Squash changes containing private information

[perso/Immae/Config/Nix.git] / modules / private / ejabberd / default.nix

diff --git a/modules/private/ejabberd/default.nix b/modules/private/ejabberd/default.nix
deleted file mode 100644 (file)
index 4d86a64..0000000
--- a/modules/private/ejabberd/default.nix
+++ /dev/null
@@ -1,92 +0,0 @@
-{ lib, pkgs, config, ... }:
-let
-  cfg = config.myServices.ejabberd;
-in
-{
-  options.myServices = {
-    ejabberd.enable = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = ''
-        Whether to enable ejabberd service.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    security.acme.certs = {
-      "ejabberd" = config.myServices.certificates.certConfig // {
-        user = "ejabberd";
-        group = "ejabberd";
-        domain = "eldiron.immae.eu";
-        keyType = "rsa4096";
-        postRun = ''
-          systemctl restart ejabberd.service
-          '';
-        extraDomains = {
-          "immae.fr" = null;
-          "conference.immae.fr" = null;
-          "proxy.immae.fr" = null;
-          "pubsub.immae.fr" = null;
-          "upload.immae.fr" = null;
-        };
-      };
-    };
-    networking.firewall.allowedTCPPorts = [ 5222 5269 ];
-    myServices.websites.tools.im.enable = true;
-    systemd.services.ejabberd.postStop = ''
-      rm /var/log/ejabberd/erl_crash*.dump
-      '';
-    secrets.keys = {
-      "ejabberd/psql.yml" = {
-        permissions = "0400";
-        user = "ejabberd";
-        group = "ejabberd";
-        text = ''
-          sql_type: pgsql
-          sql_server: "localhost"
-          sql_database: "${config.myEnv.jabber.postgresql.database}"
-          sql_username: "${config.myEnv.jabber.postgresql.user}"
-          sql_password: "${config.myEnv.jabber.postgresql.password}"
-          '';
-      };
-      "ejabberd/host.yml" = {
-        permissions = "0400";
-        user = "ejabberd";
-        group = "ejabberd";
-        text = ''
-          host_config:
-            "immae.fr":
-              domain_certfile: "${config.security.acme.certs.ejabberd.directory}/full.pem"
-              auth_method: [ldap]
-              ldap_servers: ["${config.myEnv.jabber.ldap.host}"]
-              ldap_encrypt: tls
-              ldap_rootdn: "${config.myEnv.jabber.ldap.dn}"
-              ldap_password: "${config.myEnv.jabber.ldap.password}"
-              ldap_base: "${config.myEnv.jabber.ldap.base}"
-              ldap_uids:
-                uid: "%u"
-                immaeXmppUid: "%u"
-              ldap_filter: "${config.myEnv.jabber.ldap.filter}"
-          '';
-      };
-    };
-    users.users.ejabberd.extraGroups = [ "keys" ];
-    services.ejabberd = {
-      package = pkgs.ejabberd.override { withPgsql = true; };
-      imagemagick = true;
-      enable = true;
-      ctlConfig = ''
-        ERLANG_NODE=ejabberd@localhost
-      '';
-      configFile = pkgs.runCommand "ejabberd.yml" {
-        certificatePrivateKeyAndFullChain = "${config.security.acme.certs.ejabberd.directory}/full.pem";
-        certificateCA = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
-        sql_config_file = config.secrets.fullPaths."ejabberd/psql.yml";
-        host_config_file = config.secrets.fullPaths."ejabberd/host.yml";
-      } ''
-        substituteAll ${./ejabberd.yml} $out
-        '';
-    };
-  };
-}