blob: a8e51499c5133a0abc57968a6e1202a7bc35cf55 (
plain) (
tree)
|
|
{ lib, pkgs, config, ... }:
let
cfg = config.myServices.websites.papa.surveillance;
varDir = "/var/lib/ftp/papa";
apacheUser = config.services.httpd.Prod.user;
in {
options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website";
config = lib.mkIf cfg.enable {
security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
services.cron = {
systemCronJobs = let
script = pkgs.writeScript "cleanup-papa" ''
#!${pkgs.stdenv.shell}
d=$(date -d "7 days ago" +%Y%m%d)
for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
if [ "$d" -gt $(basename $i) ]; then
rm -rf "$i"
fi
done
'';
in
[
''
0 6 * * * ${apacheUser} ${script}
''
];
};
services.websites.env.production.vhostConfs.papa_surveillance = {
certName = "papa";
certMainHost = "surveillance.maison.bbc.bouya.org";
hosts = [ "surveillance.maison.bbc.bouya.org" ];
root = varDir;
extraConfig = [
''
Use Apaxy "${varDir}" "title .duplicity-ignore"
<Directory ${varDir}>
Use LDAPConnect
Options Indexes
AllowOverride None
Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
</Directory>
''
];
};
};
}
|
