Fix etherpad export and paths

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / ether / default.nix

diff --git a/modules/private/websites/tools/ether/default.nix b/modules/private/websites/tools/ether/default.nix
index 3e68d54e5ee2fbe3d4834f08fec4fa3a4ef019d3..da88ec54bb5c88e69818ceeda28d4237f7fedf1f 100644 (file)
--- a/modules/private/websites/tools/ether/default.nix
+++ b/modules/private/websites/tools/ether/default.nix
@@ -1,6 +1,6 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config,  ... }:
 let
-  env = myconfig.env.tools.etherpad-lite;
+  env = config.myEnv.tools.etherpad-lite;
   cfg = config.myServices.websites.tools.etherpad-lite;
   # Make sure we’re not rebuilding whole libreoffice just because of a
   # dependency
@@ -12,6 +12,9 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    services.duplyBackup.profiles.etherpad-lite = {
+      rootDir = "/var/lib/private/etherpad-lite";
+    };
     secrets.keys = [
       {
         dest = "webapps/tools-etherpad-apikey";
@@ -55,7 +58,7 @@ in {
               "rtl": false,
               "alwaysShowChat": false,
               "chatAndUsers": false,
-              "lang": "en-gb"
+              "lang": "fr"
             },
 
             "suppressErrorsInPadText" : false,
@@ -66,7 +69,7 @@ in {
             "maxAge" : 21600,
             "abiword" : null,
             "soffice" : "${libreoffice}/bin/soffice",
-            "tidyHtml" : "${pkgs.html-tidy}/bin/tidy",
+            "tidyHtml" : "",
             "allowUnknownFileEnds" : true,
             "requireAuthentication" : false,
             "requireAuthorization" : false,
@@ -86,15 +89,15 @@ in {
               "ldapauth": {
                 "url": "ldaps://${env.ldap.host}",
                 "accountBase": "${env.ldap.base}",
-                "accountPattern": "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))",
+                "accountPattern": "${env.ldap.filter}",
                 "displayNameAttribute": "cn",
-                "searchDN": "cn=etherpad,ou=services,dc=immae,dc=eu",
+                "searchDN": "${env.ldap.dn}",
                 "searchPWD": "${env.ldap.password}",
                 "groupSearchBase": "${env.ldap.base}",
                 "groupAttribute": "member",
                 "groupAttributeIsDN": true,
                 "searchScope": "sub",
-                "groupSearch": "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)",
+                "groupSearch": "${env.ldap.group_filter}",
                 "anonymousReadonly": false
               }
             },
@@ -132,16 +135,18 @@ in {
     };
 
     systemd.services.etherpad-lite.serviceConfig.SupplementaryGroups = "keys";
+    # Needed so that they get in the closure
+    systemd.services.etherpad-lite.path = [ libreoffice pkgs.html-tidy ];
 
     services.filesWatcher.etherpad-lite = {
       restart = true;
       paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
     };
 
-    services.websites.tools.modules = [
+    services.websites.env.tools.modules = [
       "headers" "proxy" "proxy_http" "proxy_wstunnel"
     ];
-    services.websites.tools.vhostConfs.etherpad-lite = {
+    services.websites.env.tools.vhostConfs.etherpad-lite = {
       certName    = "eldiron";
       addToCerts  = true;
       hosts       = [ "ether.immae.eu" ];
@@ -152,7 +157,7 @@ in {
 
         RewriteEngine On
 
-        RewriteMap  redirects "txt:${pkgs.writeText "redirects.txt" myconfig.env.tools.etherpad-lite.redirects}"
+        RewriteMap  redirects "txt:${pkgs.writeText "redirects.txt" config.myEnv.tools.etherpad-lite.redirects}"
         RewriteCond %{QUERY_STRING}         "!noredirect"
         RewriteCond %{REQUEST_URI}          "^(.*)$"
         RewriteCond ''${redirects:$1|Unknown} "!Unknown"