gem "pg",     "1.1.3"' >> Gemfile
  11     '';
  12     installPhase = ''
  13       cp -a . $out
  14     '';
  15   });
  16   gems = bundlerEnv {
  17     name = "diaspora-env";
  18     # https://git.immae.eu/mantisbt/view.php?id=131
  19     ruby = ruby_2_4.overrideAttrs(old: {
  20       postInstall = builtins.replaceStrings [" --destdir $GEM_HOME"] [""] old.postInstall;
  21     });
  22     gemfile = "${diaspora}/Gemfile";
  23     lockfile = "${diaspora}/Gemfile.lock";
  24     gemset = ./gemset.nix;
  25     groups = [ "postgresql" "default" "production" ];
  26     gemConfig = defaultGemConfig // {
  27       kostya-sigar = attrs: {
  28         buildInputs = [ pkgs.perl ];
  29       };
  30     };
  31   };
  32   secret_token = writeText "secret_token.rb" ''
  33     Diaspora::Application.config.secret_key_base = '${env.secret_token}'
  34     '';
  35   config = writeText "diaspora.yml" ''
  36       configuration:
  37         environment:
  38           url: "https://diaspora.immae.eu/"
  39           certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt'
  40           redis: '${env.redis_url}'
  41           sidekiq:
  42           s3:
  43           assets:
  44           logging:
  45             logrotate:
  46             debug:
  47         server:
  48           listen: '${socketsDir}/diaspora.sock'
  49           rails_environment: 'production'
  50         chat:
  51           server:
  52             bosh:
  53             log:
  54         map:
  55           mapbox:
  56         privacy:
  57           piwik:
  58           statistics:
  59           camo:
  60         settings:
  61           enable_registrations: false
  62           welcome_message:
  63           invitations:
  64             open: false
  65           paypal_donations:
  66           community_spotlight:
  67           captcha:
  68             enable: false
  69           terms:
  70           maintenance:
  71             remove_old_users:
  72           default_metas:
  73           csp:
  74         services:
  75           twitter:
  76           tumblr:
  77           wordpress:
  78         mail:
  79           enable: true
  80           sender_address: 'diaspora@tools.immae.eu'
  81           method: 'sendmail'
  82           smtp:
  83           sendmail:
  84             location: '/run/wrappers/bin/sendmail'
  85         admins:
  86           account: "ismael"
  87           podmin_email: 'diaspora@tools.immae.eu'
  88         relay:
  89           outbound:
  90           inbound:
  91         ldap:
  92             enable: true
  93             host: ldap.immae.eu
  94             port: 636
  95             only_ldap: true
  96             mail_attribute: mail
  97             skip_email_confirmation: true
  98             use_bind_dn: true
  99             bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
 100             bind_pw: "${env.ldap.password}"
 101             search_base: "dc=immae,dc=eu"
 102             search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
 103       production:
 104         environment:
 105       development:
 106         environment:
 107     '';
 108   database_config = writeText "database.yml" ''
 109       postgresql: &postgresql
 110         adapter: postgresql
 111         host: "${env.postgresql.socket}"
 112         port: "${env.postgresql.port}"
 113         username: "${env.postgresql.user}"
 114         password: "${env.postgresql.password}"
 115         encoding: unicode
 116       common: &common
 117         <<: *postgresql
 118       combined: &combined
 119         <<: *common
 120       development:
 121         <<: *combined
 122         database: diaspora_development
 123       production:
 124         <<: *combined
 125         database: ${env.postgresql.database}
 126       test:
 127         <<: *combined
 128         database: "diaspora_test"
 129       integration1:
 130         <<: *combined
 131         database: diaspora_integration1
 132       integration2:
 133         <<: *combined
 134         database: diaspora_integration2
 135     '';
 136
 137     railsRoot = stdenv.mkDerivation {
 138       name = "diaspora_immae";
 139       inherit diaspora;
 140       builder = writeText "build_diaspora_immae" ''
 141         source $stdenv/setup
 142         cp -a $diaspora $out
 143         cd $out
 144         chmod -R u+rwX .
 145         tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
 146         ln -s ${database_config} config/database.yml
 147         ln -s ${config} config/diaspora.yml
 148         ln -s ${secret_token} config/initializers/secret_token.rb
 149         ln -sf ${varDir}/schedule.yml config/schedule.yml
 150         ln -sf ${varDir}/oidc_key.pem config/oidc_key.pem
 151         ln -sf ${varDir}/uploads public/uploads
 152         RAILS_ENV=production ${gems}/bin/rake assets:precompile
 153         rm -rf tmp log
 154         ln -sf ${varDir}/tmp tmp
 155         ln -sf ${varDir}/log log
 156         '';
 157       propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ];
 158     };
 159 in
 160   {
 161     inherit railsRoot varDir socketsDir gems;
 162     railsSocket = "${socketsDir}/diaspora.sock";
 163   }