extraGroups = [ "keys" ];
};
- services.websites.tools.watchPaths = lib.attrsets.mapAttrsToList
+ services.websites.env.tools.watchPaths = lib.attrsets.mapAttrsToList
(k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include")
myconfig.env.buildbot.projects;
- services.websites.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
+ services.websites.env.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"
RewriteEngine On
RewriteRule ^/buildbot/${project.name}/ws(.*)$ unix:///run/buildbot/${project.name}.sock|ws://git.immae.eu/ws$1 [P,NE,QSA,L]
};
config = {
- services.websitesCerts = config.services.myCertificates.certConfig;
+ services.websites.certs = config.services.myCertificates.certConfig;
myServices.databasesCerts = config.services.myCertificates.certConfig;
myServices.ircCerts = config.services.myCertificates.certConfig;
SetEnv TASKD_LDAP_FILTER "${env.ldap.search}"
'';
}];
- services.websites.tools.watchPaths = [ "/var/secrets/webapps/tools-taskwarrior-web" ];
- services.websites.tools.modules = [ "proxy_fcgi" "sed" ];
- services.websites.tools.vhostConfs.task = {
+ services.websites.env.tools.watchPaths = [ "/var/secrets/webapps/tools-taskwarrior-web" ];
+ services.websites.env.tools.modules = [ "proxy_fcgi" "sed" ];
+ services.websites.env.tools.vhostConfs.task = {
certName = "eldiron";
addToCerts = true;
hosts = [ "task.immae.eu" ];
secrets.keys = aten.keys;
services.phpfpm.poolConfigs.aten_dev = aten.phpFpm.pool;
- services.websites.integration.vhostConfs.aten = {
+ services.websites.env.integration.vhostConfs.aten = {
certName = "eldiron";
addToCerts = true;
hosts = [ "dev.aten.pro" ];
services.phpfpm.poolConfigs.aten_prod = aten.phpFpm.pool;
system.activationScripts.aten_prod = aten.activationScript;
myServices.websites.webappDirs."${aten.apache.webappName}" = aten.app.webRoot;
- services.websites.production.modules = aten.apache.modules;
- services.websites.production.vhostConfs.aten = {
+ services.websites.env.production.modules = aten.apache.modules;
+ services.websites.env.production.vhostConfs.aten = {
certName = "aten";
certMainHost = "aten.pro";
hosts = [ "aten.pro" "www.aten.pro" ];
root = aten.apache.root;
extraConfig = [ aten.apache.vhostConf ];
};
- services.websites.production.watchPaths = [
+ services.websites.env.production.watchPaths = [
"/var/secrets/webapps/${aten.app.environment}-aten"
];
};
config = lib.mkIf cfg.enable {
myServices.websites.webappDirs."${webappName}" = siteDir;
- services.websites.production.vhostConfs.capitaines_mastodon = {
+ services.websites.env.production.vhostConfs.capitaines_mastodon = {
certName = "capitaines";
certMainHost = "mastodon.capitaines.fr";
hosts = [ "mastodon.capitaines.fr" ];
];
};
- services.websites.production.vhostConfs.capitaines = {
+ services.websites.env.production.vhostConfs.capitaines = {
certName = "capitaines";
addToCerts = true;
hosts = [ "capitaines.fr" ];
};
system.activationScripts.chloe_dev = chloe.activationScript;
myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot;
- services.websites.integration.modules = chloe.apache.modules;
- services.websites.integration.vhostConfs.chloe = {
+ services.websites.env.integration.modules = chloe.apache.modules;
+ services.websites.env.integration.vhostConfs.chloe = {
certName = "eldiron";
addToCerts = true;
hosts = ["chloe.immae.eu" ];
root = chloe.apache.root;
extraConfig = [ chloe.apache.vhostConf ];
};
- services.websites.integration.watchPaths = [
+ services.websites.env.integration.watchPaths = [
"/var/secrets/webapps/${chloe.app.environment}-chloe"
];
};
};
system.activationScripts.chloe_prod = chloe.activationScript;
myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot;
- services.websites.production.modules = chloe.apache.modules;
- services.websites.production.vhostConfs.chloe = {
+ services.websites.env.production.modules = chloe.apache.modules;
+ services.websites.env.production.vhostConfs.chloe = {
certName = "chloe";
certMainHost = "osteopathe-cc.fr";
hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
root = chloe.apache.root;
extraConfig = [ chloe.apache.vhostConf ];
};
- services.websites.production.watchPaths = [
+ services.websites.env.production.watchPaths = [
"/var/secrets/webapps/${chloe.app.environment}-chloe"
];
};
};
system.activationScripts.connexionswing_dev = connexionswing.activationScript;
myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot;
- services.websites.integration.modules = connexionswing.apache.modules;
- services.websites.integration.vhostConfs.connexionswing = {
+ services.websites.env.integration.modules = connexionswing.apache.modules;
+ services.websites.env.integration.vhostConfs.connexionswing = {
certName = "eldiron";
addToCerts = true;
hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
};
system.activationScripts.connexionswing_prod = connexionswing.activationScript;
myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot;
- services.websites.production.modules = connexionswing.apache.modules;
- services.websites.production.vhostConfs.connexionswing = {
+ services.websites.env.production.modules = connexionswing.apache.modules;
+ services.websites.env.production.vhostConfs.connexionswing = {
certName = "connexionswing";
certMainHost = "connexionswing.com";
hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ];
services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ];
- services.websites.production = {
+ services.websites.env.production = {
enable = true;
adminAddr = "httpd@immae.eu";
httpdName = "Prod";
};
};
- services.websites.integration = {
+ services.websites.env.integration = {
enable = true;
adminAddr = "httpd@immae.eu";
httpdName = "Inte";
};
};
- services.websites.tools = {
+ services.websites.env.tools = {
enable = true;
adminAddr = "httpd@immae.eu";
httpdName = "Tools";
config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ];
- services.websites.production.vhostConfs.denisejerome = {
+ services.websites.env.production.vhostConfs.denisejerome = {
certName = "denisejerome";
certMainHost = "denisejerome.piedsjaloux.fr";
hosts = ["denisejerome.piedsjaloux.fr" ];
install -m 0755 -o wwwrun -g wwwrun -d ${varDir}
'';
myServices.websites.webappDirs."${webappName}" = siteDir;
- services.websites.production.vhostConfs.emilia = {
+ services.websites.env.production.vhostConfs.emilia = {
certName = "emilia";
certMainHost = "saison-photo.org";
hosts = [ "saison-photo.org" "www.saison-photo.org" ];
services.phpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool;
system.activationScripts.tellesflorian_dev = tellesflorian.activationScript;
myServices.websites.webappDirs."${tellesflorian.apache.webappName}" = tellesflorian.app.webRoot;
- services.websites.integration.modules = adminer.apache.modules ++ tellesflorian.apache.modules;
- services.websites.integration.vhostConfs.tellesflorian = {
+ services.websites.env.integration.modules = adminer.apache.modules ++ tellesflorian.apache.modules;
+ services.websites.env.integration.vhostConfs.tellesflorian = {
certName = "eldiron";
addToCerts = true;
hosts = ["app.tellesflorian.com" ];
config = lib.mkIf cfg.enable {
security.acme.certs."ftp".extraDomains."florian.immae.eu" = null;
- services.websites.integration.modules = adminer.apache.modules;
- services.websites.integration.vhostConfs.florian = {
+ services.websites.env.integration.modules = adminer.apache.modules;
+ services.websites.env.integration.vhostConfs.florian = {
certName = "eldiron";
addToCerts = true;
hosts = [ "florian.immae.eu" ];
config = lib.mkIf cfg.enable {
security.acme.certs."ftp".extraDomains."tellesflorian.com" = null;
- services.websites.production.modules = adminer.apache.modules;
- services.websites.production.vhostConfs.florian = {
+ services.websites.env.production.modules = adminer.apache.modules;
+ services.websites.env.production.vhostConfs.florian = {
certName = "florian";
certMainHost = "tellesflorian.com";
hosts = [ "tellesflorian.com" "www.tellesflorian.com" ];
php_admin_value[open_basedir] = "${varDir}:/tmp"
'';
- services.websites.production.modules = [ "proxy_fcgi" ];
- services.websites.production.vhostConfs.immae = {
+ services.websites.env.production.modules = [ "proxy_fcgi" ];
+ services.websites.env.production.vhostConfs.immae = {
certName = "eldiron";
addToCerts = true;
hosts = [ "www.immae.eu" ];
];
};
- services.websites.production.vhostConfs.bouya = {
+ services.websites.env.production.vhostConfs.bouya = {
certName = "eldiron";
addToCerts = true;
hosts = [ "bouya.org" "www.bouya.org" ];
config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "release.immae.eu"; } ];
- services.websites.production.vhostConfs.release = {
+ services.websites.env.production.vhostConfs.release = {
certName = "eldiron";
addToCerts = true;
hosts = [ "release.immae.eu" ];
options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website";
config = lib.mkIf cfg.enable {
- services.websites.production.modules = [ "headers" ];
- services.websites.production.vhostConfs.temp = {
+ services.websites.env.production.modules = [ "headers" ];
+ services.websites.env.production.vhostConfs.temp = {
certName = "eldiron";
addToCerts = true;
hosts = [ "temp.immae.eu" ];
{ name = "chorale.leila.bouya.org"; }
];
- services.websites.production.modules = [ "proxy_fcgi" ];
- services.websites.production.vhostConfs.leila_chorale = {
+ services.websites.env.production.modules = [ "proxy_fcgi" ];
+ services.websites.env.production.vhostConfs.leila_chorale = {
certName = "leila";
addToCerts = true;
hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ];
''
];
};
- services.websites.production.vhostConfs.leila = {
+ services.websites.env.production.vhostConfs.leila = {
certName = "leila";
certMainHost = "leila.bouya.org";
hosts = [ "leila.bouya.org" ];
services.phpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool;
system.activationScripts.ludivinecassal_dev = ludivinecassal.activationScript;
myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot;
- services.websites.integration.modules = ludivinecassal.apache.modules;
- services.websites.integration.vhostConfs.ludivine = {
+ services.websites.env.integration.modules = ludivinecassal.apache.modules;
+ services.websites.env.integration.vhostConfs.ludivine = {
certName = "eldiron";
addToCerts = true;
hosts = [ "ludivine.immae.eu" ];
services.phpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool;
system.activationScripts.ludivinecassal_prod = ludivinecassal.activationScript;
myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot;
- services.websites.production.modules = ludivinecassal.apache.modules;
- services.websites.production.vhostConfs.ludivine = {
+ services.websites.env.production.modules = ludivinecassal.apache.modules;
+ services.websites.env.production.vhostConfs.ludivine = {
certName = "ludivinecassal";
certMainHost = "ludivinecassal.com";
hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ];
security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null;
- services.websites.production.vhostConfs.nassime = {
+ services.websites.env.production.vhostConfs.nassime = {
certName = "nassime";
certMainHost = "nassime.bouya.org";
hosts = ["nassime.bouya.org" ];
extension=${pkgs.php}/lib/php/extensions/mysqli.so
'';
};
- services.websites.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
- services.websites.production.vhostConfs.naturaloutil = {
+ services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
+ services.websites.env.production.vhostConfs.naturaloutil = {
certName = "naturaloutil";
certMainHost = "naturaloutil.immae.eu";
hosts = ["naturaloutil.immae.eu" ];
];
};
- services.websites.production.vhostConfs.papa = {
+ services.websites.env.production.vhostConfs.papa = {
certName = "papa";
certMainHost = "surveillance.maison.bbc.bouya.org";
hosts = [ "surveillance.maison.bbc.bouya.org" ];
services.phpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool;
system.activationScripts.piedsjaloux_dev = piedsjaloux.activationScript;
myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot;
- services.websites.integration.modules = piedsjaloux.apache.modules;
- services.websites.integration.vhostConfs.piedsjaloux = {
+ services.websites.env.integration.modules = piedsjaloux.apache.modules;
+ services.websites.env.integration.vhostConfs.piedsjaloux = {
certName = "eldiron";
addToCerts = true;
hosts = [ "piedsjaloux.immae.eu" ];
services.phpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool;
system.activationScripts.piedsjaloux_prod = piedsjaloux.activationScript;
myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot;
- services.websites.production.modules = piedsjaloux.apache.modules;
- services.websites.production.vhostConfs.piedsjaloux = {
+ services.websites.env.production.modules = piedsjaloux.apache.modules;
+ services.websites.env.production.vhostConfs.piedsjaloux = {
certName = "piedsjaloux";
certMainHost = "piedsjaloux.fr";
hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
};
config = lib.mkIf cfg.enable {
- services.websites.tools.modules = [ "proxy_fcgi" ];
+ services.websites.env.tools.modules = [ "proxy_fcgi" ];
- services.websites.tools.vhostConfs.cloud = {
+ services.websites.env.tools.vhostConfs.cloud = {
certName = "eldiron";
addToCerts = true;
hosts = ["cloud.immae.eu" ];
config = lib.mkIf cfg.enable {
system.activationScripts.davical = davical.activationScript;
secrets.keys = davical.keys;
- services.websites.tools.modules = davical.apache.modules;
+ services.websites.env.tools.modules = davical.apache.modules;
- services.websites.tools.vhostConfs.dav = {
+ services.websites.env.tools.vhostConfs.dav = {
certName = "eldiron";
addToCerts = true;
hosts = ["dav.immae.eu" ];
};
config = lib.mkIf cfg.enable {
- services.websites.tools.modules = adminer.apache.modules;
- services.websites.tools.vhostConfs.db-1 = {
+ services.websites.env.tools.modules = adminer.apache.modules;
+ services.websites.env.tools.vhostConfs.db-1 = {
certName = "eldiron";
addToCerts = true;
hosts = ["db-1.immae.eu" ];
paths = [ dcfg.configDir ];
};
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http"
];
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora
'';
- services.websites.tools.vhostConfs.diaspora = {
+ services.websites.env.tools.vhostConfs.diaspora = {
certName = "eldiron";
addToCerts = true;
hosts = [ "diaspora.immae.eu" ];
paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
};
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http" "proxy_wstunnel"
];
- services.websites.tools.vhostConfs.etherpad-lite = {
+ services.websites.env.tools.vhostConfs.etherpad-lite = {
certName = "eldiron";
addToCerts = true;
hosts = [ "ether.immae.eu" ];
config = lib.mkIf cfg.enable {
secrets.keys = mantisbt.keys;
- services.websites.tools.modules =
+ services.websites.env.tools.modules =
gitweb.apache.modules ++
mantisbt.apache.modules;
myServices.websites.webappDirs."${gitweb.apache.webappName}" = gitweb.webRoot;
myServices.websites.webappDirs."${mantisbt.apache.webappName}" = mantisbt.webRoot;
system.activationScripts.mantisbt = mantisbt.activationScript;
- services.websites.tools.vhostConfs.git = {
+ services.websites.env.tools.vhostConfs.git = {
certName = "eldiron";
addToCerts = true;
hosts = ["git.immae.eu" ];
};
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_wstunnel" "proxy_http"
];
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
'';
- services.websites.tools.vhostConfs.mastodon = {
+ services.websites.env.tools.vhostConfs.mastodon = {
certName = "eldiron";
addToCerts = true;
hosts = ["mastodon.immae.eu" ];
paths = [ mcfg.configFile ];
};
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"proxy" "proxy_http"
];
users.users.wwwrun.extraGroups = [ "mediagoblin" ];
- services.websites.tools.vhostConfs.mgoblin = {
+ services.websites.env.tools.vhostConfs.mgoblin = {
certName = "eldiron";
addToCerts = true;
hosts = ["mgoblin.immae.eu" ];
'';
}];
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http" "proxy_wstunnel"
];
services.filesWatcher.peertube = {
paths = [ pcfg.configFile ];
};
- services.websites.tools.vhostConfs.peertube = {
+ services.websites.env.tools.vhostConfs.peertube = {
certName = "eldiron";
addToCerts = true;
hosts = [ "peertube.immae.eu" ];
++ wallabag.keys
++ yourls.keys;
- services.websites.integration.modules =
+ services.websites.env.integration.modules =
rainloop.apache.modules;
- services.websites.tools.modules =
+ services.websites.env.tools.modules =
[ "proxy_fcgi" ]
++ adminer.apache.modules
++ ympd.apache.modules
++ ldap.apache.modules
++ kanboard.apache.modules;
- services.websites.integration.vhostConfs.devtools = {
+ services.websites.env.integration.vhostConfs.devtools = {
certName = "eldiron";
addToCerts = true;
hosts = ["devtools.immae.eu" ];
];
};
- services.websites.tools.vhostConfs.tools = {
+ services.websites.env.tools.vhostConfs.tools = {
certName = "eldiron";
addToCerts = true;
hosts = ["tools.immae.eu" ];
];
};
- services.websites.tools.vhostConfs.outils = {
+ services.websites.env.tools.vhostConfs.outils = {
certName = "eldiron";
addToCerts = true;
hosts = [ "outils.immae.eu" ];
"${kanboard.apache.webappName}" = kanboard.webRoot;
};
- services.websites.tools.watchPaths = [
+ services.websites.env.tools.watchPaths = [
"/var/secrets/webapps/tools-wallabag"
];
services.filesWatcher.phpfpm-wallabag = {
{ lib, config, ... }: with lib;
let
- cfg = {
- certs = config.services.websitesCerts;
- webappDirs = config.services.websitesWebappDirs;
- env = config.services.websites;
- };
+ cfg = config.services.websites;
in
{
- options.services.websitesCerts = mkOption {
- description = "Default websites configuration for certificates as accepted by acme";
- };
- options.services.websitesWebappDirs = mkOption {
- description = ''
- Defines a symlink between /run/current-system/webapps and a store
- app directory to be used in http configuration. Permits to avoid
- restarting httpd when only the folder name changes.
- '';
- type = types.attrsOf types.path;
- default = {};
- };
- # TODO: ajouter /run/current-system/webapps (RO) et webapps (RW)
- options.services.websites = with types; mkOption {
- default = {};
- description = "Each type of website to enable will target a distinct httpd server";
- type = attrsOf (submodule {
- options = {
- enable = mkEnableOption "Enable websites of this type";
- adminAddr = mkOption {
- type = str;
- description = "Admin e-mail address of the instance";
- };
- httpdName = mkOption {
- type = str;
- description = "Name of the httpd instance to assign this type to";
- };
- ips = mkOption {
- type = listOf string;
- default = [];
- description = "ips to listen to";
- };
- modules = mkOption {
- type = listOf str;
- default = [];
- description = "Additional modules to load in Apache";
- };
- extraConfig = mkOption {
- type = listOf lines;
- default = [];
- description = "Additional configuration to append to Apache";
- };
- nosslVhost = mkOption {
- description = "A default nossl vhost for captive portals";
- default = {};
- type = submodule {
- options = {
- enable = mkEnableOption "Add default no-ssl vhost for this instance";
- host = mkOption {
- type = string;
- description = "The hostname to use for this vhost";
- };
- root = mkOption {
- type = path;
- default = ./nosslVhost;
- description = "The root folder to serve";
- };
- indexFile = mkOption {
- type = string;
- default = "index.html";
- description = "The index file to show.";
+ options.services.websites = with types; {
+ certs = mkOption {
+ description = "Default websites configuration for certificates as accepted by acme";
+ };
+ webappDirs = mkOption {
+ description = ''
+ Defines a symlink between /run/current-system/webapps and a store
+ app directory to be used in http configuration. Permits to avoid
+ restarting httpd when only the folder name changes.
+ '';
+ type = types.attrsOf types.path;
+ default = {};
+ };
+ webappDirsName = mkOption {
+ type = str;
+ default = "webapps";
+ description = ''
+ Name of the webapp dir to create in /run/current-system
+ '';
+ };
+ webappDirsPath = mkOption {
+ type = str;
+ readOnly = true;
+ description = ''
+ Full path of the webapp dir
+ '';
+ default = "/run/current-system/${cfg.webappDirsName}";
+ };
+ env = mkOption {
+ default = {};
+ description = "Each type of website to enable will target a distinct httpd server";
+ type = attrsOf (submodule {
+ options = {
+ enable = mkEnableOption "Enable websites of this type";
+ adminAddr = mkOption {
+ type = str;
+ description = "Admin e-mail address of the instance";
+ };
+ httpdName = mkOption {
+ type = str;
+ description = "Name of the httpd instance to assign this type to";
+ };
+ ips = mkOption {
+ type = listOf string;
+ default = [];
+ description = "ips to listen to";
+ };
+ modules = mkOption {
+ type = listOf str;
+ default = [];
+ description = "Additional modules to load in Apache";
+ };
+ extraConfig = mkOption {
+ type = listOf lines;
+ default = [];
+ description = "Additional configuration to append to Apache";
+ };
+ nosslVhost = mkOption {
+ description = "A default nossl vhost for captive portals";
+ default = {};
+ type = submodule {
+ options = {
+ enable = mkEnableOption "Add default no-ssl vhost for this instance";
+ host = mkOption {
+ type = string;
+ description = "The hostname to use for this vhost";
+ };
+ root = mkOption {
+ type = path;
+ default = ./nosslVhost;
+ description = "The root folder to serve";
+ };
+ indexFile = mkOption {
+ type = string;
+ default = "index.html";
+ description = "The index file to show.";
+ };
};
};
};
- };
- fallbackVhost = mkOption {
- description = "The fallback vhost that will be defined as first vhost in Apache";
- type = submodule {
- options = {
- certName = mkOption { type = string; };
- hosts = mkOption { type = listOf string; };
- root = mkOption { type = nullOr path; };
- extraConfig = mkOption { type = listOf lines; default = []; };
+ fallbackVhost = mkOption {
+ description = "The fallback vhost that will be defined as first vhost in Apache";
+ type = submodule {
+ options = {
+ certName = mkOption { type = string; };
+ hosts = mkOption { type = listOf string; };
+ root = mkOption { type = nullOr path; };
+ extraConfig = mkOption { type = listOf lines; default = []; };
+ };
};
};
- };
- vhostConfs = mkOption {
- default = {};
- description = "List of vhosts to define for Apache";
- type = attrsOf (submodule {
- options = {
- certName = mkOption { type = string; };
- addToCerts = mkOption {
- type = bool;
- default = false;
- description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null";
- };
- certMainHost = mkOption {
- type = nullOr string;
- description = "Use that host as 'main host' for acme certs";
- default = null;
+ vhostConfs = mkOption {
+ default = {};
+ description = "List of vhosts to define for Apache";
+ type = attrsOf (submodule {
+ options = {
+ certName = mkOption { type = string; };
+ addToCerts = mkOption {
+ type = bool;
+ default = false;
+ description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null";
+ };
+ certMainHost = mkOption {
+ type = nullOr string;
+ description = "Use that host as 'main host' for acme certs";
+ default = null;
+ };
+ hosts = mkOption { type = listOf string; };
+ root = mkOption { type = nullOr path; };
+ extraConfig = mkOption { type = listOf lines; default = []; };
};
- hosts = mkOption { type = listOf string; };
- root = mkOption { type = nullOr path; };
- extraConfig = mkOption { type = listOf lines; default = []; };
- };
- });
- };
- watchPaths = mkOption {
- type = listOf string;
- default = [];
- description = ''
- Paths to watch that should trigger a reload of httpd
- '';
+ });
+ };
+ watchPaths = mkOption {
+ type = listOf string;
+ default = [];
+ description = ''
+ Paths to watch that should trigger a reload of httpd
+ '';
+ };
};
- };
- });
+ });
+ };
};
config.services.httpd = let
) groupedCerts;
config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) ''
- mkdir -p $out/webapps
- ${builtins.concatStringsSep "\n" (attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") cfg.webappDirs)}
+ mkdir -p $out/${cfg.webappDirsName}
+ ${builtins.concatStringsSep "\n"
+ (attrsets.mapAttrsToList
+ (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs)
+ }
'';
}
};
config = {
- services.websites = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair
+ services.websites.env = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair
name {
modules = [ "proxy_fcgi" ];
watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs);
}
) cfgByEnv;
- services.websitesWebappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
+ services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
icfg.webappName icfg.webRoot
) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg);
projects / perso / Immae / Config / Nix.git / commitdiff
