nixops/modules/websites/tools/diaspora/diaspora.nix

   1 { env, fetchedGithub, stdenv, defaultGemConfig, writeText, bundlerEnv, ruby_2_4, pkgs, cacert }:
   2 let
   3   varDir = "/var/lib/diaspora_immae";
   4   socketsDir = "/run/diaspora";
   5   diaspora = stdenv.mkDerivation (fetchedGithub ./diaspora.json // rec {
   6     buildPhase = ''
   7       patch -p1 < ${./ldap.patch}
   8       # FIXME: bundlerEnv below doesn't take postgresql group for some
   9       # reason
  10       echo 'gem "pg",     "1.1.3"' >> Gemfile
  11     '';
  12     installPhase = ''
  13       cp -a . $out
  14     '';
  15   });
  16   gems = bundlerEnv {
  17     name = "diaspora-env";
  18     ruby = ruby_2_4;
  19     gemfile = "${diaspora}/Gemfile";
  20     lockfile = "${diaspora}/Gemfile.lock";
  21     gemset = ./gemset.nix;
  22     groups = [ "postgresql" "default" "production" ];
  23     gemConfig = defaultGemConfig // {
  24       kostya-sigar = attrs: {
  25         buildInputs = [ pkgs.perl ];
  26       };
  27     };
  28   };
  29   secret_token = writeText "secret_token.rb" ''
  30     Diaspora::Application.config.secret_key_base = '${env.secret_token}'
  31     '';
  32   config = writeText "diaspora.yml" ''
  33       configuration:
  34         environment:
  35           url: "https://diaspora.immae.eu/"
  36           certificate_authorities: '${cacert}/etc/ssl/certs/ca-bundle.crt'
  37           redis: '${env.redis_url}'
  38           sidekiq:
  39           s3:
  40           assets:
  41           logging:
  42             logrotate:
  43             debug:
  44         server:
  45           listen: '${socketsDir}/diaspora.sock'
  46           rails_environment: 'production'
  47         chat:
  48           server:
  49             bosh:
  50             log:
  51         map:
  52           mapbox:
  53         privacy:
  54           piwik:
  55           statistics:
  56           camo:
  57         settings:
  58           enable_registrations: false
  59           welcome_message:
  60           invitations:
  61             open: false
  62           paypal_donations:
  63           community_spotlight:
  64           captcha:
  65             enable: false
  66           terms:
  67           maintenance:
  68             remove_old_users:
  69           default_metas:
  70           csp:
  71         services:
  72           twitter:
  73           tumblr:
  74           wordpress:
  75         mail:
  76           enable: true
  77           sender_address: 'diaspora@immae.eu'
  78           method: 'sendmail'
  79           smtp:
  80           sendmail:
  81             location: '/run/wrappers/bin/sendmail'
  82         admins:
  83           account: "ismael"
  84           podmin_email: 'diaspora@immae.eu'
  85         relay:
  86           outbound:
  87           inbound:
  88         ldap:
  89             enable: true
  90             host: ldap.immae.eu
  91             port: 636
  92             only_ldap: true
  93             mail_attribute: mail
  94             skip_email_confirmation: true
  95             use_bind_dn: true
  96             bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
  97             bind_pw: "${env.ldap.password}"
  98             search_base: "dc=immae,dc=eu"
  99             search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
 100       production:
 101         environment:
 102       development:
 103         environment:
 104     '';
 105   database_config = writeText "database.yml" ''
 106       postgresql: &postgresql
 107         adapter: postgresql
 108         host: "${env.postgresql.socket}"
 109         port: "${env.postgresql.port}"
 110         username: "${env.postgresql.user}"
 111         password: "${env.postgresql.password}"
 112         encoding: unicode
 113       common: &common
 114         <<: *postgresql
 115       combined: &combined
 116         <<: *common
 117       development:
 118         <<: *combined
 119         database: diaspora_development
 120       production:
 121         <<: *combined
 122         database: ${env.postgresql.database}
 123       test:
 124         <<: *combined
 125         database: "diaspora_test"
 126       integration1:
 127         <<: *combined
 128         database: diaspora_integration1
 129       integration2:
 130         <<: *combined
 131         database: diaspora_integration2
 132     '';
 133
 134     railsRoot = stdenv.mkDerivation {
 135       name = "diaspora_immae";
 136       inherit diaspora;
 137       builder = writeText "build_diaspora_immae" ''
 138         source $stdenv/setup
 139         cp -a $diaspora $out
 140         cd $out
 141         chmod -R u+rwX .
 142         tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
 143         ln -s ${database_config} config/database.yml
 144         ln -s ${config} config/diaspora.yml
 145         ln -s ${secret_token} config/initializers/secret_token.rb
 146         ln -sf ${varDir}/schedule.yml config/schedule.yml
 147         ln -sf ${varDir}/oidc_key.pem config/oidc_key.pem
 148         ln -sf ${varDir}/uploads public/uploads
 149         RAILS_ENV=production ${gems}/bin/rake assets:precompile
 150         rm -rf tmp log
 151         ln -sf ${varDir}/tmp tmp
 152         ln -sf ${varDir}/log log
 153         '';
 154       propagatedBuildInputs = [ gems pkgs.nodejs pkgs.which pkgs.git ];
 155     };
 156 in
 157   {
 158     inherit railsRoot varDir socketsDir gems;
 159     railsSocket = "${socketsDir}/diaspora.sock";
 160   }