-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
let
- env = myconfig.env.tools.diaspora;
+ env = config.myEnv.tools.diaspora;
root = "/run/current-system/webapps/tools_diaspora";
cfg = config.myServices.websites.tools.diaspora;
dcfg = config.services.diaspora;
};
config = lib.mkIf cfg.enable {
+ services.duplyBackup.profiles.diaspora = {
+ rootDir = dcfg.dataDir;
+ };
users.users.diaspora.extraGroups = [ "keys" ];
secrets.keys = [
environment:
url: "https://diaspora.immae.eu/"
certificate_authorities: '${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt'
- redis: '${env.redis_url}'
+ redis: 'redis://${env.redis.host}:${env.redis.port}/${env.redis.db}'
sidekiq:
s3:
assets:
inbound:
ldap:
enable: true
- host: ldap.immae.eu
+ host: ${env.ldap.host}
port: 636
only_ldap: true
mail_attribute: mail
skip_email_confirmation: true
use_bind_dn: true
- bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu"
+ bind_dn: "${env.ldap.dn}"
bind_pw: "${env.ldap.password}"
- search_base: "dc=immae,dc=eu"
- search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))"
+ search_base: "${env.ldap.base}"
+ search_filter: "${env.ldap.filter}"
production:
environment:
development:
paths = [ dcfg.configDir ];
};
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http"
];
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora
'';
- services.websites.tools.vhostConfs.diaspora = {
+ services.websites.env.tools.vhostConfs.diaspora = {
certName = "eldiron";
addToCerts = true;
hosts = [ "diaspora.immae.eu" ];
projects / perso / Immae / Config / Nix.git / blobdiff