1 { lib, pkgs, config, ... }:
3 env = config.myEnv.tools.diaspora;
4 root = "${dcfg.workdir}/public/";
5 cfg = config.myServices.websites.tools.diaspora;
6 dcfg = config.services.diaspora;
8 options.myServices.websites.tools.diaspora = {
9 enable = lib.mkEnableOption "enable diaspora's website";
12 config = lib.mkIf cfg.enable {
13 myServices.dns.zones."immae.eu".subdomains.diaspora =
14 with config.myServices.dns.helpers; ips servers.eldiron.ips.main;
16 myServices.chatonsProperties.services.diaspora = {
17 file.datetime = "2022-08-21T01:39:00";
20 description = "The online social world where you are in control";
21 website = "https://diaspora.immae.eu";
22 logo = "https://diaspora.immae.eu/assets/apple-touch-icon-9f7c9cc3923b4817fbb25bfeb0dd5fd34638827fd9c82b5a03f7b68e6e90806f.png";
24 status.description = "OK";
25 registration."" = ["MEMBER" "CLIENT"];
26 registration.load = "OPEN";
27 install.type = "PACKAGE";
31 website = "https://diasporafoundation.org/";
32 license.url = "https://github.com/diaspora/diaspora/blob/develop/LICENSE";
33 license.name = "GNU Affero General Public License v3.0";
34 version = dcfg.package.version;
35 source.url = "https://github.com/diaspora/diaspora";
38 users.users.diaspora.extraGroups = [ "keys" ];
41 "webapps/diaspora" = {
47 "webapps/diaspora/diaspora.yml" = {
51 keyDependencies = [ pkgs.cacert ];
55 url: "https://diaspora.immae.eu/"
56 certificate_authorities: '${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt'
57 redis: 'redis://${env.redis.host}:${env.redis.port}/${env.redis.db}'
65 listen: '${dcfg.sockets.rails}'
66 rails_environment: 'production'
78 enable_registrations: false
97 sender_address: 'diaspora@tools.immae.eu'
101 location: '/run/wrappers/bin/sendmail'
104 podmin_email: 'diaspora@tools.immae.eu'
110 host: ${env.ldap.host}
114 skip_email_confirmation: true
116 bind_dn: "${env.ldap.dn}"
117 bind_pw: "${env.ldap.password}"
118 search_base: "${env.ldap.base}"
119 search_filter: "${env.ldap.filter}"
126 "webapps/diaspora/database.yml" = {
129 permissions = "0400";
131 postgresql: &postgresql
133 host: "${env.postgresql.socket}"
134 port: "${env.postgresql.port}"
135 username: "${env.postgresql.user}"
136 password: "${env.postgresql.password}"
144 database: diaspora_development
147 database: ${env.postgresql.database}
150 database: "diaspora_test"
153 database: diaspora_integration1
156 database: diaspora_integration2
159 "webapps/diaspora/secret_token.rb" = {
162 permissions = "0400";
164 Diaspora::Application.config.secret_key_base = '${env.secret_token}'
169 services.diaspora = {
172 dataDir = "/var/lib/diaspora_immae";
173 adminEmail = "diaspora@tools.immae.eu";
174 configDir = config.secrets.fullPaths."webapps/diaspora";
177 services.filesWatcher.diaspora = {
179 paths = [ dcfg.configDir ];
182 services.websites.env.tools.modules = [
183 "headers" "proxy" "proxy_http"
185 security.acme.certs.eldiron.extraDomainNames = [ "diaspora.immae.eu" ];
186 services.websites.env.tools.vhostConfs.diaspora = {
187 certName = "eldiron";
188 hosts = [ "diaspora.immae.eu" ];
192 RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
193 RewriteRule ^/(.*)$ unix://${dcfg.sockets.rails}|http://diaspora.immae.eu/%{REQUEST_URI} [P,NE,QSA,L]
198 RequestHeader set X_FORWARDED_PROTO https
210 myServices.monitoring.fromMasterActivatedPlugins = [ "http" ];
211 myServices.monitoring.fromMasterObjects.service = [
213 service_description = "diaspora website is running on diaspora.immae.eu";
214 host_name = config.hostEnv.fqdn;
215 use = "external-web-service";
216 check_command = ["check_https" "diaspora.immae.eu" "/" "is the online social world where you are in control"];
218 servicegroups = "webstatus-webapps";
219 _webstatus_name = "Diaspora";
220 _webstatus_url = "https://diaspora.immae.eu/";