Add certificate creation and handling to websites

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / default.nix

diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix
index 433927e1837a242523adc684b9a0403408b3ad27..061c0043637e3caed1dfc34db3da35920878ad8d 100644 (file)
--- a/nixops/modules/websites/tools/tools/default.nix
+++ b/nixops/modules/websites/tools/tools/default.nix
@@ -1,11 +1,11 @@
-{ lib, pkgs, config, myconfig, mylibs, ... }:
+{ lib, pkgs, config, myconfig,  ... }:
 let
     adminer = pkgs.callPackage ../../commons/adminer.nix {};
     ympd = pkgs.callPackage ./ympd.nix {
       env = myconfig.env.tools.ympd;
     };
     ttrss = pkgs.callPackage ./ttrss.nix {
-      inherit (mylibs) fetchedGithub fetchedGit;
+      inherit (pkgs.webapps) ttrss ttrss-plugins;
       env = myconfig.env.tools.ttrss;
     };
     roundcubemail = pkgs.callPackage ./roundcubemail.nix {
@@ -16,7 +16,10 @@ let
     kanboard = pkgs.callPackage ./kanboard.nix  {
       env = myconfig.env.tools.kanboard;
     };
-    wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
+    wallabag = pkgs.callPackage ./wallabag.nix {
+      inherit (pkgs.webapps) wallabag;
+      env = myconfig.env.tools.wallabag;
+    };
     yourls = pkgs.callPackage ./yourls.nix {
       inherit (pkgs.webapps) yourls yourls-plugins;
       env = myconfig.env.tools.yourls;
@@ -43,10 +46,7 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
-    security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null;
-
-    mySecrets.keys =
+    secrets.keys =
       kanboard.keys
       ++ ldap.keys
       ++ roundcubemail.keys
@@ -55,10 +55,10 @@ in {
       ++ wallabag.keys
       ++ yourls.keys;
 
-    services.myWebsites.integration.modules =
+    services.websites.integration.modules =
       rainloop.apache.modules;
 
-    services.myWebsites.tools.modules =
+    services.websites.tools.modules =
       [ "proxy_fcgi" ]
       ++ adminer.apache.modules
       ++ ympd.apache.modules
@@ -81,8 +81,9 @@ in {
         '';
     };
 
-    services.myWebsites.integration.vhostConfs.devtools = {
+    services.websites.integration.vhostConfs.devtools = {
       certName    = "eldiron";
+      addToCerts  = true;
       hosts       = ["devtools.immae.eu" ];
       root        = "/var/lib/ftp/devtools.immae.eu";
       extraConfig = [
@@ -100,8 +101,9 @@ in {
       ];
     };
 
-    services.myWebsites.tools.vhostConfs.tools = {
+    services.websites.tools.vhostConfs.tools = {
       certName    = "eldiron";
+      addToCerts  = true;
       hosts       = ["tools.immae.eu" ];
       root        = "/var/lib/ftp/tools.immae.eu";
       extraConfig = [
@@ -129,11 +131,11 @@ in {
       ];
     };
 
-    security.acme.certs."eldiron".extraDomains."outils.immae.eu" = null;
-    services.myWebsites.tools.vhostConfs.outils = {
-      certName = "eldiron";
-      hosts    = [ "outils.immae.eu" ];
-      root     = null;
+    services.websites.tools.vhostConfs.outils = {
+      certName   = "eldiron";
+      addToCerts = true;
+      hosts      = [ "outils.immae.eu" ];
+      root       = null;
       extraConfig = [
         ''
         RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1