Use password store to store environment

[perso/Immae/Config/Nix.git] / nixops / eldiron.nix

diff --git a/nixops/eldiron.nix b/nixops/eldiron.nix
index 337ea2f376bfd8a5ae7172bc14d1ed82f2980adf..ecc65cc3f0082b3af970f4df7658910078b21d88 100644 (file)
--- a/nixops/eldiron.nix
+++ b/nixops/eldiron.nix
@@ -1,3 +1,4 @@
+{ environment ? ./environment.nix }:
 {
   network = {
     description = "Immae's network";
@@ -10,7 +11,7 @@
     _module.args = {
       mylibs = import ../libs.nix;
       myconfig = {
-        env = import ./environment.nix;
+        env = import environment;
         ips = {
           main = "176.9.151.89";
           production = "176.9.151.154";
@@ -24,12 +25,15 @@
       ./modules/gitolite
       ./modules/databases
       ./modules/websites
+      ./modules/mail
+      ./modules/ftp
     ];
     services.myGitolite.enable = true;
     services.myDatabases.enable = true;
     services.myWebsites.production.enable = true;
     services.myWebsites.integration.enable = true;
     services.myWebsites.tools.enable = true;
+    services.pure-ftpd.enable = true;
 
     networking = {
       firewall = {
@@ -88,5 +92,16 @@
       source = ldap_authorized_keys;
     };
 
+    services.cron = {
+      enable = true;
+      # Doesn't work, need to be a user
+      mailto = "cron+eldiron@immae.eu";
+      systemCronJobs = [
+        ''
+          # The star after /var/lib/* avoids deleting all folders in case of problem
+          0 3,9,15,21 * * * root rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu:
+        ''
+      ];
+    };
   };
 }