Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / websites / default.nix

diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index 90a8c1a837da6b91d69a5f2d49828b0c8d4dc616..e8193242b08e2c3980de7d0c026361051656b62a 100644 (file)
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -52,7 +52,7 @@ let
           LDAPOpCacheTTL 600
         </IfModule>
 
-        Include /var/secrets/apache-ldap
+        Include ${config.secrets.fullPaths."apache-ldap"}
       '';
     };
     global = {
@@ -109,8 +109,7 @@ in
     users.users.wwwrun.extraGroups = [ "keys" ];
     networking.firewall.allowedTCPPorts = [ 80 443 ];
 
-    secrets.keys = [{
-      dest = "apache-ldap";
+    secrets.keys."apache-ldap" = {
       user = "wwwrun";
       group = "wwwrun";
       permissions = "0400";
@@ -126,7 +125,7 @@ in
           </IfModule>
         </Macro>
         '';
-    }];
+    };
 
     system.activationScripts = {
       httpd = ''
@@ -149,9 +148,9 @@ in
       };
     };
 
-    services.filesWatcher.httpdProd.paths = [ "/var/secrets/apache-ldap" ];
-    services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ];
-    services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ];
+    services.filesWatcher.httpdProd.paths = [ config.secrets.fullPaths."apache-ldap" ];
+    services.filesWatcher.httpdInte.paths = [ config.secrets.fullPaths."apache-ldap" ];
+    services.filesWatcher.httpdTools.paths = [ config.secrets.fullPaths."apache-ldap" ];
 
     services.websites.env.production = {
       enable = true;
@@ -222,6 +221,7 @@ in
       _theme = pkgs.webapps.apache-theme.theme;
     };
     myServices.websites = {
+      bakeer.cloud.enable = true;
       capitaines.landing_pages.enable = true;
 
       chloe = {
@@ -242,11 +242,15 @@ in
         evariste.enable = true;
         denisejerome.enable = true;
         oms.enable = true;
+        bingo.enable = true;
         aventuriers.enable = true;
         production.enable = true;
       };
 
-      emilia.moodle.enable = true;
+      emilia = {
+        moodle.enable = false;
+        atelierfringant.enable = true;
+      };
 
       florian = {
         app.enable = true;
@@ -277,7 +281,7 @@ in
 
       nassime.production.enable = true;
 
-      nathanael.villon.enable = true;
+      nath.villon.enable = true;
 
       papa = {
         surveillance.enable = true;
@@ -291,6 +295,10 @@ in
         production.enable = true;
       };
 
+      ressourcerie_banon.production.enable = true;
+      ressourcerie_banon.cryptpad.enable = true;
+      ressourcerie_banon.cloud.enable = true;
+
       richie.production.enable = true;
 
       syden.peertube.enable = true;
@@ -300,6 +308,7 @@ in
       tools.assets.enable = true;
       tools.cloud.enable = true;
       tools.commento.enable = true;
+      tools.cryptpad.enable = true;
       tools.dav.enable = true;
       tools.db.enable = true;
       tools.diaspora.enable = true;
@@ -311,8 +320,10 @@ in
       tools.performance.enable = true;
       tools.tools.enable = true;
       tools.email.enable = true;
+      tools.stats.enable = false;
 
       games.codenames.enable = true;
+      games.terraforming-mars.enable = true;
     };
   };
 }