users.groups.diaspora.gid = config.ids.gids.diaspora;
- deployment.keys = diaspora.keys;
+ mySecrets.keys = diaspora.keys;
systemd.services.diaspora = {
description = "Diaspora";
wantedBy = [ "multi-user.target" ];
after = [
"network.target" "redis.service" "postgresql.service"
- "tools-diaspora-secret_token.service"
- "tools-diaspora-config.service"
- "tools-diaspora-database_config.service"
];
wants = [
"redis.service" "postgresql.service"
- "tools-diaspora-secret_token.service"
- "tools-diaspora-config.service"
- "tools-diaspora-database_config.service"
];
environment.RAILS_ENV = "production";
};
};
};
- keys.tools-diaspora-secret_token = {
- destDir = "/run/keys/webapps";
- user = "diaspora";
- group = "diaspora";
- permissions = "0400";
- text = ''
- Diaspora::Application.config.secret_key_base = '${env.secret_token}'
- '';
- };
- keys.tools-diaspora-config = {
- destDir = "/run/keys/webapps";
- user = "diaspora";
- group = "diaspora";
- permissions = "0400";
- text = ''
+ keys = {
+ secret_token = {
+ dest = "webapps/tools-diaspora-secret_token";
+ user = "diaspora";
+ group = "diaspora";
+ permissions = "0400";
+ text = ''
+ Diaspora::Application.config.secret_key_base = '${env.secret_token}'
+ '';
+ };
+ config = {
+ dest = "webapps/tools-diaspora-config";
+ user = "diaspora";
+ group = "diaspora";
+ permissions = "0400";
+ text = ''
configuration:
environment:
url: "https://diaspora.immae.eu/"
environment:
development:
environment:
- '';
- };
- keys.tools-diaspora-database_config = {
- destDir = "/run/keys/webapps";
- user = "diaspora";
- group = "diaspora";
- permissions = "0400";
- text = ''
+ '';
+ };
+ database = {
+ dest = "webapps/tools-diaspora-database_config";
+ user = "diaspora";
+ group = "diaspora";
+ permissions = "0400";
+ text = ''
postgresql: &postgresql
adapter: postgresql
host: "${env.postgresql.socket}"
integration2:
<<: *combined
database: diaspora_integration2
- '';
+ '';
+ };
};
railsRoot = stdenv.mkDerivation {
name = "diaspora_immae";
cd $out
chmod -R u+rwX .
tar -czf public/source.tar.gz ./{app,db,lib,script,Gemfile,Gemfile.lock,Rakefile,config.ru}
- ln -s ${writeText "database.yml" keys.tools-diaspora-database_config.text} config/database.yml
- ln -s ${writeText "diaspora.yml" keys.tools-diaspora-config.text} config/diaspora.yml
- ln -s ${writeText "secret_token.rb" keys.tools-diaspora-secret_token.text} config/initializers/secret_token.rb
+ ln -s ${writeText "database.yml" keys.database.text} config/database.yml
+ ln -s ${writeText "diaspora.yml" keys.config.text} config/diaspora.yml
+ ln -s ${writeText "secret_token.rb" keys.secret_token.text} config/initializers/secret_token.rb
ln -sf ${varDir}/schedule.yml config/schedule.yml
ln -sf ${varDir}/oidc_key.pem config/oidc_key.pem
ln -sf ${varDir}/uploads public/uploads
RAILS_ENV=production ${gems}/bin/rake assets:precompile
- ln -sf /run/keys/webapps/tools-diaspora-database_config config/database.yml
- ln -sf /run/keys/webapps/tools-diaspora-config config/diaspora.yml
- ln -sf /run/keys/webapps/tools-diaspora-secret_token config/initializers/secret_token.rb
+ ln -sf /var/secrets/webapps/tools-diaspora-database_config config/database.yml
+ ln -sf /var/secrets/webapps/tools-diaspora-config config/diaspora.yml
+ ln -sf /var/secrets/webapps/tools-diaspora-secret_token config/initializers/secret_token.rb
rm -rf tmp log
ln -sf ${varDir}/tmp tmp
ln -sf ${varDir}/log log
};
in
{
- inherit railsRoot varDir socketsDir gems keys;
+ inherit railsRoot varDir socketsDir gems;
+ keys = builtins.attrValues keys;
railsSocket = "${socketsDir}/diaspora.sock";
}
projects / perso / Immae / Config / Nix.git / commitdiff
