diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 01:35:06 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 02:11:48 +0200 |
commit | 1a64deeb894dc95e2645a75771732c6cc53a79ad (patch) | |
tree | 1b9df4838f894577a09b9b260151756272efeb53 /modules/private/websites/tools/commento/default.nix | |
parent | fa25ffd4583cc362075cd5e1b4130f33306103f0 (diff) | |
download | Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip |
Squash changes containing private information
There were a lot of changes since the previous commit, but a lot of them
contained personnal information about users. All thos changes got
stashed into a single commit (history is kept in a different place) and
private information was moved in a separate private repository
Diffstat (limited to 'modules/private/websites/tools/commento/default.nix')
-rw-r--r-- | modules/private/websites/tools/commento/default.nix | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/modules/private/websites/tools/commento/default.nix b/modules/private/websites/tools/commento/default.nix deleted file mode 100644 index c36255b..0000000 --- a/modules/private/websites/tools/commento/default.nix +++ /dev/null | |||
@@ -1,59 +0,0 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.tools.commento; | ||
4 | env = config.myEnv.tools.commento; | ||
5 | webPort = "${host}:${port}"; | ||
6 | port = toString env.listenPort; | ||
7 | host = "localhost"; | ||
8 | postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable"; | ||
9 | in | ||
10 | { | ||
11 | options.myServices.websites.tools.commento = { | ||
12 | enable = lib.mkEnableOption "Enable commento website"; | ||
13 | }; | ||
14 | config = lib.mkIf cfg.enable { | ||
15 | secrets.keys = { | ||
16 | "commento/env" = { | ||
17 | permissions = "0400"; | ||
18 | text = '' | ||
19 | COMMENTO_ORIGIN=https://commento.immae.eu/ | ||
20 | COMMENTO_PORT=${port} | ||
21 | COMMENTO_POSTGRES=${postgresql_url} | ||
22 | COMMENTO_FORBID_NEW_OWNERS=true | ||
23 | COMMENTO_BIND_ADDRESS=${host} | ||
24 | COMMENTO_GZIP_STATIC=true | ||
25 | COMMENTO_SMTP_HOST=${env.smtp.host} | ||
26 | COMMENTO_SMTP_PORT=${env.smtp.port} | ||
27 | COMMENTO_SMTP_USERNAME=${env.smtp.email} | ||
28 | COMMENTO_SMTP_PASSWORD=${env.smtp.password} | ||
29 | COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email} | ||
30 | ''; | ||
31 | }; | ||
32 | }; | ||
33 | |||
34 | services.websites.env.tools.vhostConfs.commento = { | ||
35 | certName = "eldiron"; | ||
36 | addToCerts = true; | ||
37 | hosts = [ "commento.immae.eu" ]; | ||
38 | root = null; | ||
39 | extraConfig = [ | ||
40 | '' | ||
41 | ProxyPass / http://${webPort}/ | ||
42 | ProxyPassReverse / http://${webPort}/ | ||
43 | ProxyPreserveHost On | ||
44 | '' | ||
45 | ]; | ||
46 | }; | ||
47 | systemd.services.commento = { | ||
48 | description = "Commento"; | ||
49 | wantedBy = [ "multi-user.target" ]; | ||
50 | requires = ["postgresql.service"]; | ||
51 | after = ["network.target" "postgresql.service"]; | ||
52 | serviceConfig = { | ||
53 | User = "wwwrun"; | ||
54 | ExecStart = "${pkgs.commento}/commento"; | ||
55 | EnvironmentFile = config.secrets.fullPaths."commento/env"; | ||
56 | }; | ||
57 | }; | ||
58 | }; | ||
59 | } | ||