diff options
Diffstat (limited to 'modules/private/websites')
-rw-r--r-- | modules/private/websites/default.nix | 2 | ||||
-rw-r--r-- | modules/private/websites/denise/oms.nix | 49 | ||||
-rw-r--r-- | modules/private/websites/denise/production.nix | 25 |
3 files changed, 76 insertions, 0 deletions
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index d55d2dd..864d5d9 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix | |||
@@ -232,6 +232,8 @@ in | |||
232 | denise = { | 232 | denise = { |
233 | evariste.enable = true; | 233 | evariste.enable = true; |
234 | denisejerome.enable = true; | 234 | denisejerome.enable = true; |
235 | oms.enable = true; | ||
236 | production.enable = true; | ||
235 | }; | 237 | }; |
236 | 238 | ||
237 | emilia.moodle.enable = true; | 239 | emilia.moodle.enable = true; |
diff --git a/modules/private/websites/denise/oms.nix b/modules/private/websites/denise/oms.nix new file mode 100644 index 0000000..9650468 --- /dev/null +++ b/modules/private/websites/denise/oms.nix | |||
@@ -0,0 +1,49 @@ | |||
1 | { lib, config, pkgs, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.denise.oms; | ||
4 | varDir = "/var/lib/buildbot/outputs/denise_oms"; | ||
5 | socket = "/run/denise_oms/socket.sock"; | ||
6 | in { | ||
7 | options.myServices.websites.denise.oms.enable = lib.mkEnableOption "enable Denise's OMS website"; | ||
8 | |||
9 | config = lib.mkIf cfg.enable { | ||
10 | services.websites.env.production.vhostConfs.denise_oms = { | ||
11 | certName = "denise"; | ||
12 | addToCerts = true; | ||
13 | hosts = [ "oms.syanni.eu" ]; | ||
14 | root = null; | ||
15 | extraConfig = [ | ||
16 | '' | ||
17 | ProxyPreserveHost on | ||
18 | ProxyVia On | ||
19 | ProxyRequests Off | ||
20 | ProxyPassMatch ^/.well-known/acme-challenge ! | ||
21 | ProxyPass / unix://${socket}|http://oms.syanni.eu/ | ||
22 | ProxyPassReverse / unix://${socket}|http://oms.syanni.eu/ | ||
23 | '' | ||
24 | ]; | ||
25 | }; | ||
26 | |||
27 | systemd.services.denise-oms = { | ||
28 | description = "Denise OMS website"; | ||
29 | after = [ "network.target" ]; | ||
30 | wantedBy = [ "multi-user.target" ]; | ||
31 | |||
32 | serviceConfig = { | ||
33 | Type = "simple"; | ||
34 | WorkingDirectory = varDir; | ||
35 | ExecStart = let | ||
36 | python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib ]); | ||
37 | in | ||
38 | "${python}/bin/gunicorn -w4 -p /run/denise_oms/gunicorn.pid --bind unix:${socket} app:app"; | ||
39 | User = "buildbot"; | ||
40 | Restart = "always"; | ||
41 | RestartSec = "5s"; | ||
42 | PIDFile = "/run/denise_oms/gunicorn.pid"; | ||
43 | RuntimeDirectory = "denise_oms"; | ||
44 | StandardOutput = "journal"; | ||
45 | StandardError = "inherit"; | ||
46 | }; | ||
47 | }; | ||
48 | }; | ||
49 | } | ||
diff --git a/modules/private/websites/denise/production.nix b/modules/private/websites/denise/production.nix new file mode 100644 index 0000000..9b28e9e --- /dev/null +++ b/modules/private/websites/denise/production.nix | |||
@@ -0,0 +1,25 @@ | |||
1 | { lib, config, pkgs, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.denise.production; | ||
4 | in { | ||
5 | options.myServices.websites.denise.production.enable = lib.mkEnableOption "enable Denise's website"; | ||
6 | |||
7 | config = lib.mkIf cfg.enable { | ||
8 | services.websites.env.production.vhostConfs.denise_production = { | ||
9 | certName = "denise"; | ||
10 | addToCerts = true; | ||
11 | hosts = [ "syanni.eu" "www.syanni.eu" ]; | ||
12 | root = ../_www; | ||
13 | extraConfig = [ | ||
14 | '' | ||
15 | <Directory ${../_www}> | ||
16 | DirectoryIndex index.htm index.html | ||
17 | Options Indexes FollowSymLinks MultiViews Includes | ||
18 | AllowOverride AuthConfig | ||
19 | Require all granted | ||
20 | </Directory> | ||
21 | '' | ||
22 | ]; | ||
23 | }; | ||
24 | }; | ||
25 | } | ||