blob: 87faee848e4d6a2dc7e7dbb01ff13c34c06a97eb (
plain) (
tree)
|
|
{ lib, pkgs, config, myconfig, mylibs, ... }:
let
diaspora = pkgs.callPackage ./diaspora.nix {
inherit (mylibs) fetchedGithub;
env = myconfig.env.tools.diaspora;
};
cfg = config.services.myWebsites.tools.diaspora;
in {
options.services.myWebsites.tools.diaspora = {
enable = lib.mkEnableOption "enable diaspora's website";
};
config = lib.mkIf cfg.enable {
ids.uids.diaspora = myconfig.env.tools.diaspora.user.uid;
ids.gids.diaspora = myconfig.env.tools.diaspora.user.gid;
users.users.diaspora = {
name = "diaspora";
uid = config.ids.uids.diaspora;
group = "diaspora";
description = "Diaspora user";
home = diaspora.railsRoot;
useDefaultShell = true;
packages = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby ];
};
users.groups.diaspora.gid = config.ids.gids.diaspora;
systemd.services.diaspora = {
description = "Diaspora";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "redis.service" "postgresql.service" ];
wants = [ "redis.service" "postgresql.service" ];
environment.RAILS_ENV = "production";
environment.BUNDLE_PATH = "${diaspora.gems}/${diaspora.gems.ruby.gemPath}";
environment.BUNDLE_GEMFILE = "${diaspora.gems.confFiles}/Gemfile";
environment.EYE_SOCK = "${diaspora.socketsDir}/eye.sock";
environment.EYE_PID = "${diaspora.socketsDir}/eye.pid";
path = [ diaspora.gems pkgs.nodejs diaspora.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];
preStart = ''
./bin/bundle exec rails db:migrate
'';
script = ''
exec ${diaspora.railsRoot}/script/server
'';
serviceConfig = {
User = "diaspora";
PrivateTmp = true;
Restart = "always";
Type = "simple";
WorkingDirectory = diaspora.railsRoot;
StandardInput = "null";
KillMode = "control-group";
};
unitConfig.RequiresMountsFor = diaspora.varDir;
};
system.activationScripts.diaspora = {
deps = [ "users" ];
text = ''
install -m 0755 -o diaspora -g diaspora -d ${diaspora.socketsDir}
install -m 0755 -o diaspora -g diaspora -d ${diaspora.varDir} \
${diaspora.varDir}/uploads ${diaspora.varDir}/tmp \
${diaspora.varDir}/log
install -m 0700 -o diaspora -g diaspora -d ${diaspora.varDir}/tmp/pids
if [ ! -f ${diaspora.varDir}/schedule.yml ]; then
echo "{}" | $wrapperDir/sudo -u diaspora tee ${diaspora.varDir}/schedule.yml
fi
'';
};
services.myWebsites.tools.modules = [
"headers" "proxy" "proxy_http"
];
security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null;
services.myWebsites.tools.vhostConfs.diaspora = {
certName = "eldiron";
hosts = [ "diaspora.immae.eu" ];
root = "${diaspora.railsRoot}/public/";
extraConfig = [ ''
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ unix://${diaspora.railsSocket}|http://diaspora.immae.eu/%{REQUEST_URI} [P,NE,QSA,L]
ProxyRequests Off
ProxyVia On
ProxyPreserveHost On
RequestHeader set X_FORWARDED_PROTO https
<Proxy *>
Require all granted
</Proxy>
<Directory ${diaspora.railsRoot}/public>
Require all granted
Options -MultiViews
</Directory>
'' ];
};
};
}
|