Move webstats outside of nixops

[perso/Immae/Config/Nix.git] / nixops / modules / websites / default.nix

diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index 9782e683dfd37f26cdcf7a8c68e7113ba2ded979..79cd1a1b62b423a3c92e135ddfdffd3ffbbae6a1 100644 (file)
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -117,19 +117,20 @@ in
     ./ftp/florian.nix
     ./ftp/denisejerome.nix
     ./ftp/leila.nix
+    ./ftp/papa.nix
     ./ftp/immae.nix
     ./ftp/release.nix
     ./ftp/temp.nix
-    ./tools/db
+    ./tools/db.nix
     ./tools/tools
     ./tools/dav
-    ./tools/cloud
+    ./tools/cloud.nix
     ./tools/git
-    ./tools/mastodon
-    ./tools/mediagoblin
-    ./tools/diaspora
-    ./tools/ether
-    ./tools/peertube
+    ./tools/mastodon.nix
+    ./tools/mediagoblin.nix
+    ./tools/diaspora.nix
+    ./tools/ether.nix
+    ./tools/peertube.nix
     # built using:
     # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
     # Removed allGranted
@@ -189,9 +190,6 @@ in
         #   '';
       });
       phpPackages = super.php72Packages.override { inherit php; };
-      composerEnv = import ./commons/composer-env.nix {
-        inherit (self) stdenv writeTextFile fetchurl php unzip;
-      };
     }) ];
 
     services.myWebsites.tools.databases.enable = true;
@@ -214,6 +212,7 @@ in
     services.myWebsites.Nassime.production.enable = cfg.production.enable;
     services.myWebsites.Florian.production.enable = cfg.production.enable;
     services.myWebsites.Leila.production.enable = cfg.production.enable;
+    services.myWebsites.Papa.production.enable = cfg.production.enable;
     services.myWebsites.DeniseJerome.production.enable = cfg.production.enable;
     services.myWebsites.Emilia.production.enable = cfg.production.enable;
     services.myWebsites.Capitaines.production.enable = cfg.production.enable;
@@ -229,10 +228,11 @@ in
     services.myWebsites.TellesFlorian.integration.enable = true;
     services.myWebsites.Florian.integration.enable = true;
 
-    deployment.keys.apache-ldap = {
+    secrets.keys = [{
+      dest = "apache-ldap";
       user = "wwwrun";
       group = "wwwrun";
-      permissions = "0700";
+      permissions = "0400";
       text = ''
         <Macro LDAPConnect>
           <IfModule authnz_ldap_module>
@@ -245,7 +245,7 @@ in
           </IfModule>
         </Macro>
         '';
-    };
+    }];
 
     services.myWebsites.apacheConfig = {
       gzip = {
@@ -260,13 +260,13 @@ in
       stats = {
         extraConfig = ''
           <Macro Stats %{domain}>
-            Alias /awstats /var/lib/goaccess/%{domain}
-            <Directory /var/lib/goaccess/%{domain}>
+            Alias /webstats ${config.services.webstats.dataDir}/%{domain}
+            <Directory ${config.services.webstats.dataDir}/%{domain}>
               DirectoryIndex index.html
               AllowOverride None
               Require all granted
             </Directory>
-            <Location /awstats>
+            <Location /webstats>
               Use LDAPConnect
               Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
             </Location>
@@ -284,7 +284,7 @@ in
             LDAPOpCacheTTL 600
           </IfModule>
 
-          Include /run/keys/apache-ldap
+          Include /var/secrets/apache-ldap
         '';
       };
       global = {
@@ -406,8 +406,10 @@ in
         install -d -m 0755 /var/lib/acme/acme-challenge
         install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
         install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
+        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/tmp/adminer
         install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
         install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
+        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/phpldapadmin
         '';
     };