diff options
Diffstat (limited to 'modules/private/websites/papa')
-rw-r--r-- | modules/private/websites/papa/surveillance.nix | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/modules/private/websites/papa/surveillance.nix b/modules/private/websites/papa/surveillance.nix new file mode 100644 index 0000000..8e7cd9d --- /dev/null +++ b/modules/private/websites/papa/surveillance.nix | |||
@@ -0,0 +1,49 @@ | |||
1 | { lib, pkgs, config, myconfig, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.papa.surveillance; | ||
4 | varDir = "/var/lib/ftp/papa"; | ||
5 | in { | ||
6 | options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website"; | ||
7 | |||
8 | config = lib.mkIf cfg.enable { | ||
9 | security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null; | ||
10 | |||
11 | services.cron = { | ||
12 | systemCronJobs = let | ||
13 | script = pkgs.writeScript "cleanup-papa" '' | ||
14 | #!${pkgs.stdenv.shell} | ||
15 | d=$(date -d "7 days ago" +%Y%m%d) | ||
16 | for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do | ||
17 | if [ "$d" -gt $(basename $i) ]; then | ||
18 | rm -rf "$i" | ||
19 | fi | ||
20 | done | ||
21 | ''; | ||
22 | in | ||
23 | [ | ||
24 | '' | ||
25 | 0 6 * * * wwwrun ${script} | ||
26 | '' | ||
27 | ]; | ||
28 | }; | ||
29 | |||
30 | services.websites.production.vhostConfs.papa = { | ||
31 | certName = "papa"; | ||
32 | certMainHost = "surveillance.maison.bbc.bouya.org"; | ||
33 | hosts = [ "surveillance.maison.bbc.bouya.org" ]; | ||
34 | root = varDir; | ||
35 | extraConfig = [ | ||
36 | '' | ||
37 | Use Apaxy "${varDir}" "title .duplicity-ignore" | ||
38 | <Directory ${varDir}> | ||
39 | Use LDAPConnect | ||
40 | Options Indexes | ||
41 | AllowOverride None | ||
42 | Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | ||
43 | </Directory> | ||
44 | '' | ||
45 | ]; | ||
46 | }; | ||
47 | }; | ||
48 | } | ||
49 | |||