-{ lib, pkgs, config, ... }:
+{ lib, pkgs, config, mypackages-lib, ... }:
let
www_root = ./_www;
- theme_root = pkgs.webapps.apache-theme.theme;
+ theme_root = (mypackages-lib.apache-theme {}).theme;
apacheConfig = {
+ shutdownconfig = {
+ # Only give 5 seconds to workers to finish their work
+ extraConfig = ''
+ GracefulShutdownTimeout 5
+ '';
+ };
cache = {
# This setting permits to ignore time-based cache for files in the
# nix store:
'';
};
apaxy = {
- extraConfig = (pkgs.webapps.apache-theme.override { inherit theme_root; }).apacheConfig;
+ extraConfig = (mypackages-lib.apache-theme { inherit theme_root; }).apacheConfig;
};
http2 = {
modules = [ "http2" ];
lib.imap0 (i: e: ''Header always set "X-Moomin-${pad 2 (builtins.toString i)}" "${e}"'') lines;
in
{
+ imports = [
+ ./immae/production.nix
+ ./immae/release.nix
+
+ # Tools
+ ./assets
+ ./cloud
+ ./cloud/farm.nix
+ ./cryptpad
+ ./cryptpad/farm.nix
+ ./commento
+ ./dav
+ ./vpn
+ ./db
+ ./diaspora
+ ./ether
+ ./git
+ ./im
+ ./mastodon
+ ./mgoblin
+ ./peertube
+ ./performance
+ ./tools
+ ./mail
+ ./stats
+ ./visio
+ ./kanboard/farm.nix
+
+ # Games
+ ./games/codenames
+ ./games/terraforming-mars
+ ];
+
options.myServices.websites.enable = lib.mkEnableOption "enable websites";
config = lib.mkIf config.myServices.websites.enable {
+ myServices.dns.zones."immae.eu".subdomains = with config.myServices.dns.helpers;
+ {
+ games = ips servers.eldiron.ips.main;
+ nossl = ips servers.eldiron.ips.main;
+ };
+
+ myServices.chatonsProperties.hostings.web = {
+ file.datetime = "2022-08-22T01:30:00";
+ hosting = {
+ name = "Hébergement Web";
+ description = "Service d'hébergement web avec php/mysql/postgresql";
+ website = "https://www.immae.eu";
+ status.level = "OK";
+ status.description = "OK";
+ registration.load = "OPEN";
+ install.type = "PACKAGE";
+ };
+ software = {
+ name = "Apache Httpd";
+ website = "https://httpd.apache.org/";
+ license.url = "https://www.apache.org/licenses/";
+ license.name = "Apache License Version 2";
+ version = pkgs.apacheHttpd.version;
+ source.url = "https://httpd.apache.org/download.cgi";
+ modules = "openssh,pure-ftpd";
+ };
+ };
users.users.wwwrun.extraGroups = [ "keys" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
};
};
- services.filesWatcher.httpdProd.paths = [ config.secrets.fullPaths."apache-ldap" ];
- services.filesWatcher.httpdInte.paths = [ config.secrets.fullPaths."apache-ldap" ];
- services.filesWatcher.httpdTools.paths = [ config.secrets.fullPaths."apache-ldap" ];
-
services.websites.env.production = {
enable = true;
+ moduleType = "container";
adminAddr = "httpd@immae.eu";
- httpdName = "Prod";
+ bindMounts."/var/lib/ftp" = {};
+ # FIXME: Bind directly the needed files
+ bindMounts."/var/secrets" = {};
+ bindMounts."/var/lib/goaccess" = {};
+ bindMounts."/var/lib/acme" = {};
+ bindMounts."/run/phpfpm" = {};
ips =
let ips = config.myEnv.servers.eldiron.ips.production;
- in [ips.ip4] ++ (ips.ip6 or []);
+ in (ips.ip4 or []) ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig;
fallbackVhost = {
services.websites.env.integration = {
enable = true;
+ moduleType = "container";
adminAddr = "httpd@immae.eu";
- httpdName = "Inte";
+ bindMounts."/var/lib/ftp" = {};
+ bindMounts."/var/secrets" = {};
+ bindMounts."/var/lib/goaccess" = {};
+ bindMounts."/var/lib/acme" = {};
+ bindMounts."/run/phpfpm" = {};
ips =
let ips = config.myEnv.servers.eldiron.ips.integration;
- in [ips.ip4] ++ (ips.ip6 or []);
+ in (ips.ip4 or []) ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig ++ moomin;
fallbackVhost = {
- certName = "eldiron";
+ certName = "integration";
hosts = ["eldiron.immae.eu" ];
root = www_root;
extraConfig = [ "DirectoryIndex index.htm" ];
};
+ watchPaths = [ config.secrets.fullPaths."apache-ldap" ];
};
services.websites.env.tools = {
enable = true;
+ moduleType = "main";
adminAddr = "httpd@immae.eu";
- httpdName = "Tools";
ips =
let ips = config.myEnv.servers.eldiron.ips.main;
- in [ips.ip4] ++ (ips.ip6 or []);
+ in (ips.ip4 or []) ++ (ips.ip6 or []);
modules = makeModules;
extraConfig = makeExtraConfig ++
[ ''
nosslVhost = {
enable = true;
host = "nossl.immae.eu";
+ root = ./nossl;
};
fallbackVhost = {
certName = "eldiron";
root = www_root;
extraConfig = [ "DirectoryIndex index.htm" ];
};
+ watchPaths = [ config.secrets.fullPaths."apache-ldap" ];
};
myServices.websites = {
- bakeer.cloud.enable = true;
- capitaines.landing_pages.enable = true;
-
- chloe = {
- integration.enable = true;
- production.enable = true;
- };
-
- cip-ca = {
- sympa.enable = true;
- };
-
- connexionswing = {
- integration.enable = true;
- production.enable = true;
- };
-
- denise = {
- evariste.enable = true;
- denisejerome.enable = true;
- oms.enable = true;
- bingo.enable = true;
- aventuriers.enable = true;
- production.enable = true;
- };
-
- emilia = {
- moodle.enable = false;
- atelierfringant.enable = true;
- };
-
- florian = {
- app.enable = true;
- integration.enable = true;
- production.enable = true;
- };
-
immae = {
production.enable = true;
release.enable = true;
- temp.enable = true;
- };
-
- isabelle = {
- aten_integration.enable = true;
- aten_production.enable = true;
- iridologie.enable = true;
- };
-
- jerome.naturaloutil.enable = true;
-
- leila.production.enable = true;
-
- ludivine = {
- integration.enable = true;
- production.enable = true;
- };
-
- nassime.production.enable = true;
-
- nath.villon.enable = true;
-
- papa = {
- surveillance.enable = true;
- maison_bbc.enable = true;
- };
-
- patrick_fodella = {
- ecolyeu.enable = true;
- altermondia.enable = true;
- };
-
- piedsjaloux = {
- integration.enable = true;
- production.enable = true;
};
- ressourcerie_banon.production.enable = true;
- ressourcerie_banon.cryptpad.enable = true;
- ressourcerie_banon.cloud.enable = true;
-
- richie.production.enable = true;
-
- syden.peertube.enable = true;
-
- telio_tortay.production.enable = true;
-
tools.assets.enable = true;
tools.cloud.enable = true;
tools.commento.enable = true;
tools.tools.enable = true;
tools.email.enable = true;
tools.stats.enable = false;
+ tools.visio.enable = true;
games.codenames.enable = true;
games.terraforming-mars.enable = true;
projects / perso / Immae / Config / Nix.git / blobdiff