+++ /dev/null
-{ lib, pkgs, config, ... }:
-let
- cfg = config.myServices.websites.papa.surveillance;
- varDir = "/var/lib/ftp/papa";
- apacheUser = config.services.httpd.Prod.user;
-in {
- options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website";
-
- config = lib.mkIf cfg.enable {
- security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
-
- services.cron = {
- systemCronJobs = let
- script = pkgs.writeScript "cleanup-papa" ''
- #!${pkgs.stdenv.shell}
- d=$(date -d "7 days ago" +%Y%m%d)
- for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
- if [ "$d" -gt $(basename $i) ]; then
- rm -rf "$i"
- fi
- done
- '';
- in
- [
- ''
- 0 6 * * * ${apacheUser} ${script}
- ''
- ];
- };
-
- services.websites.env.production.vhostConfs.papa_surveillance = {
- certName = "papa";
- certMainHost = "surveillance.maison.bbc.bouya.org";
- hosts = [ "surveillance.maison.bbc.bouya.org" ];
- root = varDir;
- extraConfig = [
- ''
- Use Apaxy "${varDir}" "title .duplicity-ignore"
- <Directory ${varDir}>
- Use LDAPConnect
- Options Indexes
- AllowOverride None
- Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
- </Directory>
- ''
- ];
- };
- };
-}
-