aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--nixops/modules/websites/default.nix2
-rw-r--r--nixops/modules/websites/ftp/papa.nix55
2 files changed, 57 insertions, 0 deletions
diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index b0bc7a4..6a0a19f 100644
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -117,6 +117,7 @@ in
117 ./ftp/florian.nix 117 ./ftp/florian.nix
118 ./ftp/denisejerome.nix 118 ./ftp/denisejerome.nix
119 ./ftp/leila.nix 119 ./ftp/leila.nix
120 ./ftp/papa.nix
120 ./ftp/immae.nix 121 ./ftp/immae.nix
121 ./ftp/release.nix 122 ./ftp/release.nix
122 ./ftp/temp.nix 123 ./ftp/temp.nix
@@ -214,6 +215,7 @@ in
214 services.myWebsites.Nassime.production.enable = cfg.production.enable; 215 services.myWebsites.Nassime.production.enable = cfg.production.enable;
215 services.myWebsites.Florian.production.enable = cfg.production.enable; 216 services.myWebsites.Florian.production.enable = cfg.production.enable;
216 services.myWebsites.Leila.production.enable = cfg.production.enable; 217 services.myWebsites.Leila.production.enable = cfg.production.enable;
218 services.myWebsites.Papa.production.enable = cfg.production.enable;
217 services.myWebsites.DeniseJerome.production.enable = cfg.production.enable; 219 services.myWebsites.DeniseJerome.production.enable = cfg.production.enable;
218 services.myWebsites.Emilia.production.enable = cfg.production.enable; 220 services.myWebsites.Emilia.production.enable = cfg.production.enable;
219 services.myWebsites.Capitaines.production.enable = cfg.production.enable; 221 services.myWebsites.Capitaines.production.enable = cfg.production.enable;
diff --git a/nixops/modules/websites/ftp/papa.nix b/nixops/modules/websites/ftp/papa.nix
new file mode 100644
index 0000000..ca1aabe
--- /dev/null
+++ b/nixops/modules/websites/ftp/papa.nix
@@ -0,0 +1,55 @@
1{ lib, pkgs, config, myconfig, mylibs, ... }:
2let
3 cfg = config.services.myWebsites.Papa;
4 varDir = "/var/lib/ftp/papa";
5in {
6 options.services.myWebsites.Papa = {
7 production = {
8 enable = lib.mkEnableOption "enable Papa's website";
9 };
10 };
11
12 config = lib.mkIf cfg.production.enable {
13 security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
14 security.acme.certs."papa" = config.services.myCertificates.certConfig // {
15 domain = "surveillance.maison.bbc.bouya.org";
16 };
17
18 services.cron = {
19 systemCronJobs = let
20 script = pkgs.writeScript "cleanup-papa" ''
21 #!${pkgs.stdenv.shell}
22 d=$(date -d "7 days ago" +%Y%m%d)
23 for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
24 if [ "$d" -gt $(basename $i) ]; then
25 rm -rf "$i"
26 fi
27 done
28 '';
29 in
30 [
31 ''
32 0 6 * * * wwwrun ${script}
33 ''
34 ];
35 };
36
37 services.myWebsites.production.vhostConfs.papa = {
38 certName = "papa";
39 hosts = [ "surveillance.maison.bbc.bouya.org" ];
40 root = varDir;
41 extraConfig = [
42 ''
43 Use Apaxy "${varDir}" "title .duplicity-ignore"
44 <Directory ${varDir}>
45 Use LDAPConnect
46 Options Indexes
47 AllowOverride None
48 Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
49 </Directory>
50 ''
51 ];
52 };
53 };
54}
55