aboutsummaryrefslogtreecommitdiff
path: root/nixops/modules
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2019-05-11 10:23:33 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2019-05-11 10:23:33 +0200
commit9eae2b47b7b315b05a0e010f3003bd875685e260 (patch)
tree43c9cfeb2db393f64743daa4ec87e0fe78ab772e /nixops/modules
parentb7ee93fcdee2509cd4c0caec2c5c59ccff5bab2c (diff)
downloadNix-9eae2b47b7b315b05a0e010f3003bd875685e260.tar.gz
Nix-9eae2b47b7b315b05a0e010f3003bd875685e260.tar.zst
Nix-9eae2b47b7b315b05a0e010f3003bd875685e260.zip
Move webstats outside of nixops
Diffstat (limited to 'nixops/modules')
-rw-r--r--nixops/modules/websites/aten/default.nix9
-rw-r--r--nixops/modules/websites/chloe/default.nix9
-rw-r--r--nixops/modules/websites/commons/goaccess.conf99
-rw-r--r--nixops/modules/websites/commons/stats.nix69
-rw-r--r--nixops/modules/websites/connexionswing/default.nix9
-rw-r--r--nixops/modules/websites/default.nix6
-rw-r--r--nixops/modules/websites/ftp/denisejerome.nix9
-rw-r--r--nixops/modules/websites/ftp/immae.nix9
-rw-r--r--nixops/modules/websites/ftp/jerome.nix9
-rw-r--r--nixops/modules/websites/ftp/leila.nix7
-rw-r--r--nixops/modules/websites/ftp/nassime.nix9
-rw-r--r--nixops/modules/websites/ftp/release.nix9
-rw-r--r--nixops/modules/websites/ludivine/default.nix5
-rw-r--r--nixops/modules/websites/piedsjaloux/default.nix9
14 files changed, 14 insertions, 253 deletions
diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix
index 5dff008..fd3f7cc 100644
--- a/nixops/modules/websites/aten/default.nix
+++ b/nixops/modules/websites/aten/default.nix
@@ -19,17 +19,10 @@ in {
19 }; 19 };
20 }; 20 };
21 21
22 imports = [
23 ../commons/stats.nix
24 ];
25
26 config = lib.mkMerge [ 22 config = lib.mkMerge [
27 (lib.mkIf cfg.production.enable { 23 (lib.mkIf cfg.production.enable {
28 secrets.keys = aten_prod.keys; 24 secrets.keys = aten_prod.keys;
29 services.myWebsites.commons.stats.enable = true; 25 services.webstats.sites = [ { name = "aten.pro"; } ];
30 services.myWebsites.commons.stats.sites = [
31 { name = "aten.pro"; }
32 ];
33 26
34 security.acme.certs."aten" = config.services.myCertificates.certConfig // { 27 security.acme.certs."aten" = config.services.myCertificates.certConfig // {
35 domain = "aten.pro"; 28 domain = "aten.pro";
diff --git a/nixops/modules/websites/chloe/default.nix b/nixops/modules/websites/chloe/default.nix
index 8980077..a542d70 100644
--- a/nixops/modules/websites/chloe/default.nix
+++ b/nixops/modules/websites/chloe/default.nix
@@ -19,17 +19,10 @@ in {
19 }; 19 };
20 }; 20 };
21 21
22 imports = [
23 ../commons/stats.nix
24 ];
25
26 config = lib.mkMerge [ 22 config = lib.mkMerge [
27 (lib.mkIf cfg.production.enable { 23 (lib.mkIf cfg.production.enable {
28 secrets.keys = chloe_prod.keys; 24 secrets.keys = chloe_prod.keys;
29 services.myWebsites.commons.stats.enable = true; 25 services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
30 services.myWebsites.commons.stats.sites = [
31 { name = "osteopathe-cc.fr"; }
32 ];
33 26
34 security.acme.certs."chloe" = config.services.myCertificates.certConfig // { 27 security.acme.certs."chloe" = config.services.myCertificates.certConfig // {
35 domain = "osteopathe-cc.fr"; 28 domain = "osteopathe-cc.fr";
diff --git a/nixops/modules/websites/commons/goaccess.conf b/nixops/modules/websites/commons/goaccess.conf
deleted file mode 100644
index 4918988..0000000
--- a/nixops/modules/websites/commons/goaccess.conf
+++ /dev/null
@@ -1,99 +0,0 @@
1time-format %H:%M:%S
2date-format %d/%b/%Y
3
4#sur immae.eu
5#log-format %v %h %^[%d:%t %^] "%r" %s %b "%R" "%u" $^
6
7log-format VCOMBINED
8#= %v:%^ %h %^[%d:%t %^] "%r" %s %b "%R" "%u"
9
10html-prefs {"theme":"bright","layout":"vertical"}
11
12exclude-ip 188.165.209.148
13exclude-ip 178.33.252.96
14exclude-ip 2001:41d0:2:9c94::1
15exclude-ip 2001:41d0:2:9c94::
16exclude-ip 176.9.151.89
17exclude-ip 2a01:4f8:160:3445::
18exclude-ip 82.255.56.72
19
20no-query-string true
21
22keep-db-files true
23load-from-disk true
24db-path @dbPath@
25
26ignore-panel REFERRERS
27ignore-panel KEYPHRASES
28
29static-file .css
30static-file .js
31static-file .jpg
32static-file .png
33static-file .gif
34static-file .ico
35static-file .jpeg
36static-file .pdf
37static-file .csv
38static-file .mpeg
39static-file .mpg
40static-file .swf
41static-file .woff
42static-file .woff2
43static-file .xls
44static-file .xlsx
45static-file .doc
46static-file .docx
47static-file .ppt
48static-file .pptx
49static-file .txt
50static-file .zip
51static-file .ogg
52static-file .mp3
53static-file .mp4
54static-file .exe
55static-file .iso
56static-file .gz
57static-file .rar
58static-file .svg
59static-file .bmp
60static-file .tar
61static-file .tgz
62static-file .tiff
63static-file .tif
64static-file .ttf
65static-file .flv
66#static-file .less
67#static-file .ac3
68#static-file .avi
69#static-file .bz2
70#static-file .class
71#static-file .cue
72#static-file .dae
73#static-file .dat
74#static-file .dts
75#static-file .ejs
76#static-file .eot
77#static-file .eps
78#static-file .img
79#static-file .jar
80#static-file .map
81#static-file .mid
82#static-file .midi
83#static-file .ogv
84#static-file .webm
85#static-file .mkv
86#static-file .odp
87#static-file .ods
88#static-file .odt
89#static-file .otf
90#static-file .pict
91#static-file .pls
92#static-file .ps
93#static-file .qt
94#static-file .rm
95#static-file .svgz
96#static-file .wav
97#static-file .webp
98
99
diff --git a/nixops/modules/websites/commons/stats.nix b/nixops/modules/websites/commons/stats.nix
deleted file mode 100644
index 73595f1..0000000
--- a/nixops/modules/websites/commons/stats.nix
+++ /dev/null
@@ -1,69 +0,0 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 cfg = config.services.myWebsites.commons.stats;
4in {
5 options = {
6 services.myWebsites.commons.stats = {
7 enable = lib.mkEnableOption "enable statistics";
8 sites = lib.mkOption {
9 type = lib.types.listOf (lib.types.submodule {
10 options = {
11 conf = lib.mkOption {
12 type = lib.types.nullOr lib.types.path;
13 default = null;
14 };
15 name = lib.mkOption { type = lib.types.string; };
16 };
17 });
18 default = [];
19 description = "Sites to generate stats";
20 };
21 };
22 };
23
24 config = lib.mkIf cfg.enable {
25 users.users.root.packages = [
26 pkgs.goaccess
27 ];
28
29 services.cron = {
30 enable = true;
31 systemCronJobs = let
32 stats = domain: conf: let
33 config = if builtins.isNull conf
34 then pkgs.runCommand "goaccess.conf" {
35 dbPath = "/var/lib/goaccess/${domain}";
36 } "substituteAll ${./goaccess.conf} $out"
37 else conf;
38 d = pkgs.writeScriptBin "stats-${domain}" ''
39 #!${pkgs.stdenv.shell}
40 set -e
41 shopt -s nullglob
42 date_regex=$(LC_ALL=C date -d yesterday +'%d\/%b\/%Y')
43 TMPFILE=$(mktemp)
44 trap "rm -f $TMPFILE" EXIT
45
46 cat /var/log/httpd/access_log-${domain} | sed -n "/\\[$date_regex/ p" > $TMPFILE
47 for i in /var/log/httpd/access_log-${domain}*.gz; do
48 zcat "$i" | sed -n "/\\[$date_regex/ p" >> $TMPFILE
49 done
50 ${pkgs.goaccess}/bin/goaccess $TMPFILE --no-progress -o /var/lib/goaccess/${domain}/index.html -p ${config}
51 '';
52 in "${d}/bin/stats-${domain}";
53 allStats = sites: pkgs.writeScript "stats" ''
54 #!${pkgs.stdenv.shell}
55
56 ${builtins.concatStringsSep "\n" (map (v: stats v.name v.conf) sites)}
57 '';
58 in
59 [
60 "5 0 * * * root ${allStats cfg.sites}"
61 ];
62 };
63
64 system.activationScripts.goaccess = ''
65 mkdir -p /var/lib/goaccess
66 '' +
67 builtins.concatStringsSep "\n" (map (v: "mkdir -p /var/lib/goaccess/${v.name}") cfg.sites);
68 };
69}
diff --git a/nixops/modules/websites/connexionswing/default.nix b/nixops/modules/websites/connexionswing/default.nix
index 37426dd..773c8de 100644
--- a/nixops/modules/websites/connexionswing/default.nix
+++ b/nixops/modules/websites/connexionswing/default.nix
@@ -19,17 +19,10 @@ in {
19 }; 19 };
20 }; 20 };
21 21
22 imports = [
23 ../commons/stats.nix
24 ];
25
26 config = lib.mkMerge [ 22 config = lib.mkMerge [
27 (lib.mkIf cfg.production.enable { 23 (lib.mkIf cfg.production.enable {
28 secrets.keys = connexionswing_prod.keys; 24 secrets.keys = connexionswing_prod.keys;
29 services.myWebsites.commons.stats.enable = true; 25 services.webstats.sites = [ { name = "connexionswing.com"; } ];
30 services.myWebsites.commons.stats.sites = [
31 { name = "connexionswing.com"; }
32 ];
33 26
34 security.acme.certs."connexionswing" = config.services.myCertificates.certConfig // { 27 security.acme.certs."connexionswing" = config.services.myCertificates.certConfig // {
35 domain = "connexionswing.com"; 28 domain = "connexionswing.com";
diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index ceef1e1..79cd1a1 100644
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -260,13 +260,13 @@ in
260 stats = { 260 stats = {
261 extraConfig = '' 261 extraConfig = ''
262 <Macro Stats %{domain}> 262 <Macro Stats %{domain}>
263 Alias /awstats /var/lib/goaccess/%{domain} 263 Alias /webstats ${config.services.webstats.dataDir}/%{domain}
264 <Directory /var/lib/goaccess/%{domain}> 264 <Directory ${config.services.webstats.dataDir}/%{domain}>
265 DirectoryIndex index.html 265 DirectoryIndex index.html
266 AllowOverride None 266 AllowOverride None
267 Require all granted 267 Require all granted
268 </Directory> 268 </Directory>
269 <Location /awstats> 269 <Location /webstats>
270 Use LDAPConnect 270 Use LDAPConnect
271 Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu 271 Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
272 </Location> 272 </Location>
diff --git a/nixops/modules/websites/ftp/denisejerome.nix b/nixops/modules/websites/ftp/denisejerome.nix
index f39e5c2..4069b46 100644
--- a/nixops/modules/websites/ftp/denisejerome.nix
+++ b/nixops/modules/websites/ftp/denisejerome.nix
@@ -10,15 +10,8 @@ in {
10 }; 10 };
11 }; 11 };
12 12
13 imports = [
14 ../commons/stats.nix
15 ];
16
17 config = lib.mkIf cfg.production.enable { 13 config = lib.mkIf cfg.production.enable {
18 services.myWebsites.commons.stats.enable = true; 14 services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ];
19 services.myWebsites.commons.stats.sites = [
20 { name = "denisejerome.piedsjaloux.fr"; }
21 ];
22 15
23 security.acme.certs."denisejerome" = config.services.myCertificates.certConfig // { 16 security.acme.certs."denisejerome" = config.services.myCertificates.certConfig // {
24 domain = "denisejerome.piedsjaloux.fr"; 17 domain = "denisejerome.piedsjaloux.fr";
diff --git a/nixops/modules/websites/ftp/immae.nix b/nixops/modules/websites/ftp/immae.nix
index 2ecca1f..d4e6d39 100644
--- a/nixops/modules/websites/ftp/immae.nix
+++ b/nixops/modules/websites/ftp/immae.nix
@@ -10,15 +10,8 @@ in {
10 }; 10 };
11 }; 11 };
12 12
13 imports = [
14 ../commons/stats.nix
15 ];
16
17 config = lib.mkIf cfg.production.enable { 13 config = lib.mkIf cfg.production.enable {
18 services.myWebsites.commons.stats.enable = true; 14 services.webstats.sites = [ { name = "www.immae.eu"; } ];
19 services.myWebsites.commons.stats.sites = [
20 { name = "www.immae.eu"; }
21 ];
22 15
23 security.acme.certs."eldiron".extraDomains."www.immae.eu" = null; 16 security.acme.certs."eldiron".extraDomains."www.immae.eu" = null;
24 17
diff --git a/nixops/modules/websites/ftp/jerome.nix b/nixops/modules/websites/ftp/jerome.nix
index e04d640..60e4dfb 100644
--- a/nixops/modules/websites/ftp/jerome.nix
+++ b/nixops/modules/websites/ftp/jerome.nix
@@ -11,15 +11,8 @@ in {
11 }; 11 };
12 }; 12 };
13 13
14 imports = [
15 ../commons/stats.nix
16 ];
17
18 config = lib.mkIf cfg.production.enable { 14 config = lib.mkIf cfg.production.enable {
19 services.myWebsites.commons.stats.enable = true; 15 services.webstats.sites = [ { name = "naturaloutil.immae.eu"; } ];
20 services.myWebsites.commons.stats.sites = [
21 { name = "naturaloutil.immae.eu"; }
22 ];
23 16
24 security.acme.certs."ftp".extraDomains."naturaloutil.immae.eu" = null; 17 security.acme.certs."ftp".extraDomains."naturaloutil.immae.eu" = null;
25 security.acme.certs."naturaloutil" = config.services.myCertificates.certConfig // { 18 security.acme.certs."naturaloutil" = config.services.myCertificates.certConfig // {
diff --git a/nixops/modules/websites/ftp/leila.nix b/nixops/modules/websites/ftp/leila.nix
index d5c27fa..c5c27b1 100644
--- a/nixops/modules/websites/ftp/leila.nix
+++ b/nixops/modules/websites/ftp/leila.nix
@@ -9,10 +9,6 @@ in {
9 }; 9 };
10 }; 10 };
11 11
12 imports = [
13 ../commons/stats.nix
14 ];
15
16 config = (lib.mkIf cfg.production.enable { 12 config = (lib.mkIf cfg.production.enable {
17 security.acme.certs."leila" = config.services.myCertificates.certConfig // { 13 security.acme.certs."leila" = config.services.myCertificates.certConfig // {
18 domain = "leila.bouya.org"; 14 domain = "leila.bouya.org";
@@ -37,8 +33,7 @@ in {
37 php_admin_value[open_basedir] = "${varDir}:/tmp" 33 php_admin_value[open_basedir] = "${varDir}:/tmp"
38 ''; 34 '';
39 35
40 services.myWebsites.commons.stats.enable = true; 36 services.webstats.sites = [
41 services.myWebsites.commons.stats.sites = [
42 { name = "leila.bouya.org"; } 37 { name = "leila.bouya.org"; }
43 { name = "chorale.leila.bouya.org"; } 38 { name = "chorale.leila.bouya.org"; }
44 ]; 39 ];
diff --git a/nixops/modules/websites/ftp/nassime.nix b/nixops/modules/websites/ftp/nassime.nix
index d7ced7e..f295045 100644
--- a/nixops/modules/websites/ftp/nassime.nix
+++ b/nixops/modules/websites/ftp/nassime.nix
@@ -10,15 +10,8 @@ in {
10 }; 10 };
11 }; 11 };
12 12
13 imports = [
14 ../commons/stats.nix
15 ];
16
17 config = lib.mkIf cfg.production.enable { 13 config = lib.mkIf cfg.production.enable {
18 services.myWebsites.commons.stats.enable = true; 14 services.webstats.sites = [ { name = "nassime.bouya.org"; } ];
19 services.myWebsites.commons.stats.sites = [
20 { name = "nassime.bouya.org"; }
21 ];
22 15
23 security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null; 16 security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null;
24 security.acme.certs."nassime" = config.services.myCertificates.certConfig // { 17 security.acme.certs."nassime" = config.services.myCertificates.certConfig // {
diff --git a/nixops/modules/websites/ftp/release.nix b/nixops/modules/websites/ftp/release.nix
index 2050a6c..896691b 100644
--- a/nixops/modules/websites/ftp/release.nix
+++ b/nixops/modules/websites/ftp/release.nix
@@ -10,15 +10,8 @@ in {
10 }; 10 };
11 }; 11 };
12 12
13 imports = [
14 ../commons/stats.nix
15 ];
16
17 config = lib.mkIf cfg.production.enable { 13 config = lib.mkIf cfg.production.enable {
18 services.myWebsites.commons.stats.enable = true; 14 services.webstats.sites = [ { name = "release.immae.eu"; } ];
19 services.myWebsites.commons.stats.sites = [
20 { name = "release.immae.eu"; }
21 ];
22 15
23 security.acme.certs."eldiron".extraDomains."release.immae.eu" = null; 16 security.acme.certs."eldiron".extraDomains."release.immae.eu" = null;
24 17
diff --git a/nixops/modules/websites/ludivine/default.nix b/nixops/modules/websites/ludivine/default.nix
index af18d71..2fcd94a 100644
--- a/nixops/modules/websites/ludivine/default.nix
+++ b/nixops/modules/websites/ludivine/default.nix
@@ -22,10 +22,7 @@ in {
22 config = lib.mkMerge [ 22 config = lib.mkMerge [
23 (lib.mkIf cfg.production.enable { 23 (lib.mkIf cfg.production.enable {
24 secrets.keys = ludivinecassal_prod.keys; 24 secrets.keys = ludivinecassal_prod.keys;
25 services.myWebsites.commons.stats.enable = true; 25 services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
26 services.myWebsites.commons.stats.sites = [
27 { name = "ludivinecassal.com"; }
28 ];
29 26
30 security.acme.certs."ludivinecassal" = config.services.myCertificates.certConfig // { 27 security.acme.certs."ludivinecassal" = config.services.myCertificates.certConfig // {
31 domain = "ludivinecassal.com"; 28 domain = "ludivinecassal.com";
diff --git a/nixops/modules/websites/piedsjaloux/default.nix b/nixops/modules/websites/piedsjaloux/default.nix
index 1657914..9f9697d 100644
--- a/nixops/modules/websites/piedsjaloux/default.nix
+++ b/nixops/modules/websites/piedsjaloux/default.nix
@@ -19,17 +19,10 @@ in {
19 }; 19 };
20 }; 20 };
21 21
22 imports = [
23 ../commons/stats.nix
24 ];
25
26 config = lib.mkMerge [ 22 config = lib.mkMerge [
27 (lib.mkIf cfg.production.enable { 23 (lib.mkIf cfg.production.enable {
28 secrets.keys = piedsjaloux_prod.keys; 24 secrets.keys = piedsjaloux_prod.keys;
29 services.myWebsites.commons.stats.enable = true; 25 services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
30 services.myWebsites.commons.stats.sites = [
31 { name = "piedsjaloux.fr"; }
32 ];
33 26
34 security.acme.certs."piedsjaloux" = config.services.myCertificates.certConfig // { 27 security.acme.certs."piedsjaloux" = config.services.myCertificates.certConfig // {
35 domain = "piedsjaloux.fr"; 28 domain = "piedsjaloux.fr";