aboutsummaryrefslogtreecommitdiff
path: root/modules/private/websites
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/websites')
-rw-r--r--modules/private/websites/aten/integration.nix13
-rw-r--r--modules/private/websites/aten/production.nix13
-rw-r--r--modules/private/websites/capitaines/production.nix4
-rw-r--r--modules/private/websites/chloe/builder.nix4
-rw-r--r--modules/private/websites/chloe/integration.nix4
-rw-r--r--modules/private/websites/chloe/production.nix4
-rw-r--r--modules/private/websites/connexionswing/integration.nix6
-rw-r--r--modules/private/websites/connexionswing/production.nix6
-rw-r--r--modules/private/websites/default.nix10
-rw-r--r--modules/private/websites/denisejerome/production.nix4
-rw-r--r--modules/private/websites/emilia/production.nix4
-rw-r--r--modules/private/websites/florian/app.nix6
-rw-r--r--modules/private/websites/florian/integration.nix4
-rw-r--r--modules/private/websites/florian/production.nix4
-rw-r--r--modules/private/websites/immae/production.nix4
-rw-r--r--modules/private/websites/immae/release.nix4
-rw-r--r--modules/private/websites/immae/temp.nix4
-rw-r--r--modules/private/websites/ludivinecassal/integration.nix8
-rw-r--r--modules/private/websites/ludivinecassal/production.nix8
-rw-r--r--modules/private/websites/nassime/production.nix4
-rw-r--r--modules/private/websites/naturaloutil/production.nix6
-rw-r--r--modules/private/websites/papa/surveillance.nix2
-rw-r--r--modules/private/websites/piedsjaloux/integration.nix6
-rw-r--r--modules/private/websites/piedsjaloux/production.nix6
-rw-r--r--modules/private/websites/teliotortay/production.nix4
-rw-r--r--modules/private/websites/tools/cloud/default.nix6
-rw-r--r--modules/private/websites/tools/dav/davical.nix12
-rw-r--r--modules/private/websites/tools/dav/default.nix4
-rw-r--r--modules/private/websites/tools/diaspora/default.nix14
-rw-r--r--modules/private/websites/tools/ether/default.nix12
-rw-r--r--modules/private/websites/tools/git/default.nix4
-rw-r--r--modules/private/websites/tools/git/mantisbt.nix8
-rw-r--r--modules/private/websites/tools/mail/default.nix4
-rw-r--r--modules/private/websites/tools/mail/mta-sts.nix4
-rw-r--r--modules/private/websites/tools/mail/roundcubemail.nix7
-rw-r--r--modules/private/websites/tools/mastodon/default.nix12
-rw-r--r--modules/private/websites/tools/mgoblin/default.nix25
-rw-r--r--modules/private/websites/tools/peertube/default.nix16
-rw-r--r--modules/private/websites/tools/tools/default.nix18
-rw-r--r--modules/private/websites/tools/tools/kanboard.nix4
-rw-r--r--modules/private/websites/tools/tools/shaarli.nix2
-rw-r--r--modules/private/websites/tools/tools/ttrss.nix8
-rw-r--r--modules/private/websites/tools/tools/wallabag.nix10
-rw-r--r--modules/private/websites/tools/tools/ympd.nix2
-rw-r--r--modules/private/websites/tools/tools/yourls.nix6
45 files changed, 169 insertions, 151 deletions
diff --git a/modules/private/websites/aten/integration.nix b/modules/private/websites/aten/integration.nix
index 7aadf58..7e12b38 100644
--- a/modules/private/websites/aten/integration.nix
+++ b/modules/private/websites/aten/integration.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.aten.integration; 3 secrets = config.myEnv.websites.aten.integration;
4 app = pkgs.webapps.aten.override { environment = secrets.environment; }; 4 app = pkgs.webapps.aten.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.aten.integration; 5 cfg = config.myServices.websites.aten.integration;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -39,10 +39,15 @@ in {
39 user = config.services.httpd.Inte.user; 39 user = config.services.httpd.Inte.user;
40 group = config.services.httpd.Inte.group; 40 group = config.services.httpd.Inte.group;
41 permissions = "0400"; 41 permissions = "0400";
42 text = '' 42 text = let
43 # cf:
44 # https://secure.php.net/manual/fr/function.parse-url.php
45 # vendor/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php#parseDatabaseUrlQuery
46 psql_url = with secrets.postgresql; "pdo-pgsql://${user}:${password}@invalid:${port}/${database}?host=${socket}";
47 in ''
43 SetEnv APP_ENV "${app.environment}" 48 SetEnv APP_ENV "${app.environment}"
44 SetEnv APP_SECRET "${secrets.secret}" 49 SetEnv APP_SECRET "${secrets.secret}"
45 SetEnv DATABASE_URL "${secrets.psql_url}" 50 SetEnv DATABASE_URL "${psql_url}"
46 ''; 51 '';
47 }]; 52 }];
48 services.websites.env.integration.vhostConfs.aten_dev = { 53 services.websites.env.integration.vhostConfs.aten_dev = {
diff --git a/modules/private/websites/aten/production.nix b/modules/private/websites/aten/production.nix
index 16a909a..1f72e61 100644
--- a/modules/private/websites/aten/production.nix
+++ b/modules/private/websites/aten/production.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.aten.production; 3 secrets = config.myEnv.websites.aten.production;
4 app = pkgs.webapps.aten.override { environment = secrets.environment; }; 4 app = pkgs.webapps.aten.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.aten.production; 5 cfg = config.myServices.websites.aten.production;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -41,10 +41,15 @@ in {
41 user = config.services.httpd.Prod.user; 41 user = config.services.httpd.Prod.user;
42 group = config.services.httpd.Prod.group; 42 group = config.services.httpd.Prod.group;
43 permissions = "0400"; 43 permissions = "0400";
44 text = '' 44 text = let
45 # cf:
46 # https://secure.php.net/manual/fr/function.parse-url.php
47 # vendor/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php#parseDatabaseUrlQuery
48 psql_url = with secrets.postgresql; "pdo-pgsql://${user}:${password}@invalid:${port}/${database}?host=${socket}";
49 in ''
45 SetEnv APP_ENV "${app.environment}" 50 SetEnv APP_ENV "${app.environment}"
46 SetEnv APP_SECRET "${secrets.secret}" 51 SetEnv APP_SECRET "${secrets.secret}"
47 SetEnv DATABASE_URL "${secrets.psql_url}" 52 SetEnv DATABASE_URL "${psql_url}"
48 ''; 53 '';
49 }]; 54 }];
50 services.websites.env.production.vhostConfs.aten_prod = { 55 services.websites.env.production.vhostConfs.aten_prod = {
diff --git a/modules/private/websites/capitaines/production.nix b/modules/private/websites/capitaines/production.nix
index 995e2cc..044ff1d 100644
--- a/modules/private/websites/capitaines/production.nix
+++ b/modules/private/websites/capitaines/production.nix
@@ -1,7 +1,7 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.capitaines.production; 3 cfg = config.myServices.websites.capitaines.production;
4 env = myconfig.env.websites.capitaines; 4 env = config.myEnv.websites.capitaines;
5 webappName = "capitaines_mastodon"; 5 webappName = "capitaines_mastodon";
6 root = "/run/current-system/webapps/${webappName}"; 6 root = "/run/current-system/webapps/${webappName}";
7 siteDir = ./mastodon_static; 7 siteDir = ./mastodon_static;
diff --git a/modules/private/websites/chloe/builder.nix b/modules/private/websites/chloe/builder.nix
index f65e9a9..f21caeb 100644
--- a/modules/private/websites/chloe/builder.nix
+++ b/modules/private/websites/chloe/builder.nix
@@ -39,10 +39,10 @@ rec {
39 SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" 39 SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu"
40 SetEnv SPIP_LDAP_SEARCH_DN "${config.ldap.dn}" 40 SetEnv SPIP_LDAP_SEARCH_DN "${config.ldap.dn}"
41 SetEnv SPIP_LDAP_SEARCH_PW "${config.ldap.password}" 41 SetEnv SPIP_LDAP_SEARCH_PW "${config.ldap.password}"
42 SetEnv SPIP_LDAP_SEARCH "${config.ldap.search}" 42 SetEnv SPIP_LDAP_SEARCH "${config.ldap.filter}"
43 SetEnv SPIP_MYSQL_HOST "${config.mysql.host}" 43 SetEnv SPIP_MYSQL_HOST "${config.mysql.host}"
44 SetEnv SPIP_MYSQL_PORT "${config.mysql.port}" 44 SetEnv SPIP_MYSQL_PORT "${config.mysql.port}"
45 SetEnv SPIP_MYSQL_DB "${config.mysql.name}" 45 SetEnv SPIP_MYSQL_DB "${config.mysql.database}"
46 SetEnv SPIP_MYSQL_USER "${config.mysql.user}" 46 SetEnv SPIP_MYSQL_USER "${config.mysql.user}"
47 SetEnv SPIP_MYSQL_PASSWORD "${config.mysql.password}" 47 SetEnv SPIP_MYSQL_PASSWORD "${config.mysql.password}"
48 ''; 48 '';
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix
index 00c76a5..273d1fc 100644
--- a/modules/private/websites/chloe/integration.nix
+++ b/modules/private/websites/chloe/integration.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 chloe = pkgs.callPackage ./builder.nix { 3 chloe = pkgs.callPackage ./builder.nix {
4 inherit (pkgs.webapps) chloe; 4 inherit (pkgs.webapps) chloe;
5 config = myconfig.env.websites.chloe.integration; 5 config = config.myEnv.websites.chloe.integration;
6 apacheUser = config.services.httpd.Inte.user; 6 apacheUser = config.services.httpd.Inte.user;
7 apacheGroup = config.services.httpd.Inte.group; 7 apacheGroup = config.services.httpd.Inte.group;
8 }; 8 };
diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix
index 0562de8..3d267f2 100644
--- a/modules/private/websites/chloe/production.nix
+++ b/modules/private/websites/chloe/production.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 chloe = pkgs.callPackage ./builder.nix { 3 chloe = pkgs.callPackage ./builder.nix {
4 inherit (pkgs.webapps) chloe; 4 inherit (pkgs.webapps) chloe;
5 config = myconfig.env.websites.chloe.production; 5 config = config.myEnv.websites.chloe.production;
6 apacheUser = config.services.httpd.Prod.user; 6 apacheUser = config.services.httpd.Prod.user;
7 apacheGroup = config.services.httpd.Prod.group; 7 apacheGroup = config.services.httpd.Prod.group;
8 }; 8 };
diff --git a/modules/private/websites/connexionswing/integration.nix b/modules/private/websites/connexionswing/integration.nix
index 54dbf54..c0f7445 100644
--- a/modules/private/websites/connexionswing/integration.nix
+++ b/modules/private/websites/connexionswing/integration.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.connexionswing.integration; 3 secrets = config.myEnv.websites.connexionswing.integration;
4 app = pkgs.webapps.connexionswing.override { environment = secrets.environment; }; 4 app = pkgs.webapps.connexionswing.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.connexionswing.integration; 5 cfg = config.myServices.websites.connexionswing.integration;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -50,7 +50,7 @@ in {
50 parameters: 50 parameters:
51 database_host: ${secrets.mysql.host} 51 database_host: ${secrets.mysql.host}
52 database_port: ${secrets.mysql.port} 52 database_port: ${secrets.mysql.port}
53 database_name: ${secrets.mysql.name} 53 database_name: ${secrets.mysql.database}
54 database_user: ${secrets.mysql.user} 54 database_user: ${secrets.mysql.user}
55 database_password: ${secrets.mysql.password} 55 database_password: ${secrets.mysql.password}
56 database_server_version: ${pkgs.mariadb.mysqlVersion} 56 database_server_version: ${pkgs.mariadb.mysqlVersion}
diff --git a/modules/private/websites/connexionswing/production.nix b/modules/private/websites/connexionswing/production.nix
index af37e29..fa31931 100644
--- a/modules/private/websites/connexionswing/production.nix
+++ b/modules/private/websites/connexionswing/production.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.connexionswing.production; 3 secrets = config.myEnv.websites.connexionswing.production;
4 app = pkgs.webapps.connexionswing.override { environment = secrets.environment; }; 4 app = pkgs.webapps.connexionswing.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.connexionswing.production; 5 cfg = config.myServices.websites.connexionswing.production;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -52,7 +52,7 @@ in {
52 parameters: 52 parameters:
53 database_host: ${secrets.mysql.host} 53 database_host: ${secrets.mysql.host}
54 database_port: ${secrets.mysql.port} 54 database_port: ${secrets.mysql.port}
55 database_name: ${secrets.mysql.name} 55 database_name: ${secrets.mysql.database}
56 database_user: ${secrets.mysql.user} 56 database_user: ${secrets.mysql.user}
57 database_password: ${secrets.mysql.password} 57 database_password: ${secrets.mysql.password}
58 database_server_version: ${pkgs.mariadb.mysqlVersion} 58 database_server_version: ${pkgs.mariadb.mysqlVersion}
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index 87fdd73..16f02a7 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -1,4 +1,4 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 www_root = "/run/current-system/webapps/_www"; 3 www_root = "/run/current-system/webapps/_www";
4 theme_root = "/run/current-system/webapps/_theme"; 4 theme_root = "/run/current-system/webapps/_theme";
@@ -114,7 +114,7 @@ in
114 <IfModule authnz_ldap_module> 114 <IfModule authnz_ldap_module>
115 AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu STARTTLS 115 AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu STARTTLS
116 AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu 116 AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
117 AuthLDAPBindPassword "${myconfig.env.httpd.ldap.password}" 117 AuthLDAPBindPassword "${config.myEnv.httpd.ldap.password}"
118 AuthType Basic 118 AuthType Basic
119 AuthName "Authentification requise (Acces LDAP)" 119 AuthName "Authentification requise (Acces LDAP)"
120 AuthBasicProvider ldap 120 AuthBasicProvider ldap
@@ -154,7 +154,7 @@ in
154 adminAddr = "httpd@immae.eu"; 154 adminAddr = "httpd@immae.eu";
155 httpdName = "Prod"; 155 httpdName = "Prod";
156 ips = 156 ips =
157 let ips = myconfig.env.servers.eldiron.ips.production; 157 let ips = config.myEnv.servers.eldiron.ips.production;
158 in [ips.ip4] ++ (ips.ip6 or []); 158 in [ips.ip4] ++ (ips.ip6 or []);
159 modules = makeModules; 159 modules = makeModules;
160 extraConfig = makeExtraConfig; 160 extraConfig = makeExtraConfig;
@@ -171,7 +171,7 @@ in
171 adminAddr = "httpd@immae.eu"; 171 adminAddr = "httpd@immae.eu";
172 httpdName = "Inte"; 172 httpdName = "Inte";
173 ips = 173 ips =
174 let ips = myconfig.env.servers.eldiron.ips.integration; 174 let ips = config.myEnv.servers.eldiron.ips.integration;
175 in [ips.ip4] ++ (ips.ip6 or []); 175 in [ips.ip4] ++ (ips.ip6 or []);
176 modules = makeModules; 176 modules = makeModules;
177 extraConfig = makeExtraConfig; 177 extraConfig = makeExtraConfig;
@@ -188,7 +188,7 @@ in
188 adminAddr = "httpd@immae.eu"; 188 adminAddr = "httpd@immae.eu";
189 httpdName = "Tools"; 189 httpdName = "Tools";
190 ips = 190 ips =
191 let ips = myconfig.env.servers.eldiron.ips.main; 191 let ips = config.myEnv.servers.eldiron.ips.main;
192 in [ips.ip4] ++ (ips.ip6 or []); 192 in [ips.ip4] ++ (ips.ip6 or []);
193 modules = makeModules; 193 modules = makeModules;
194 extraConfig = makeExtraConfig ++ 194 extraConfig = makeExtraConfig ++
diff --git a/modules/private/websites/denisejerome/production.nix b/modules/private/websites/denisejerome/production.nix
index f93ad37..481df5b 100644
--- a/modules/private/websites/denisejerome/production.nix
+++ b/modules/private/websites/denisejerome/production.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.denisejerome.production; 3 cfg = config.myServices.websites.denisejerome.production;
4 varDir = "/var/lib/ftp/denisejerome"; 4 varDir = "/var/lib/ftp/denisejerome";
5 env = myconfig.env.websites.denisejerome; 5 env = config.myEnv.websites.denisejerome;
6in { 6in {
7 options.myServices.websites.denisejerome.production.enable = lib.mkEnableOption "enable Denise Jerome's website"; 7 options.myServices.websites.denisejerome.production.enable = lib.mkEnableOption "enable Denise Jerome's website";
8 8
diff --git a/modules/private/websites/emilia/production.nix b/modules/private/websites/emilia/production.nix
index 5bf39c9..71b97dd 100644
--- a/modules/private/websites/emilia/production.nix
+++ b/modules/private/websites/emilia/production.nix
@@ -1,7 +1,7 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.emilia.production; 3 cfg = config.myServices.websites.emilia.production;
4 env = myconfig.env.websites.emilia; 4 env = config.myEnv.websites.emilia;
5 varDir = "/var/lib/moodle"; 5 varDir = "/var/lib/moodle";
6 siteDir = ./moodle; 6 siteDir = ./moodle;
7 webappName = "emilia_moodle"; 7 webappName = "emilia_moodle";
diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix
index e6e16fa..4e5f7d4 100644
--- a/modules/private/websites/florian/app.nix
+++ b/modules/private/websites/florian/app.nix
@@ -1,7 +1,7 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix {}; 3 adminer = pkgs.callPackage ../commons/adminer.nix {};
4 secrets = myconfig.env.websites.tellesflorian.integration; 4 secrets = config.myEnv.websites.tellesflorian.integration;
5 app = pkgs.webapps.tellesflorian.override { environment = secrets.environment; }; 5 app = pkgs.webapps.tellesflorian.override { environment = secrets.environment; };
6 cfg = config.myServices.websites.florian.app; 6 cfg = config.myServices.websites.florian.app;
7 pcfg = config.services.phpApplication; 7 pcfg = config.services.phpApplication;
@@ -58,7 +58,7 @@ in {
58 parameters: 58 parameters:
59 database_host: ${secrets.mysql.host} 59 database_host: ${secrets.mysql.host}
60 database_port: ${secrets.mysql.port} 60 database_port: ${secrets.mysql.port}
61 database_name: ${secrets.mysql.name} 61 database_name: ${secrets.mysql.database}
62 database_user: ${secrets.mysql.user} 62 database_user: ${secrets.mysql.user}
63 database_password: ${secrets.mysql.password} 63 database_password: ${secrets.mysql.password}
64 mailer_transport: smtp 64 mailer_transport: smtp
diff --git a/modules/private/websites/florian/integration.nix b/modules/private/websites/florian/integration.nix
index e444e69..00de761 100644
--- a/modules/private/websites/florian/integration.nix
+++ b/modules/private/websites/florian/integration.nix
@@ -1,9 +1,9 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix {}; 3 adminer = pkgs.callPackage ../commons/adminer.nix {};
4 cfg = config.myServices.websites.florian.integration; 4 cfg = config.myServices.websites.florian.integration;
5 varDir = "/var/lib/ftp/florian"; 5 varDir = "/var/lib/ftp/florian";
6 env = myconfig.env.websites.florian; 6 env = config.myEnv.websites.florian;
7in { 7in {
8 options.myServices.websites.florian.integration.enable = lib.mkEnableOption "enable Florian's website integration"; 8 options.myServices.websites.florian.integration.enable = lib.mkEnableOption "enable Florian's website integration";
9 9
diff --git a/modules/private/websites/florian/production.nix b/modules/private/websites/florian/production.nix
index 44a262e..8d3dfb0 100644
--- a/modules/private/websites/florian/production.nix
+++ b/modules/private/websites/florian/production.nix
@@ -1,9 +1,9 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix {}; 3 adminer = pkgs.callPackage ../commons/adminer.nix {};
4 cfg = config.myServices.websites.florian.production; 4 cfg = config.myServices.websites.florian.production;
5 varDir = "/var/lib/ftp/florian"; 5 varDir = "/var/lib/ftp/florian";
6 env = myconfig.env.websites.florian; 6 env = config.myEnv.websites.florian;
7in { 7in {
8 options.myServices.websites.florian.production.enable = lib.mkEnableOption "enable Florian's website production"; 8 options.myServices.websites.florian.production.enable = lib.mkEnableOption "enable Florian's website production";
9 9
diff --git a/modules/private/websites/immae/production.nix b/modules/private/websites/immae/production.nix
index 3b2301a..12d6ddb 100644
--- a/modules/private/websites/immae/production.nix
+++ b/modules/private/websites/immae/production.nix
@@ -1,10 +1,10 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.immae.production; 3 cfg = config.myServices.websites.immae.production;
4 varDir = "/var/lib/buildbot/outputs/immaeEu"; 4 varDir = "/var/lib/buildbot/outputs/immaeEu";
5 coursDir = "/var/lib/buildbot/outputs/cours"; 5 coursDir = "/var/lib/buildbot/outputs/cours";
6 rechercheDir = "/var/lib/buildbot/outputs/recherche"; 6 rechercheDir = "/var/lib/buildbot/outputs/recherche";
7 env = myconfig.env.websites.immae; 7 env = config.myEnv.websites.immae;
8in { 8in {
9 options.myServices.websites.immae.production.enable = lib.mkEnableOption "enable Immae's website"; 9 options.myServices.websites.immae.production.enable = lib.mkEnableOption "enable Immae's website";
10 10
diff --git a/modules/private/websites/immae/release.nix b/modules/private/websites/immae/release.nix
index 5cc35ee..a503c90 100644
--- a/modules/private/websites/immae/release.nix
+++ b/modules/private/websites/immae/release.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.immae.release; 3 cfg = config.myServices.websites.immae.release;
4 varDir = "/var/lib/ftp/release.immae.eu"; 4 varDir = "/var/lib/ftp/release.immae.eu";
5 env = myconfig.env.websites.release; 5 env = config.myEnv.websites.release;
6in { 6in {
7 options.myServices.websites.immae.release.enable = lib.mkEnableOption "enable Release' website"; 7 options.myServices.websites.immae.release.enable = lib.mkEnableOption "enable Release' website";
8 8
diff --git a/modules/private/websites/immae/temp.nix b/modules/private/websites/immae/temp.nix
index 288c8cc..b3b28cc 100644
--- a/modules/private/websites/immae/temp.nix
+++ b/modules/private/websites/immae/temp.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.immae.temp; 3 cfg = config.myServices.websites.immae.temp;
4 varDir = "/var/lib/ftp/temp.immae.eu"; 4 varDir = "/var/lib/ftp/temp.immae.eu";
5 env = myconfig.env.websites.temp; 5 env = config.myEnv.websites.temp;
6in { 6in {
7 options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website"; 7 options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website";
8 8
diff --git a/modules/private/websites/ludivinecassal/integration.nix b/modules/private/websites/ludivinecassal/integration.nix
index 5d9afc1..d6459b0 100644
--- a/modules/private/websites/ludivinecassal/integration.nix
+++ b/modules/private/websites/ludivinecassal/integration.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.ludivinecassal.integration; 3 secrets = config.myEnv.websites.ludivinecassal.integration;
4 app = pkgs.webapps.ludivinecassal.override { environment = secrets.environment; }; 4 app = pkgs.webapps.ludivinecassal.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.ludivinecassal.integration; 5 cfg = config.myServices.websites.ludivinecassal.integration;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -48,7 +48,7 @@ in {
48 parameters: 48 parameters:
49 database_host: ${secrets.mysql.host} 49 database_host: ${secrets.mysql.host}
50 database_port: ${secrets.mysql.port} 50 database_port: ${secrets.mysql.port}
51 database_name: ${secrets.mysql.name} 51 database_name: ${secrets.mysql.database}
52 database_user: ${secrets.mysql.user} 52 database_user: ${secrets.mysql.user}
53 database_password: ${secrets.mysql.password} 53 database_password: ${secrets.mysql.password}
54 database_server_version: ${pkgs.mariadb.mysqlVersion} 54 database_server_version: ${pkgs.mariadb.mysqlVersion}
@@ -66,7 +66,7 @@ in {
66 ldap_base_dn: 'dc=immae,dc=eu' 66 ldap_base_dn: 'dc=immae,dc=eu'
67 ldap_search_dn: '${secrets.ldap.dn}' 67 ldap_search_dn: '${secrets.ldap.dn}'
68 ldap_search_password: '${secrets.ldap.password}' 68 ldap_search_password: '${secrets.ldap.password}'
69 ldap_search_filter: '${secrets.ldap.search}' 69 ldap_search_filter: '${secrets.ldap.filter}'
70 leapt_im: 70 leapt_im:
71 binary_path: ${pkgs.imagemagick}/bin 71 binary_path: ${pkgs.imagemagick}/bin
72 assetic: 72 assetic:
diff --git a/modules/private/websites/ludivinecassal/production.nix b/modules/private/websites/ludivinecassal/production.nix
index 1a8b958..c6f0cf3 100644
--- a/modules/private/websites/ludivinecassal/production.nix
+++ b/modules/private/websites/ludivinecassal/production.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.ludivinecassal.production; 3 secrets = config.myEnv.websites.ludivinecassal.production;
4 app = pkgs.webapps.ludivinecassal.override { environment = secrets.environment; }; 4 app = pkgs.webapps.ludivinecassal.override { environment = secrets.environment; };
5 pcfg = config.services.phpApplication; 5 pcfg = config.services.phpApplication;
6 cfg = config.myServices.websites.ludivinecassal.production; 6 cfg = config.myServices.websites.ludivinecassal.production;
@@ -50,7 +50,7 @@ in {
50 parameters: 50 parameters:
51 database_host: ${secrets.mysql.host} 51 database_host: ${secrets.mysql.host}
52 database_port: ${secrets.mysql.port} 52 database_port: ${secrets.mysql.port}
53 database_name: ${secrets.mysql.name} 53 database_name: ${secrets.mysql.database}
54 database_user: ${secrets.mysql.user} 54 database_user: ${secrets.mysql.user}
55 database_password: ${secrets.mysql.password} 55 database_password: ${secrets.mysql.password}
56 database_server_version: ${pkgs.mariadb.mysqlVersion} 56 database_server_version: ${pkgs.mariadb.mysqlVersion}
@@ -68,7 +68,7 @@ in {
68 ldap_base_dn: 'dc=immae,dc=eu' 68 ldap_base_dn: 'dc=immae,dc=eu'
69 ldap_search_dn: '${secrets.ldap.dn}' 69 ldap_search_dn: '${secrets.ldap.dn}'
70 ldap_search_password: '${secrets.ldap.password}' 70 ldap_search_password: '${secrets.ldap.password}'
71 ldap_search_filter: '${secrets.ldap.search}' 71 ldap_search_filter: '${secrets.ldap.filter}'
72 leapt_im: 72 leapt_im:
73 binary_path: ${pkgs.imagemagick}/bin 73 binary_path: ${pkgs.imagemagick}/bin
74 assetic: 74 assetic:
diff --git a/modules/private/websites/nassime/production.nix b/modules/private/websites/nassime/production.nix
index f2a4142..f9468f9 100644
--- a/modules/private/websites/nassime/production.nix
+++ b/modules/private/websites/nassime/production.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.nassime.production; 3 cfg = config.myServices.websites.nassime.production;
4 varDir = "/var/lib/ftp/nassime"; 4 varDir = "/var/lib/ftp/nassime";
5 env = myconfig.env.websites.nassime; 5 env = config.myEnv.websites.nassime;
6in { 6in {
7 options.myServices.websites.nassime.production.enable = lib.mkEnableOption "enable Nassime's website"; 7 options.myServices.websites.nassime.production.enable = lib.mkEnableOption "enable Nassime's website";
8 8
diff --git a/modules/private/websites/naturaloutil/production.nix b/modules/private/websites/naturaloutil/production.nix
index 93940d5..628e129 100644
--- a/modules/private/websites/naturaloutil/production.nix
+++ b/modules/private/websites/naturaloutil/production.nix
@@ -1,9 +1,9 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix {}; 3 adminer = pkgs.callPackage ../commons/adminer.nix {};
4 cfg = config.myServices.websites.naturaloutil.production; 4 cfg = config.myServices.websites.naturaloutil.production;
5 varDir = "/var/lib/ftp/jerome"; 5 varDir = "/var/lib/ftp/jerome";
6 env = myconfig.env.websites.jerome; 6 env = config.myEnv.websites.jerome;
7in { 7in {
8 options.myServices.websites.naturaloutil.production.enable = lib.mkEnableOption "enable Naturaloutil's website"; 8 options.myServices.websites.naturaloutil.production.enable = lib.mkEnableOption "enable Naturaloutil's website";
9 9
@@ -21,7 +21,7 @@ in {
21 <?php 21 <?php
22 $mysql_user = '${env.mysql.user}' ; 22 $mysql_user = '${env.mysql.user}' ;
23 $mysql_server = '${env.mysql.host}' ; 23 $mysql_server = '${env.mysql.host}' ;
24 $mysql_base = '${env.mysql.name}' ; 24 $mysql_base = '${env.mysql.database}' ;
25 $mysql_password = '${env.mysql.password}' ; 25 $mysql_password = '${env.mysql.password}' ;
26 //connect to db 26 //connect to db
27 $db = mysqli_init(); 27 $db = mysqli_init();
diff --git a/modules/private/websites/papa/surveillance.nix b/modules/private/websites/papa/surveillance.nix
index ca6bf9e..1bb6ac8 100644
--- a/modules/private/websites/papa/surveillance.nix
+++ b/modules/private/websites/papa/surveillance.nix
@@ -1,4 +1,4 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 cfg = config.myServices.websites.papa.surveillance; 3 cfg = config.myServices.websites.papa.surveillance;
4 varDir = "/var/lib/ftp/papa"; 4 varDir = "/var/lib/ftp/papa";
diff --git a/modules/private/websites/piedsjaloux/integration.nix b/modules/private/websites/piedsjaloux/integration.nix
index 8d7cf3a..5568c60 100644
--- a/modules/private/websites/piedsjaloux/integration.nix
+++ b/modules/private/websites/piedsjaloux/integration.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.piedsjaloux.integration; 3 secrets = config.myEnv.websites.piedsjaloux.integration;
4 app = pkgs.webapps.piedsjaloux.override { environment = secrets.environment; }; 4 app = pkgs.webapps.piedsjaloux.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.piedsjaloux.integration; 5 cfg = config.myServices.websites.piedsjaloux.integration;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -49,7 +49,7 @@ in {
49 parameters: 49 parameters:
50 database_host: ${secrets.mysql.host} 50 database_host: ${secrets.mysql.host}
51 database_port: ${secrets.mysql.port} 51 database_port: ${secrets.mysql.port}
52 database_name: ${secrets.mysql.name} 52 database_name: ${secrets.mysql.database}
53 database_user: ${secrets.mysql.user} 53 database_user: ${secrets.mysql.user}
54 database_password: ${secrets.mysql.password} 54 database_password: ${secrets.mysql.password}
55 database_server_version: ${pkgs.mariadb.mysqlVersion} 55 database_server_version: ${pkgs.mariadb.mysqlVersion}
diff --git a/modules/private/websites/piedsjaloux/production.nix b/modules/private/websites/piedsjaloux/production.nix
index 2267e03..28f85eb 100644
--- a/modules/private/websites/piedsjaloux/production.nix
+++ b/modules/private/websites/piedsjaloux/production.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = myconfig.env.websites.piedsjaloux.production; 3 secrets = config.myEnv.websites.piedsjaloux.production;
4 app = pkgs.webapps.piedsjaloux.override { environment = secrets.environment; }; 4 app = pkgs.webapps.piedsjaloux.override { environment = secrets.environment; };
5 cfg = config.myServices.websites.piedsjaloux.production; 5 cfg = config.myServices.websites.piedsjaloux.production;
6 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
@@ -51,7 +51,7 @@ in {
51 parameters: 51 parameters:
52 database_host: ${secrets.mysql.host} 52 database_host: ${secrets.mysql.host}
53 database_port: ${secrets.mysql.port} 53 database_port: ${secrets.mysql.port}
54 database_name: ${secrets.mysql.name} 54 database_name: ${secrets.mysql.database}
55 database_user: ${secrets.mysql.user} 55 database_user: ${secrets.mysql.user}
56 database_password: ${secrets.mysql.password} 56 database_password: ${secrets.mysql.password}
57 database_server_version: ${pkgs.mariadb.mysqlVersion} 57 database_server_version: ${pkgs.mariadb.mysqlVersion}
diff --git a/modules/private/websites/teliotortay/production.nix b/modules/private/websites/teliotortay/production.nix
index 445117d..b0544ee 100644
--- a/modules/private/websites/teliotortay/production.nix
+++ b/modules/private/websites/teliotortay/production.nix
@@ -1,9 +1,9 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix {}; 3 adminer = pkgs.callPackage ../commons/adminer.nix {};
4 cfg = config.myServices.websites.telioTortay.production; 4 cfg = config.myServices.websites.telioTortay.production;
5 varDir = "/var/lib/ftp/telio_tortay"; 5 varDir = "/var/lib/ftp/telio_tortay";
6 env = myconfig.env.websites.telioTortay; 6 env = config.myEnv.websites.telioTortay;
7in { 7in {
8 options.myServices.websites.telioTortay.production.enable = lib.mkEnableOption "enable Telio Tortay's website"; 8 options.myServices.websites.telioTortay.production.enable = lib.mkEnableOption "enable Telio Tortay's website";
9 9
diff --git a/modules/private/websites/tools/cloud/default.nix b/modules/private/websites/tools/cloud/default.nix
index 3aabde8..4785074 100644
--- a/modules/private/websites/tools/cloud/default.nix
+++ b/modules/private/websites/tools/cloud/default.nix
@@ -1,7 +1,7 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 nextcloud = pkgs.webapps.nextcloud.withApps (builtins.attrValues pkgs.webapps.nextcloud-apps); 3 nextcloud = pkgs.webapps.nextcloud.withApps (builtins.attrValues pkgs.webapps.nextcloud-apps);
4 env = myconfig.env.tools.nextcloud; 4 env = config.myEnv.tools.nextcloud;
5 varDir = "/var/lib/nextcloud"; 5 varDir = "/var/lib/nextcloud";
6 webappName = "tools_nextcloud"; 6 webappName = "tools_nextcloud";
7 apacheRoot = "/run/current-system/webapps/${webappName}"; 7 apacheRoot = "/run/current-system/webapps/${webappName}";
@@ -129,7 +129,7 @@ in {
129 array ( 129 array (
130 'host' => '${env.redis.socket}', 130 'host' => '${env.redis.socket}',
131 'port' => 0, 131 'port' => 0,
132 'dbindex' => ${env.redis.db_index}, 132 'dbindex' => ${env.redis.db},
133 ), 133 ),
134 'overwrite.cli.url' => 'https://cloud.immae.eu', 134 'overwrite.cli.url' => 'https://cloud.immae.eu',
135 'ldapIgnoreNamingRules' => false, 135 'ldapIgnoreNamingRules' => false,
diff --git a/modules/private/websites/tools/dav/davical.nix b/modules/private/websites/tools/dav/davical.nix
index 98cebee..2a02f5e 100644
--- a/modules/private/websites/tools/dav/davical.nix
+++ b/modules/private/websites/tools/dav/davical.nix
@@ -32,16 +32,16 @@ rec {
32 $c->authenticate_hook['optional'] = false; 32 $c->authenticate_hook['optional'] = false;
33 $c->authenticate_hook['call'] = 'LDAP_check'; 33 $c->authenticate_hook['call'] = 'LDAP_check';
34 $c->authenticate_hook['config'] = array( 34 $c->authenticate_hook['config'] = array(
35 'host' => 'ldap.immae.eu', 35 'host' => '${env.ldap.host}',
36 'port' => '389', 36 'port' => '389',
37 'startTLS' => 'yes', 37 'startTLS' => 'yes',
38 'bindDN'=> 'cn=davical,ou=services,dc=immae,dc=eu', 38 'bindDN'=> '${env.ldap.dn}',
39 'passDN'=> '${env.ldap.password}', 39 'passDN'=> '${env.ldap.password}',
40 'protocolVersion' => '3', 40 'protocolVersion' => '3',
41 'baseDNUsers'=> array('ou=users,dc=immae,dc=eu', 'ou=group_users,dc=immae,dc=eu'), 41 'baseDNUsers'=> array('ou=users,${env.ldap.base}', 'ou=group_users,${env.ldap.base}'),
42 'filterUsers' => 'memberOf=cn=users,cn=davical,ou=services,dc=immae,dc=eu', 42 'filterUsers' => '${env.ldap.filter}',
43 'baseDNGroups' => 'ou=groups,dc=immae,dc=eu', 43 'baseDNGroups' => 'ou=groups,${env.ldap.base}',
44 'filterGroups' => 'memberOf=cn=groups,cn=davical,ou=services,dc=immae,dc=eu', 44 'filterGroups' => 'memberOf=cn=groups,${env.ldap.dn}',
45 'mapping_field' => array( 45 'mapping_field' => array(
46 "username" => "uid", 46 "username" => "uid",
47 "fullname" => "cn", 47 "fullname" => "cn",
diff --git a/modules/private/websites/tools/dav/default.nix b/modules/private/websites/tools/dav/default.nix
index 5a0f470..d30c04a 100644
--- a/modules/private/websites/tools/dav/default.nix
+++ b/modules/private/websites/tools/dav/default.nix
@@ -1,4 +1,4 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 infcloud = rec { 3 infcloud = rec {
4 webappName = "tools_infcloud"; 4 webappName = "tools_infcloud";
@@ -16,7 +16,7 @@ let
16 ''; 16 '';
17 }; 17 };
18 davical = pkgs.callPackage ./davical.nix { 18 davical = pkgs.callPackage ./davical.nix {
19 env = myconfig.env.tools.davical; 19 env = config.myEnv.tools.davical;
20 inherit (pkgs.webapps) davical awl; 20 inherit (pkgs.webapps) davical awl;
21 }; 21 };
22 22
diff --git a/modules/private/websites/tools/diaspora/default.nix b/modules/private/websites/tools/diaspora/default.nix
index 20ae055..4fe4115 100644
--- a/modules/private/websites/tools/diaspora/default.nix
+++ b/modules/private/websites/tools/diaspora/default.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 env = myconfig.env.tools.diaspora; 3 env = config.myEnv.tools.diaspora;
4 root = "/run/current-system/webapps/tools_diaspora"; 4 root = "/run/current-system/webapps/tools_diaspora";
5 cfg = config.myServices.websites.tools.diaspora; 5 cfg = config.myServices.websites.tools.diaspora;
6 dcfg = config.services.diaspora; 6 dcfg = config.services.diaspora;
@@ -26,7 +26,7 @@ in {
26 environment: 26 environment:
27 url: "https://diaspora.immae.eu/" 27 url: "https://diaspora.immae.eu/"
28 certificate_authorities: '${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt' 28 certificate_authorities: '${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt'
29 redis: '${env.redis_url}' 29 redis: 'redis://${env.redis.host}:${env.redis.port}/${env.redis.db}'
30 sidekiq: 30 sidekiq:
31 s3: 31 s3:
32 assets: 32 assets:
@@ -79,16 +79,16 @@ in {
79 inbound: 79 inbound:
80 ldap: 80 ldap:
81 enable: true 81 enable: true
82 host: ldap.immae.eu 82 host: ${env.ldap.host}
83 port: 636 83 port: 636
84 only_ldap: true 84 only_ldap: true
85 mail_attribute: mail 85 mail_attribute: mail
86 skip_email_confirmation: true 86 skip_email_confirmation: true
87 use_bind_dn: true 87 use_bind_dn: true
88 bind_dn: "cn=diaspora,ou=services,dc=immae,dc=eu" 88 bind_dn: "${env.ldap.dn}"
89 bind_pw: "${env.ldap.password}" 89 bind_pw: "${env.ldap.password}"
90 search_base: "dc=immae,dc=eu" 90 search_base: "${env.ldap.base}"
91 search_filter: "(&(memberOf=cn=users,cn=diaspora,ou=services,dc=immae,dc=eu)(uid=%{username}))" 91 search_filter: "${env.ldap.filter}"
92 production: 92 production:
93 environment: 93 environment:
94 development: 94 development:
diff --git a/modules/private/websites/tools/ether/default.nix b/modules/private/websites/tools/ether/default.nix
index 62a1691..1c56ed7 100644
--- a/modules/private/websites/tools/ether/default.nix
+++ b/modules/private/websites/tools/ether/default.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 env = myconfig.env.tools.etherpad-lite; 3 env = config.myEnv.tools.etherpad-lite;
4 cfg = config.myServices.websites.tools.etherpad-lite; 4 cfg = config.myServices.websites.tools.etherpad-lite;
5 # Make sure we’re not rebuilding whole libreoffice just because of a 5 # Make sure we’re not rebuilding whole libreoffice just because of a
6 # dependency 6 # dependency
@@ -89,15 +89,15 @@ in {
89 "ldapauth": { 89 "ldapauth": {
90 "url": "ldaps://${env.ldap.host}", 90 "url": "ldaps://${env.ldap.host}",
91 "accountBase": "${env.ldap.base}", 91 "accountBase": "${env.ldap.base}",
92 "accountPattern": "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))", 92 "accountPattern": "${env.ldap.filter}",
93 "displayNameAttribute": "cn", 93 "displayNameAttribute": "cn",
94 "searchDN": "cn=etherpad,ou=services,dc=immae,dc=eu", 94 "searchDN": "${env.ldap.dn}",
95 "searchPWD": "${env.ldap.password}", 95 "searchPWD": "${env.ldap.password}",
96 "groupSearchBase": "${env.ldap.base}", 96 "groupSearchBase": "${env.ldap.base}",
97 "groupAttribute": "member", 97 "groupAttribute": "member",
98 "groupAttributeIsDN": true, 98 "groupAttributeIsDN": true,
99 "searchScope": "sub", 99 "searchScope": "sub",
100 "groupSearch": "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)", 100 "groupSearch": "${env.ldap.group_filter}",
101 "anonymousReadonly": false 101 "anonymousReadonly": false
102 } 102 }
103 }, 103 },
@@ -155,7 +155,7 @@ in {
155 155
156 RewriteEngine On 156 RewriteEngine On
157 157
158 RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" myconfig.env.tools.etherpad-lite.redirects}" 158 RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" config.myEnv.tools.etherpad-lite.redirects}"
159 RewriteCond %{QUERY_STRING} "!noredirect" 159 RewriteCond %{QUERY_STRING} "!noredirect"
160 RewriteCond %{REQUEST_URI} "^(.*)$" 160 RewriteCond %{REQUEST_URI} "^(.*)$"
161 RewriteCond ''${redirects:$1|Unknown} "!Unknown" 161 RewriteCond ''${redirects:$1|Unknown} "!Unknown"
diff --git a/modules/private/websites/tools/git/default.nix b/modules/private/websites/tools/git/default.nix
index d66d151..a5f525b 100644
--- a/modules/private/websites/tools/git/default.nix
+++ b/modules/private/websites/tools/git/default.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 mantisbt = pkgs.callPackage ./mantisbt.nix { 3 mantisbt = pkgs.callPackage ./mantisbt.nix {
4 inherit (pkgs.webapps) mantisbt_2 mantisbt_2-plugins; 4 inherit (pkgs.webapps) mantisbt_2 mantisbt_2-plugins;
5 env = myconfig.env.tools.mantisbt; 5 env = config.myEnv.tools.mantisbt;
6 }; 6 };
7 gitweb = pkgs.callPackage ./gitweb.nix { 7 gitweb = pkgs.callPackage ./gitweb.nix {
8 gitoliteDir = config.myServices.gitolite.gitoliteDir; 8 gitoliteDir = config.myServices.gitolite.gitoliteDir;
diff --git a/modules/private/websites/tools/git/mantisbt.nix b/modules/private/websites/tools/git/mantisbt.nix
index a1b830e..d0d7a98 100644
--- a/modules/private/websites/tools/git/mantisbt.nix
+++ b/modules/private/websites/tools/git/mantisbt.nix
@@ -35,15 +35,15 @@ rec {
35 # --- LDAP --- 35 # --- LDAP ---
36 $g_login_method = LDAP; 36 $g_login_method = LDAP;
37 $g_ldap_protocol_version = 3; 37 $g_ldap_protocol_version = 3;
38 $g_ldap_server = 'ldaps://ldap.immae.eu:636'; 38 $g_ldap_server = 'ldaps://${env.ldap.host}:636';
39 $g_ldap_root_dn = 'ou=users,dc=immae,dc=eu'; 39 $g_ldap_root_dn = 'ou=users,${env.ldap.base}';
40 $g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu'; 40 $g_ldap_bind_dn = '${env.ldap.dn}';
41 $g_ldap_bind_passwd = '${env.ldap.password}'; 41 $g_ldap_bind_passwd = '${env.ldap.password}';
42 $g_use_ldap_email = ON; 42 $g_use_ldap_email = ON;
43 $g_use_ldap_realname = ON; 43 $g_use_ldap_realname = ON;
44 $g_ldap_uid_field = 'uid'; 44 $g_ldap_uid_field = 'uid';
45 $g_ldap_realname_field = 'cn'; 45 $g_ldap_realname_field = 'cn';
46 $g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)'; 46 $g_ldap_organization = '${env.ldap.filter}';
47 ''; 47 '';
48 }]; 48 }];
49 webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (builtins.attrValues mantisbt_2-plugins); 49 webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (builtins.attrValues mantisbt_2-plugins);
diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix
index 218c3a5..6342694 100644
--- a/modules/private/websites/tools/mail/default.nix
+++ b/modules/private/websites/tools/mail/default.nix
@@ -1,8 +1,8 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 roundcubemail = pkgs.callPackage ./roundcubemail.nix { 3 roundcubemail = pkgs.callPackage ./roundcubemail.nix {
4 inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins; 4 inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
5 env = myconfig.env.tools.roundcubemail; 5 env = config.myEnv.tools.roundcubemail;
6 }; 6 };
7 rainloop = pkgs.callPackage ./rainloop.nix {}; 7 rainloop = pkgs.callPackage ./rainloop.nix {};
8 cfg = config.myServices.websites.tools.email; 8 cfg = config.myServices.websites.tools.email;
diff --git a/modules/private/websites/tools/mail/mta-sts.nix b/modules/private/websites/tools/mail/mta-sts.nix
index d443f55..a401b41 100644
--- a/modules/private/websites/tools/mail/mta-sts.nix
+++ b/modules/private/websites/tools/mail/mta-sts.nix
@@ -1,4 +1,4 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 domains = (lib.remove null (lib.flatten (map 3 domains = (lib.remove null (lib.flatten (map
4 (zone: map 4 (zone: map
@@ -11,7 +11,7 @@ let
11 ) 11 )
12 (zone.withEmail or []) 12 (zone.withEmail or [])
13 ) 13 )
14 myconfig.env.dns.masterZones 14 config.myEnv.dns.masterZones
15 ))); 15 )));
16 # FIXME: increase the id number in modules/private/dns.nix when this 16 # FIXME: increase the id number in modules/private/dns.nix when this
17 # file change (date -u +'%Y%m%d%H%M%S'Z) 17 # file change (date -u +'%Y%m%d%H%M%S'Z)
diff --git a/modules/private/websites/tools/mail/roundcubemail.nix b/modules/private/websites/tools/mail/roundcubemail.nix
index 8bb60d6..35de312 100644
--- a/modules/private/websites/tools/mail/roundcubemail.nix
+++ b/modules/private/websites/tools/mail/roundcubemail.nix
@@ -14,9 +14,12 @@ rec {
14 user = apache.user; 14 user = apache.user;
15 group = apache.group; 15 group = apache.group;
16 permissions = "0400"; 16 permissions = "0400";
17 text = '' 17 text =
18 let
19 psql_url = with env.postgresql; "pgsql://${user}:${password}@unix(${socket}:${port})/${database}";
20 in ''
18 <?php 21 <?php
19 $config['db_dsnw'] = '${env.psql_url}'; 22 $config['db_dsnw'] = '${psql_url}';
20 $config['default_host'] = 'ssl://imap.immae.eu'; 23 $config['default_host'] = 'ssl://imap.immae.eu';
21 $config['username_domain'] = array( 24 $config['username_domain'] = array(
22 "imap.immae.eu" => "mail.immae.eu" 25 "imap.immae.eu" => "mail.immae.eu"
diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index 97f2452..80d7431 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 env = myconfig.env.tools.mastodon; 3 env = config.myEnv.tools.mastodon;
4 root = "/run/current-system/webapps/tools_mastodon"; 4 root = "/run/current-system/webapps/tools_mastodon";
5 cfg = config.myServices.websites.tools.mastodon; 5 cfg = config.myServices.websites.tools.mastodon;
6 mcfg = config.services.mastodon; 6 mcfg = config.services.mastodon;
@@ -50,14 +50,14 @@ in {
50 50
51 # LDAP authentication (optional) 51 # LDAP authentication (optional)
52 LDAP_ENABLED=true 52 LDAP_ENABLED=true
53 LDAP_HOST=ldap.immae.eu 53 LDAP_HOST=${env.ldap.host}
54 LDAP_PORT=636 54 LDAP_PORT=636
55 LDAP_METHOD=simple_tls 55 LDAP_METHOD=simple_tls
56 LDAP_BASE="dc=immae,dc=eu" 56 LDAP_BASE="${env.ldap.base}"
57 LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu" 57 LDAP_BIND_DN="${env.ldap.dn}"
58 LDAP_PASSWORD="${env.ldap.password}" 58 LDAP_PASSWORD="${env.ldap.password}"
59 LDAP_UID="uid" 59 LDAP_UID="uid"
60 LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))" 60 LDAP_SEARCH_FILTER="${env.ldap.filter}"
61 ''; 61 '';
62 }]; 62 }];
63 services.mastodon = { 63 services.mastodon = {
diff --git a/modules/private/websites/tools/mgoblin/default.nix b/modules/private/websites/tools/mgoblin/default.nix
index aeae893..5224a0d 100644
--- a/modules/private/websites/tools/mgoblin/default.nix
+++ b/modules/private/websites/tools/mgoblin/default.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 env = myconfig.env.tools.mediagoblin; 3 env = config.myEnv.tools.mediagoblin;
4 cfg = config.myServices.websites.tools.mediagoblin; 4 cfg = config.myServices.websites.tools.mediagoblin;
5 mcfg = config.services.mediagoblin; 5 mcfg = config.services.mediagoblin;
6in { 6in {
@@ -17,7 +17,12 @@ in {
17 user = "mediagoblin"; 17 user = "mediagoblin";
18 group = "mediagoblin"; 18 group = "mediagoblin";
19 permissions = "0400"; 19 permissions = "0400";
20 text = '' 20 text =
21 let
22 psql_url = with env.postgresql; "postgresql://${user}:${password}@:${port}/${database}?host=${socket}";
23 redis_url = with env.redis; "redis+socket://${socket}?virtual_host=${db}";
24 in
25 ''
21 [DEFAULT] 26 [DEFAULT]
22 data_basedir = "${mcfg.dataDir}" 27 data_basedir = "${mcfg.dataDir}"
23 28
@@ -26,7 +31,7 @@ in {
26 email_sender_address = "mediagoblin@tools.immae.eu" 31 email_sender_address = "mediagoblin@tools.immae.eu"
27 32
28 #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db 33 #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db
29 sql_engine = ${env.psql_url} 34 sql_engine = ${psql_url}
30 35
31 email_debug_mode = false 36 email_debug_mode = false
32 allow_registration = false 37 allow_registration = false
@@ -52,19 +57,19 @@ in {
52 base_url = /mgoblin_media/ 57 base_url = /mgoblin_media/
53 58
54 [celery] 59 [celery]
55 CELERY_RESULT_DBURI = ${env.redis_url} 60 CELERY_RESULT_DBURI = ${redis_url}
56 BROKER_URL = ${env.redis_url} 61 BROKER_URL = ${redis_url}
57 CELERYD_CONCURRENCY = 1 62 CELERYD_CONCURRENCY = 1
58 63
59 [plugins] 64 [plugins]
60 [[mediagoblin.plugins.geolocation]] 65 [[mediagoblin.plugins.geolocation]]
61 [[mediagoblin.plugins.ldap]] 66 [[mediagoblin.plugins.ldap]]
62 [[[immae.eu]]] 67 [[[immae.eu]]]
63 LDAP_SERVER_URI = 'ldaps://ldap.immae.eu:636' 68 LDAP_SERVER_URI = 'ldaps://${env.ldap.host}:636'
64 LDAP_SEARCH_BASE = 'dc=immae,dc=eu' 69 LDAP_SEARCH_BASE = '${env.ldap.base}'
65 LDAP_BIND_DN = 'cn=mediagoblin,ou=services,dc=immae,dc=eu' 70 LDAP_BIND_DN = '${env.ldap.dn}'
66 LDAP_BIND_PW = '${env.ldap.password}' 71 LDAP_BIND_PW = '${env.ldap.password}'
67 LDAP_SEARCH_FILTER = '(&(memberOf=cn=users,cn=mediagoblin,ou=services,dc=immae,dc=eu)(uid={username}))' 72 LDAP_SEARCH_FILTER = '${env.ldap.filter}'
68 EMAIL_SEARCH_FIELD = 'mail' 73 EMAIL_SEARCH_FIELD = 'mail'
69 [[mediagoblin.plugins.basicsearch]] 74 [[mediagoblin.plugins.basicsearch]]
70 [[mediagoblin.plugins.piwigo]] 75 [[mediagoblin.plugins.piwigo]]
diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix
index 6739641..0bacfd1 100644
--- a/modules/private/websites/tools/peertube/default.nix
+++ b/modules/private/websites/tools/peertube/default.nix
@@ -1,6 +1,6 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 env = myconfig.env.tools.peertube; 3 env = config.myEnv.tools.peertube;
4 cfg = config.myServices.websites.tools.peertube; 4 cfg = config.myServices.websites.tools.peertube;
5 pcfg = config.services.peertube; 5 pcfg = config.services.peertube;
6in { 6in {
@@ -27,7 +27,7 @@ in {
27 text = '' 27 text = ''
28 listen: 28 listen:
29 hostname: 'localhost' 29 hostname: 'localhost'
30 port: ${env.listenPort} 30 port: ${toString config.myEnv.ports.peertube}
31 webserver: 31 webserver:
32 https: true 32 https: true
33 hostname: 'peertube.immae.eu' 33 hostname: 'peertube.immae.eu'
@@ -45,7 +45,7 @@ in {
45 redis: 45 redis:
46 socket: '${env.redis.socket}' 46 socket: '${env.redis.socket}'
47 auth: null 47 auth: null
48 db: ${env.redis.db_index} 48 db: ${env.redis.db}
49 ldap: 49 ldap:
50 enable: true 50 enable: true
51 ldap_only: false 51 ldap_only: false
@@ -171,13 +171,13 @@ in {
171 171
172 RewriteCond %{REQUEST_URI} ^/socket.io [NC] 172 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
173 RewriteCond %{QUERY_STRING} transport=websocket [NC] 173 RewriteCond %{QUERY_STRING} transport=websocket [NC]
174 RewriteRule /(.*) ws://localhost:${env.listenPort}/$1 [P,NE,QSA,L] 174 RewriteRule /(.*) ws://localhost:${toString env.listenPort}/$1 [P,NE,QSA,L]
175 175
176 RewriteCond %{REQUEST_URI} ^/tracker/socket [NC] 176 RewriteCond %{REQUEST_URI} ^/tracker/socket [NC]
177 RewriteRule /(.*) ws://localhost:${env.listenPort}/$1 [P,NE,QSA,L] 177 RewriteRule /(.*) ws://localhost:${toString env.listenPort}/$1 [P,NE,QSA,L]
178 178
179 ProxyPass / http://localhost:${env.listenPort}/ 179 ProxyPass / http://localhost:${toString env.listenPort}/
180 ProxyPassReverse / http://localhost:${env.listenPort}/ 180 ProxyPassReverse / http://localhost:${toString env.listenPort}/
181 181
182 ProxyPreserveHost On 182 ProxyPreserveHost On
183 RequestHeader set X-Real-IP %{REMOTE_ADDR}s 183 RequestHeader set X-Real-IP %{REMOTE_ADDR}s
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 3cf3e8e..5a0c196 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -1,39 +1,39 @@
1{ lib, pkgs, config, myconfig, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 adminer = pkgs.callPackage ./adminer.nix { 3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer; 4 inherit (pkgs.webapps) adminer;
5 }; 5 };
6 ympd = pkgs.callPackage ./ympd.nix { 6 ympd = pkgs.callPackage ./ympd.nix {
7 env = myconfig.env.tools.ympd; 7 env = config.myEnv.tools.ympd;
8 }; 8 };
9 ttrss = pkgs.callPackage ./ttrss.nix { 9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins; 10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = myconfig.env.tools.ttrss; 11 env = config.myEnv.tools.ttrss;
12 }; 12 };
13 kanboard = pkgs.callPackage ./kanboard.nix { 13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = myconfig.env.tools.kanboard; 14 env = config.myEnv.tools.kanboard;
15 }; 15 };
16 wallabag = pkgs.callPackage ./wallabag.nix { 16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag; 17 inherit (pkgs.webapps) wallabag;
18 env = myconfig.env.tools.wallabag; 18 env = config.myEnv.tools.wallabag;
19 }; 19 };
20 yourls = pkgs.callPackage ./yourls.nix { 20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins; 21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = myconfig.env.tools.yourls; 22 env = config.myEnv.tools.yourls;
23 }; 23 };
24 rompr = pkgs.callPackage ./rompr.nix { 24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr; 25 inherit (pkgs.webapps) rompr;
26 env = myconfig.env.tools.rompr; 26 env = config.myEnv.tools.rompr;
27 }; 27 };
28 shaarli = pkgs.callPackage ./shaarli.nix { 28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = myconfig.env.tools.shaarli; 29 env = config.myEnv.tools.shaarli;
30 }; 30 };
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix { 31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins; 32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
33 }; 33 };
34 ldap = pkgs.callPackage ./ldap.nix { 34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin; 35 inherit (pkgs.webapps) phpldapadmin;
36 env = myconfig.env.tools.phpldapadmin; 36 env = config.myEnv.tools.phpldapadmin;
37 }; 37 };
38 38
39 cfg = config.myServices.websites.tools.tools; 39 cfg = config.myServices.websites.tools.tools;
diff --git a/modules/private/websites/tools/tools/kanboard.nix b/modules/private/websites/tools/tools/kanboard.nix
index 68c3a10..36a949c 100644
--- a/modules/private/websites/tools/tools/kanboard.nix
+++ b/modules/private/websites/tools/tools/kanboard.nix
@@ -37,8 +37,8 @@ rec {
37 define('LDAP_USERNAME', '${env.ldap.dn}'); 37 define('LDAP_USERNAME', '${env.ldap.dn}');
38 define('LDAP_PASSWORD', '${env.ldap.password}'); 38 define('LDAP_PASSWORD', '${env.ldap.password}');
39 define('LDAP_USER_BASE_DN', '${env.ldap.base}'); 39 define('LDAP_USER_BASE_DN', '${env.ldap.base}');
40 define('LDAP_USER_FILTER', '(&(memberOf=cn=users,cn=kanboard,ou=services,dc=immae,dc=eu)(uid=%s))'); 40 define('LDAP_USER_FILTER', '${env.ldap.filter}');
41 define('LDAP_GROUP_ADMIN_DN', 'cn=admins,cn=kanboard,ou=services,dc=immae,dc=eu'); 41 define('LDAP_GROUP_ADMIN_DN', '${env.ldap.admin_dn}');
42 ?> 42 ?>
43 ''; 43 '';
44 }]; 44 }];
diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix
index 28041ba..0f1ae7b 100644
--- a/modules/private/websites/tools/tools/shaarli.nix
+++ b/modules/private/websites/tools/tools/shaarli.nix
@@ -42,7 +42,7 @@ in rec {
42 SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}" 42 SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}"
43 SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}" 43 SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}"
44 SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}" 44 SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}"
45 SetEnv SHAARLI_LDAP_FILTER "${env.ldap.search}" 45 SetEnv SHAARLI_LDAP_FILTER "${env.ldap.filter}"
46 ''; 46 '';
47 }]; 47 }];
48 phpFpm = rec { 48 phpFpm = rec {
diff --git a/modules/private/websites/tools/tools/ttrss.nix b/modules/private/websites/tools/tools/ttrss.nix
index 598cc3a..4a9b8ca 100644
--- a/modules/private/websites/tools/tools/ttrss.nix
+++ b/modules/private/websites/tools/tools/ttrss.nix
@@ -73,14 +73,14 @@ rec {
73 define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu'); 73 define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu');
74 define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours'); 74 define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
75 75
76 define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/'); 76 define('LDAP_AUTH_SERVER_URI', 'ldap://${env.ldap.host}:389/');
77 define('LDAP_AUTH_USETLS', TRUE); 77 define('LDAP_AUTH_USETLS', TRUE);
78 define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE); 78 define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
79 define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu'); 79 define('LDAP_AUTH_BASEDN', '${env.ldap.base}');
80 define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE); 80 define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
81 define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))'); 81 define('LDAP_AUTH_SEARCHFILTER', '${env.ldap.filter}');
82 82
83 define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu'); 83 define('LDAP_AUTH_BINDDN', '${env.ldap.dn}');
84 define('LDAP_AUTH_BINDPW', '${env.ldap.password}'); 84 define('LDAP_AUTH_BINDPW', '${env.ldap.password}');
85 define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin'); 85 define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
86 86
diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index 8572d64..2d152b2 100644
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -48,16 +48,16 @@ rec {
48 redis_password: null 48 redis_password: null
49 sites_credentials: { } 49 sites_credentials: { }
50 ldap_enabled: true 50 ldap_enabled: true
51 ldap_host: ldap.immae.eu 51 ldap_host: ${env.ldap.host}
52 ldap_port: 636 52 ldap_port: 636
53 ldap_tls: false 53 ldap_tls: false
54 ldap_ssl: true 54 ldap_ssl: true
55 ldap_bind_requires_dn: true 55 ldap_bind_requires_dn: true
56 ldap_base: 'dc=immae,dc=eu' 56 ldap_base: '${env.ldap.base}'
57 ldap_manager_dn: 'cn=wallabag,ou=services,dc=immae,dc=eu' 57 ldap_manager_dn: '${env.ldap.dn}'
58 ldap_manager_pw: ${env.ldap.password} 58 ldap_manager_pw: ${env.ldap.password}
59 ldap_filter: '(&(memberOf=cn=users,cn=wallabag,ou=services,dc=immae,dc=eu))' 59 ldap_filter: '${env.ldap.filter}'
60 ldap_admin_filter: '(&(memberOf=cn=admins,cn=wallabag,ou=services,dc=immae,dc=eu)(uid=%s))' 60 ldap_admin_filter: '${env.ldap.admin_filter}'
61 ldap_username_attribute: uid 61 ldap_username_attribute: uid
62 ldap_email_attribute: mail 62 ldap_email_attribute: mail
63 ldap_name_attribute: cn 63 ldap_name_attribute: cn
diff --git a/modules/private/websites/tools/tools/ympd.nix b/modules/private/websites/tools/tools/ympd.nix
index b54c486..72d45d4 100644
--- a/modules/private/websites/tools/tools/ympd.nix
+++ b/modules/private/websites/tools/tools/ympd.nix
@@ -2,7 +2,7 @@
2let 2let
3 ympd = rec { 3 ympd = rec {
4 config = { 4 config = {
5 webPort = "localhost:${env.listenPort}"; 5 webPort = "localhost:${toString env.listenPort}";
6 host = env.mpd.host; 6 host = env.mpd.host;
7 port = env.mpd.port; 7 port = env.mpd.port;
8 }; 8 };
diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix
index 0a8e837..6280e78 100644
--- a/modules/private/websites/tools/tools/yourls.nix
+++ b/modules/private/websites/tools/tools/yourls.nix
@@ -28,10 +28,10 @@ rec {
28 define( 'YOURLS_DEBUG', false ); 28 define( 'YOURLS_DEBUG', false );
29 define( 'YOURLS_URL_CONVERT', 36 ); 29 define( 'YOURLS_URL_CONVERT', 36 );
30 $yourls_reserved_URL = array(); 30 $yourls_reserved_URL = array();
31 define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); 31 define( 'LDAPAUTH_HOST', 'ldaps://${env.ldap.host}' );
32 define( 'LDAPAUTH_PORT', '636' ); 32 define( 'LDAPAUTH_PORT', '636' );
33 define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); 33 define( 'LDAPAUTH_BASE', '${env.ldap.base}' );
34 define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); 34 define( 'LDAPAUTH_SEARCH_USER', '${env.ldap.dn}' );
35 define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); 35 define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' );
36 36
37 define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); 37 define( 'LDAPAUTH_GROUP_ATTR', 'memberof' );
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-09 07:19:04 +0000