aboutsummaryrefslogtreecommitdiff
path: root/modules/private/websites
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/websites')
-rw-r--r--modules/private/websites/default.nix2
-rw-r--r--modules/private/websites/denise/oms.nix49
-rw-r--r--modules/private/websites/denise/production.nix25
3 files changed, 76 insertions, 0 deletions
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index d55d2dd..864d5d9 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -232,6 +232,8 @@ in
232 denise = { 232 denise = {
233 evariste.enable = true; 233 evariste.enable = true;
234 denisejerome.enable = true; 234 denisejerome.enable = true;
235 oms.enable = true;
236 production.enable = true;
235 }; 237 };
236 238
237 emilia.moodle.enable = true; 239 emilia.moodle.enable = true;
diff --git a/modules/private/websites/denise/oms.nix b/modules/private/websites/denise/oms.nix
new file mode 100644
index 0000000..9650468
--- /dev/null
+++ b/modules/private/websites/denise/oms.nix
@@ -0,0 +1,49 @@
1{ lib, config, pkgs, ... }:
2let
3 cfg = config.myServices.websites.denise.oms;
4 varDir = "/var/lib/buildbot/outputs/denise_oms";
5 socket = "/run/denise_oms/socket.sock";
6in {
7 options.myServices.websites.denise.oms.enable = lib.mkEnableOption "enable Denise's OMS website";
8
9 config = lib.mkIf cfg.enable {
10 services.websites.env.production.vhostConfs.denise_oms = {
11 certName = "denise";
12 addToCerts = true;
13 hosts = [ "oms.syanni.eu" ];
14 root = null;
15 extraConfig = [
16 ''
17 ProxyPreserveHost on
18 ProxyVia On
19 ProxyRequests Off
20 ProxyPassMatch ^/.well-known/acme-challenge !
21 ProxyPass / unix://${socket}|http://oms.syanni.eu/
22 ProxyPassReverse / unix://${socket}|http://oms.syanni.eu/
23 ''
24 ];
25 };
26
27 systemd.services.denise-oms = {
28 description = "Denise OMS website";
29 after = [ "network.target" ];
30 wantedBy = [ "multi-user.target" ];
31
32 serviceConfig = {
33 Type = "simple";
34 WorkingDirectory = varDir;
35 ExecStart = let
36 python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib ]);
37 in
38 "${python}/bin/gunicorn -w4 -p /run/denise_oms/gunicorn.pid --bind unix:${socket} app:app";
39 User = "buildbot";
40 Restart = "always";
41 RestartSec = "5s";
42 PIDFile = "/run/denise_oms/gunicorn.pid";
43 RuntimeDirectory = "denise_oms";
44 StandardOutput = "journal";
45 StandardError = "inherit";
46 };
47 };
48 };
49}
diff --git a/modules/private/websites/denise/production.nix b/modules/private/websites/denise/production.nix
new file mode 100644
index 0000000..9b28e9e
--- /dev/null
+++ b/modules/private/websites/denise/production.nix
@@ -0,0 +1,25 @@
1{ lib, config, pkgs, ... }:
2let
3 cfg = config.myServices.websites.denise.production;
4in {
5 options.myServices.websites.denise.production.enable = lib.mkEnableOption "enable Denise's website";
6
7 config = lib.mkIf cfg.enable {
8 services.websites.env.production.vhostConfs.denise_production = {
9 certName = "denise";
10 addToCerts = true;
11 hosts = [ "syanni.eu" "www.syanni.eu" ];
12 root = ../_www;
13 extraConfig = [
14 ''
15 <Directory ${../_www}>
16 DirectoryIndex index.htm index.html
17 Options Indexes FollowSymLinks MultiViews Includes
18 AllowOverride AuthConfig
19 Require all granted
20 </Directory>
21 ''
22 ];
23 };
24 };
25}