aboutsummaryrefslogtreecommitdiff
path: root/systems/eldiron/websites/db
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-04 01:35:06 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-04 02:11:48 +0200
commit1a64deeb894dc95e2645a75771732c6cc53a79ad (patch)
tree1b9df4838f894577a09b9b260151756272efeb53 /systems/eldiron/websites/db
parentfa25ffd4583cc362075cd5e1b4130f33306103f0 (diff)
downloadNix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip
Squash changes containing private information
There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository
Diffstat (limited to 'systems/eldiron/websites/db')
-rw-r--r--systems/eldiron/websites/db/default.nix32
1 files changed, 32 insertions, 0 deletions
diff --git a/systems/eldiron/websites/db/default.nix b/systems/eldiron/websites/db/default.nix
new file mode 100644
index 0000000..339948f
--- /dev/null
+++ b/systems/eldiron/websites/db/default.nix
@@ -0,0 +1,32 @@
1{ lib, pkgs, config, ... }:
2let
3 cfg = config.myServices.websites.tools.db;
4in {
5 options.myServices.websites.tools.db = {
6 enable = lib.mkEnableOption "enable database's website";
7 };
8
9 config = lib.mkIf cfg.enable {
10 services.websites.env.tools.modules = [ "proxy_fcgi" ];
11 security.acme.certs.eldiron.extraDomainNames = [ "db-1.immae.eu" ];
12 services.websites.env.tools.vhostConfs.db-1 = {
13 certName = "eldiron";
14 hosts = ["db-1.immae.eu" ];
15 root = null;
16 extraConfig = [ ''
17 Alias /adminer ${pkgs.webapps-adminer}
18 <Directory ${pkgs.webapps-adminer}>
19 DirectoryIndex index.php
20 <FilesMatch "\.php$">
21 SetHandler "proxy:unix:${config.services.phpfpm.pools.adminer.socket}|fcgi://localhost"
22 </FilesMatch>
23
24 Use LDAPConnect
25 Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
26 Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
27 </Directory>
28 ''
29 ];
30 };
31 };
32}