aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/private/buildbot/default.nix4
-rw-r--r--modules/private/certificates.nix2
-rw-r--r--modules/private/tasks/default.nix6
-rw-r--r--modules/private/websites/aten/integration.nix2
-rw-r--r--modules/private/websites/aten/production.nix6
-rw-r--r--modules/private/websites/capitaines/production.nix4
-rw-r--r--modules/private/websites/chloe/integration.nix6
-rw-r--r--modules/private/websites/chloe/production.nix6
-rw-r--r--modules/private/websites/connexionswing/integration.nix4
-rw-r--r--modules/private/websites/connexionswing/production.nix4
-rw-r--r--modules/private/websites/default.nix6
-rw-r--r--modules/private/websites/denisejerome/production.nix2
-rw-r--r--modules/private/websites/emilia/production.nix2
-rw-r--r--modules/private/websites/florian/app.nix4
-rw-r--r--modules/private/websites/florian/integration.nix4
-rw-r--r--modules/private/websites/florian/production.nix4
-rw-r--r--modules/private/websites/immae/production.nix6
-rw-r--r--modules/private/websites/immae/release.nix2
-rw-r--r--modules/private/websites/immae/temp.nix4
-rw-r--r--modules/private/websites/leila/production.nix6
-rw-r--r--modules/private/websites/ludivinecassal/integration.nix4
-rw-r--r--modules/private/websites/ludivinecassal/production.nix4
-rw-r--r--modules/private/websites/nassime/production.nix2
-rw-r--r--modules/private/websites/naturaloutil/production.nix4
-rw-r--r--modules/private/websites/papa/surveillance.nix2
-rw-r--r--modules/private/websites/piedsjaloux/integration.nix4
-rw-r--r--modules/private/websites/piedsjaloux/production.nix4
-rw-r--r--modules/private/websites/tools/cloud/default.nix4
-rw-r--r--modules/private/websites/tools/dav/default.nix4
-rw-r--r--modules/private/websites/tools/db/default.nix4
-rw-r--r--modules/private/websites/tools/diaspora/default.nix4
-rw-r--r--modules/private/websites/tools/ether/default.nix4
-rw-r--r--modules/private/websites/tools/git/default.nix4
-rw-r--r--modules/private/websites/tools/mastodon/default.nix4
-rw-r--r--modules/private/websites/tools/mgoblin/default.nix4
-rw-r--r--modules/private/websites/tools/peertube/default.nix4
-rw-r--r--modules/private/websites/tools/tools/default.nix12
-rw-r--r--modules/websites/default.nix229
-rw-r--r--modules/websites/php-application.nix4
39 files changed, 202 insertions, 187 deletions
diff --git a/modules/private/buildbot/default.nix b/modules/private/buildbot/default.nix
index d023a83..f307606 100644
--- a/modules/private/buildbot/default.nix
+++ b/modules/private/buildbot/default.nix
@@ -37,11 +37,11 @@ in
37 extraGroups = [ "keys" ]; 37 extraGroups = [ "keys" ];
38 }; 38 };
39 39
40 services.websites.tools.watchPaths = lib.attrsets.mapAttrsToList 40 services.websites.env.tools.watchPaths = lib.attrsets.mapAttrsToList
41 (k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include") 41 (k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include")
42 myconfig.env.buildbot.projects; 42 myconfig.env.buildbot.projects;
43 43
44 services.websites.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: '' 44 services.websites.env.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
45 RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/" 45 RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"
46 RewriteEngine On 46 RewriteEngine On
47 RewriteRule ^/buildbot/${project.name}/ws(.*)$ unix:///run/buildbot/${project.name}.sock|ws://git.immae.eu/ws$1 [P,NE,QSA,L] 47 RewriteRule ^/buildbot/${project.name}/ws(.*)$ unix:///run/buildbot/${project.name}.sock|ws://git.immae.eu/ws$1 [P,NE,QSA,L]
diff --git a/modules/private/certificates.nix b/modules/private/certificates.nix
index 43f6a23..2e40b3c 100644
--- a/modules/private/certificates.nix
+++ b/modules/private/certificates.nix
@@ -15,7 +15,7 @@
15 }; 15 };
16 16
17 config = { 17 config = {
18 services.websitesCerts = config.services.myCertificates.certConfig; 18 services.websites.certs = config.services.myCertificates.certConfig;
19 myServices.databasesCerts = config.services.myCertificates.certConfig; 19 myServices.databasesCerts = config.services.myCertificates.certConfig;
20 myServices.ircCerts = config.services.myCertificates.certConfig; 20 myServices.ircCerts = config.services.myCertificates.certConfig;
21 21
diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix
index 83a1b61..a2da0c3 100644
--- a/modules/private/tasks/default.nix
+++ b/modules/private/tasks/default.nix
@@ -101,9 +101,9 @@ in {
101 SetEnv TASKD_LDAP_FILTER "${env.ldap.search}" 101 SetEnv TASKD_LDAP_FILTER "${env.ldap.search}"
102 ''; 102 '';
103 }]; 103 }];
104 services.websites.tools.watchPaths = [ "/var/secrets/webapps/tools-taskwarrior-web" ]; 104 services.websites.env.tools.watchPaths = [ "/var/secrets/webapps/tools-taskwarrior-web" ];
105 services.websites.tools.modules = [ "proxy_fcgi" "sed" ]; 105 services.websites.env.tools.modules = [ "proxy_fcgi" "sed" ];
106 services.websites.tools.vhostConfs.task = { 106 services.websites.env.tools.vhostConfs.task = {
107 certName = "eldiron"; 107 certName = "eldiron";
108 addToCerts = true; 108 addToCerts = true;
109 hosts = [ "task.immae.eu" ]; 109 hosts = [ "task.immae.eu" ];
diff --git a/modules/private/websites/aten/integration.nix b/modules/private/websites/aten/integration.nix
index f8d8b53..0dbc4fa 100644
--- a/modules/private/websites/aten/integration.nix
+++ b/modules/private/websites/aten/integration.nix
@@ -32,7 +32,7 @@ in {
32 32
33 secrets.keys = aten.keys; 33 secrets.keys = aten.keys;
34 services.phpfpm.poolConfigs.aten_dev = aten.phpFpm.pool; 34 services.phpfpm.poolConfigs.aten_dev = aten.phpFpm.pool;
35 services.websites.integration.vhostConfs.aten = { 35 services.websites.env.integration.vhostConfs.aten = {
36 certName = "eldiron"; 36 certName = "eldiron";
37 addToCerts = true; 37 addToCerts = true;
38 hosts = [ "dev.aten.pro" ]; 38 hosts = [ "dev.aten.pro" ];
diff --git a/modules/private/websites/aten/production.nix b/modules/private/websites/aten/production.nix
index 1a55e8a..0fab309 100644
--- a/modules/private/websites/aten/production.nix
+++ b/modules/private/websites/aten/production.nix
@@ -21,15 +21,15 @@ in {
21 services.phpfpm.poolConfigs.aten_prod = aten.phpFpm.pool; 21 services.phpfpm.poolConfigs.aten_prod = aten.phpFpm.pool;
22 system.activationScripts.aten_prod = aten.activationScript; 22 system.activationScripts.aten_prod = aten.activationScript;
23 myServices.websites.webappDirs."${aten.apache.webappName}" = aten.app.webRoot; 23 myServices.websites.webappDirs."${aten.apache.webappName}" = aten.app.webRoot;
24 services.websites.production.modules = aten.apache.modules; 24 services.websites.env.production.modules = aten.apache.modules;
25 services.websites.production.vhostConfs.aten = { 25 services.websites.env.production.vhostConfs.aten = {
26 certName = "aten"; 26 certName = "aten";
27 certMainHost = "aten.pro"; 27 certMainHost = "aten.pro";
28 hosts = [ "aten.pro" "www.aten.pro" ]; 28 hosts = [ "aten.pro" "www.aten.pro" ];
29 root = aten.apache.root; 29 root = aten.apache.root;
30 extraConfig = [ aten.apache.vhostConf ]; 30 extraConfig = [ aten.apache.vhostConf ];
31 }; 31 };
32 services.websites.production.watchPaths = [ 32 services.websites.env.production.watchPaths = [
33 "/var/secrets/webapps/${aten.app.environment}-aten" 33 "/var/secrets/webapps/${aten.app.environment}-aten"
34 ]; 34 ];
35 }; 35 };
diff --git a/modules/private/websites/capitaines/production.nix b/modules/private/websites/capitaines/production.nix
index 57d8787..995e2cc 100644
--- a/modules/private/websites/capitaines/production.nix
+++ b/modules/private/websites/capitaines/production.nix
@@ -11,7 +11,7 @@ in {
11 config = lib.mkIf cfg.enable { 11 config = lib.mkIf cfg.enable {
12 myServices.websites.webappDirs."${webappName}" = siteDir; 12 myServices.websites.webappDirs."${webappName}" = siteDir;
13 13
14 services.websites.production.vhostConfs.capitaines_mastodon = { 14 services.websites.env.production.vhostConfs.capitaines_mastodon = {
15 certName = "capitaines"; 15 certName = "capitaines";
16 certMainHost = "mastodon.capitaines.fr"; 16 certMainHost = "mastodon.capitaines.fr";
17 hosts = [ "mastodon.capitaines.fr" ]; 17 hosts = [ "mastodon.capitaines.fr" ];
@@ -28,7 +28,7 @@ in {
28 ]; 28 ];
29 }; 29 };
30 30
31 services.websites.production.vhostConfs.capitaines = { 31 services.websites.env.production.vhostConfs.capitaines = {
32 certName = "capitaines"; 32 certName = "capitaines";
33 addToCerts = true; 33 addToCerts = true;
34 hosts = [ "capitaines.fr" ]; 34 hosts = [ "capitaines.fr" ];
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix
index 25ec4db..1f7ac31 100644
--- a/modules/private/websites/chloe/integration.nix
+++ b/modules/private/websites/chloe/integration.nix
@@ -24,15 +24,15 @@ in {
24 }; 24 };
25 system.activationScripts.chloe_dev = chloe.activationScript; 25 system.activationScripts.chloe_dev = chloe.activationScript;
26 myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot; 26 myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot;
27 services.websites.integration.modules = chloe.apache.modules; 27 services.websites.env.integration.modules = chloe.apache.modules;
28 services.websites.integration.vhostConfs.chloe = { 28 services.websites.env.integration.vhostConfs.chloe = {
29 certName = "eldiron"; 29 certName = "eldiron";
30 addToCerts = true; 30 addToCerts = true;
31 hosts = ["chloe.immae.eu" ]; 31 hosts = ["chloe.immae.eu" ];
32 root = chloe.apache.root; 32 root = chloe.apache.root;
33 extraConfig = [ chloe.apache.vhostConf ]; 33 extraConfig = [ chloe.apache.vhostConf ];
34 }; 34 };
35 services.websites.integration.watchPaths = [ 35 services.websites.env.integration.watchPaths = [
36 "/var/secrets/webapps/${chloe.app.environment}-chloe" 36 "/var/secrets/webapps/${chloe.app.environment}-chloe"
37 ]; 37 ];
38 }; 38 };
diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix
index 6e0c34d..6cfdb7f 100644
--- a/modules/private/websites/chloe/production.nix
+++ b/modules/private/websites/chloe/production.nix
@@ -26,15 +26,15 @@ in {
26 }; 26 };
27 system.activationScripts.chloe_prod = chloe.activationScript; 27 system.activationScripts.chloe_prod = chloe.activationScript;
28 myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot; 28 myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot;
29 services.websites.production.modules = chloe.apache.modules; 29 services.websites.env.production.modules = chloe.apache.modules;
30 services.websites.production.vhostConfs.chloe = { 30 services.websites.env.production.vhostConfs.chloe = {
31 certName = "chloe"; 31 certName = "chloe";
32 certMainHost = "osteopathe-cc.fr"; 32 certMainHost = "osteopathe-cc.fr";
33 hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ]; 33 hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
34 root = chloe.apache.root; 34 root = chloe.apache.root;
35 extraConfig = [ chloe.apache.vhostConf ]; 35 extraConfig = [ chloe.apache.vhostConf ];
36 }; 36 };
37 services.websites.production.watchPaths = [ 37 services.websites.env.production.watchPaths = [
38 "/var/secrets/webapps/${chloe.app.environment}-chloe" 38 "/var/secrets/webapps/${chloe.app.environment}-chloe"
39 ]; 39 ];
40 }; 40 };
diff --git a/modules/private/websites/connexionswing/integration.nix b/modules/private/websites/connexionswing/integration.nix
index 7d77ac7..795d532 100644
--- a/modules/private/websites/connexionswing/integration.nix
+++ b/modules/private/websites/connexionswing/integration.nix
@@ -23,8 +23,8 @@ in {
23 }; 23 };
24 system.activationScripts.connexionswing_dev = connexionswing.activationScript; 24 system.activationScripts.connexionswing_dev = connexionswing.activationScript;
25 myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot; 25 myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot;
26 services.websites.integration.modules = connexionswing.apache.modules; 26 services.websites.env.integration.modules = connexionswing.apache.modules;
27 services.websites.integration.vhostConfs.connexionswing = { 27 services.websites.env.integration.vhostConfs.connexionswing = {
28 certName = "eldiron"; 28 certName = "eldiron";
29 addToCerts = true; 29 addToCerts = true;
30 hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ]; 30 hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
diff --git a/modules/private/websites/connexionswing/production.nix b/modules/private/websites/connexionswing/production.nix
index f4cb377..07647da 100644
--- a/modules/private/websites/connexionswing/production.nix
+++ b/modules/private/websites/connexionswing/production.nix
@@ -25,8 +25,8 @@ in {
25 }; 25 };
26 system.activationScripts.connexionswing_prod = connexionswing.activationScript; 26 system.activationScripts.connexionswing_prod = connexionswing.activationScript;
27 myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot; 27 myServices.websites.webappDirs."${connexionswing.apache.webappName}" = connexionswing.app.webRoot;
28 services.websites.production.modules = connexionswing.apache.modules; 28 services.websites.env.production.modules = connexionswing.apache.modules;
29 services.websites.production.vhostConfs.connexionswing = { 29 services.websites.env.production.vhostConfs.connexionswing = {
30 certName = "connexionswing"; 30 certName = "connexionswing";
31 certMainHost = "connexionswing.com"; 31 certMainHost = "connexionswing.com";
32 hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; 32 hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index c3d941c..0d420ea 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -142,7 +142,7 @@ in
142 services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ]; 142 services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ];
143 services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ]; 143 services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ];
144 144
145 services.websites.production = { 145 services.websites.env.production = {
146 enable = true; 146 enable = true;
147 adminAddr = "httpd@immae.eu"; 147 adminAddr = "httpd@immae.eu";
148 httpdName = "Prod"; 148 httpdName = "Prod";
@@ -159,7 +159,7 @@ in
159 }; 159 };
160 }; 160 };
161 161
162 services.websites.integration = { 162 services.websites.env.integration = {
163 enable = true; 163 enable = true;
164 adminAddr = "httpd@immae.eu"; 164 adminAddr = "httpd@immae.eu";
165 httpdName = "Inte"; 165 httpdName = "Inte";
@@ -176,7 +176,7 @@ in
176 }; 176 };
177 }; 177 };
178 178
179 services.websites.tools = { 179 services.websites.env.tools = {
180 enable = true; 180 enable = true;
181 adminAddr = "httpd@immae.eu"; 181 adminAddr = "httpd@immae.eu";
182 httpdName = "Tools"; 182 httpdName = "Tools";
diff --git a/modules/private/websites/denisejerome/production.nix b/modules/private/websites/denisejerome/production.nix
index b5aff94..f93ad37 100644
--- a/modules/private/websites/denisejerome/production.nix
+++ b/modules/private/websites/denisejerome/production.nix
@@ -9,7 +9,7 @@ in {
9 config = lib.mkIf cfg.enable { 9 config = lib.mkIf cfg.enable {
10 services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ]; 10 services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ];
11 11
12 services.websites.production.vhostConfs.denisejerome = { 12 services.websites.env.production.vhostConfs.denisejerome = {
13 certName = "denisejerome"; 13 certName = "denisejerome";
14 certMainHost = "denisejerome.piedsjaloux.fr"; 14 certMainHost = "denisejerome.piedsjaloux.fr";
15 hosts = ["denisejerome.piedsjaloux.fr" ]; 15 hosts = ["denisejerome.piedsjaloux.fr" ];
diff --git a/modules/private/websites/emilia/production.nix b/modules/private/websites/emilia/production.nix
index 13f008f..422bfd4 100644
--- a/modules/private/websites/emilia/production.nix
+++ b/modules/private/websites/emilia/production.nix
@@ -47,7 +47,7 @@ in {
47 install -m 0755 -o wwwrun -g wwwrun -d ${varDir} 47 install -m 0755 -o wwwrun -g wwwrun -d ${varDir}
48 ''; 48 '';
49 myServices.websites.webappDirs."${webappName}" = siteDir; 49 myServices.websites.webappDirs."${webappName}" = siteDir;
50 services.websites.production.vhostConfs.emilia = { 50 services.websites.env.production.vhostConfs.emilia = {
51 certName = "emilia"; 51 certName = "emilia";
52 certMainHost = "saison-photo.org"; 52 certMainHost = "saison-photo.org";
53 hosts = [ "saison-photo.org" "www.saison-photo.org" ]; 53 hosts = [ "saison-photo.org" "www.saison-photo.org" ];
diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix
index 55fb3cb..00fe644 100644
--- a/modules/private/websites/florian/app.nix
+++ b/modules/private/websites/florian/app.nix
@@ -21,8 +21,8 @@ in {
21 services.phpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool; 21 services.phpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool;
22 system.activationScripts.tellesflorian_dev = tellesflorian.activationScript; 22 system.activationScripts.tellesflorian_dev = tellesflorian.activationScript;
23 myServices.websites.webappDirs."${tellesflorian.apache.webappName}" = tellesflorian.app.webRoot; 23 myServices.websites.webappDirs."${tellesflorian.apache.webappName}" = tellesflorian.app.webRoot;
24 services.websites.integration.modules = adminer.apache.modules ++ tellesflorian.apache.modules; 24 services.websites.env.integration.modules = adminer.apache.modules ++ tellesflorian.apache.modules;
25 services.websites.integration.vhostConfs.tellesflorian = { 25 services.websites.env.integration.vhostConfs.tellesflorian = {
26 certName = "eldiron"; 26 certName = "eldiron";
27 addToCerts = true; 27 addToCerts = true;
28 hosts = ["app.tellesflorian.com" ]; 28 hosts = ["app.tellesflorian.com" ];
diff --git a/modules/private/websites/florian/integration.nix b/modules/private/websites/florian/integration.nix
index 424ebd4..e444e69 100644
--- a/modules/private/websites/florian/integration.nix
+++ b/modules/private/websites/florian/integration.nix
@@ -10,8 +10,8 @@ in {
10 config = lib.mkIf cfg.enable { 10 config = lib.mkIf cfg.enable {
11 security.acme.certs."ftp".extraDomains."florian.immae.eu" = null; 11 security.acme.certs."ftp".extraDomains."florian.immae.eu" = null;
12 12
13 services.websites.integration.modules = adminer.apache.modules; 13 services.websites.env.integration.modules = adminer.apache.modules;
14 services.websites.integration.vhostConfs.florian = { 14 services.websites.env.integration.vhostConfs.florian = {
15 certName = "eldiron"; 15 certName = "eldiron";
16 addToCerts = true; 16 addToCerts = true;
17 hosts = [ "florian.immae.eu" ]; 17 hosts = [ "florian.immae.eu" ];
diff --git a/modules/private/websites/florian/production.nix b/modules/private/websites/florian/production.nix
index 9b310b8..44a262e 100644
--- a/modules/private/websites/florian/production.nix
+++ b/modules/private/websites/florian/production.nix
@@ -10,8 +10,8 @@ in {
10 config = lib.mkIf cfg.enable { 10 config = lib.mkIf cfg.enable {
11 security.acme.certs."ftp".extraDomains."tellesflorian.com" = null; 11 security.acme.certs."ftp".extraDomains."tellesflorian.com" = null;
12 12
13 services.websites.production.modules = adminer.apache.modules; 13 services.websites.env.production.modules = adminer.apache.modules;
14 services.websites.production.vhostConfs.florian = { 14 services.websites.env.production.vhostConfs.florian = {
15 certName = "florian"; 15 certName = "florian";
16 certMainHost = "tellesflorian.com"; 16 certMainHost = "tellesflorian.com";
17 hosts = [ "tellesflorian.com" "www.tellesflorian.com" ]; 17 hosts = [ "tellesflorian.com" "www.tellesflorian.com" ];
diff --git a/modules/private/websites/immae/production.nix b/modules/private/websites/immae/production.nix
index c3cabb6..3c851e6 100644
--- a/modules/private/websites/immae/production.nix
+++ b/modules/private/websites/immae/production.nix
@@ -22,8 +22,8 @@ in {
22 22
23 php_admin_value[open_basedir] = "${varDir}:/tmp" 23 php_admin_value[open_basedir] = "${varDir}:/tmp"
24 ''; 24 '';
25 services.websites.production.modules = [ "proxy_fcgi" ]; 25 services.websites.env.production.modules = [ "proxy_fcgi" ];
26 services.websites.production.vhostConfs.immae = { 26 services.websites.env.production.vhostConfs.immae = {
27 certName = "eldiron"; 27 certName = "eldiron";
28 addToCerts = true; 28 addToCerts = true;
29 hosts = [ "www.immae.eu" ]; 29 hosts = [ "www.immae.eu" ];
@@ -51,7 +51,7 @@ in {
51 ]; 51 ];
52 }; 52 };
53 53
54 services.websites.production.vhostConfs.bouya = { 54 services.websites.env.production.vhostConfs.bouya = {
55 certName = "eldiron"; 55 certName = "eldiron";
56 addToCerts = true; 56 addToCerts = true;
57 hosts = [ "bouya.org" "www.bouya.org" ]; 57 hosts = [ "bouya.org" "www.bouya.org" ];
diff --git a/modules/private/websites/immae/release.nix b/modules/private/websites/immae/release.nix
index 68381a6..5cc35ee 100644
--- a/modules/private/websites/immae/release.nix
+++ b/modules/private/websites/immae/release.nix
@@ -9,7 +9,7 @@ in {
9 config = lib.mkIf cfg.enable { 9 config = lib.mkIf cfg.enable {
10 services.webstats.sites = [ { name = "release.immae.eu"; } ]; 10 services.webstats.sites = [ { name = "release.immae.eu"; } ];
11 11
12 services.websites.production.vhostConfs.release = { 12 services.websites.env.production.vhostConfs.release = {
13 certName = "eldiron"; 13 certName = "eldiron";
14 addToCerts = true; 14 addToCerts = true;
15 hosts = [ "release.immae.eu" ]; 15 hosts = [ "release.immae.eu" ];
diff --git a/modules/private/websites/immae/temp.nix b/modules/private/websites/immae/temp.nix
index 0b2a3a3..288c8cc 100644
--- a/modules/private/websites/immae/temp.nix
+++ b/modules/private/websites/immae/temp.nix
@@ -7,8 +7,8 @@ in {
7 options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website"; 7 options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website";
8 8
9 config = lib.mkIf cfg.enable { 9 config = lib.mkIf cfg.enable {
10 services.websites.production.modules = [ "headers" ]; 10 services.websites.env.production.modules = [ "headers" ];
11 services.websites.production.vhostConfs.temp = { 11 services.websites.env.production.vhostConfs.temp = {
12 certName = "eldiron"; 12 certName = "eldiron";
13 addToCerts = true; 13 addToCerts = true;
14 hosts = [ "temp.immae.eu" ]; 14 hosts = [ "temp.immae.eu" ];
diff --git a/modules/private/websites/leila/production.nix b/modules/private/websites/leila/production.nix
index 69c8c49..52cf8cf 100644
--- a/modules/private/websites/leila/production.nix
+++ b/modules/private/websites/leila/production.nix
@@ -25,8 +25,8 @@ in {
25 { name = "chorale.leila.bouya.org"; } 25 { name = "chorale.leila.bouya.org"; }
26 ]; 26 ];
27 27
28 services.websites.production.modules = [ "proxy_fcgi" ]; 28 services.websites.env.production.modules = [ "proxy_fcgi" ];
29 services.websites.production.vhostConfs.leila_chorale = { 29 services.websites.env.production.vhostConfs.leila_chorale = {
30 certName = "leila"; 30 certName = "leila";
31 addToCerts = true; 31 addToCerts = true;
32 hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ]; 32 hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ];
@@ -49,7 +49,7 @@ in {
49 '' 49 ''
50 ]; 50 ];
51 }; 51 };
52 services.websites.production.vhostConfs.leila = { 52 services.websites.env.production.vhostConfs.leila = {
53 certName = "leila"; 53 certName = "leila";
54 certMainHost = "leila.bouya.org"; 54 certMainHost = "leila.bouya.org";
55 hosts = [ "leila.bouya.org" ]; 55 hosts = [ "leila.bouya.org" ];
diff --git a/modules/private/websites/ludivinecassal/integration.nix b/modules/private/websites/ludivinecassal/integration.nix
index f0ef3a6..bc05d9b 100644
--- a/modules/private/websites/ludivinecassal/integration.nix
+++ b/modules/private/websites/ludivinecassal/integration.nix
@@ -20,8 +20,8 @@ in {
20 services.phpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool; 20 services.phpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool;
21 system.activationScripts.ludivinecassal_dev = ludivinecassal.activationScript; 21 system.activationScripts.ludivinecassal_dev = ludivinecassal.activationScript;
22 myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot; 22 myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot;
23 services.websites.integration.modules = ludivinecassal.apache.modules; 23 services.websites.env.integration.modules = ludivinecassal.apache.modules;
24 services.websites.integration.vhostConfs.ludivine = { 24 services.websites.env.integration.vhostConfs.ludivine = {
25 certName = "eldiron"; 25 certName = "eldiron";
26 addToCerts = true; 26 addToCerts = true;
27 hosts = [ "ludivine.immae.eu" ]; 27 hosts = [ "ludivine.immae.eu" ];
diff --git a/modules/private/websites/ludivinecassal/production.nix b/modules/private/websites/ludivinecassal/production.nix
index 6a22d98..9d8407d 100644
--- a/modules/private/websites/ludivinecassal/production.nix
+++ b/modules/private/websites/ludivinecassal/production.nix
@@ -21,8 +21,8 @@ in {
21 services.phpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool; 21 services.phpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool;
22 system.activationScripts.ludivinecassal_prod = ludivinecassal.activationScript; 22 system.activationScripts.ludivinecassal_prod = ludivinecassal.activationScript;
23 myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot; 23 myServices.websites.webappDirs."${ludivinecassal.apache.webappName}" = ludivinecassal.app.webRoot;
24 services.websites.production.modules = ludivinecassal.apache.modules; 24 services.websites.env.production.modules = ludivinecassal.apache.modules;
25 services.websites.production.vhostConfs.ludivine = { 25 services.websites.env.production.vhostConfs.ludivine = {
26 certName = "ludivinecassal"; 26 certName = "ludivinecassal";
27 certMainHost = "ludivinecassal.com"; 27 certMainHost = "ludivinecassal.com";
28 hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ]; 28 hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ];
diff --git a/modules/private/websites/nassime/production.nix b/modules/private/websites/nassime/production.nix
index a109778..f2a4142 100644
--- a/modules/private/websites/nassime/production.nix
+++ b/modules/private/websites/nassime/production.nix
@@ -11,7 +11,7 @@ in {
11 11
12 security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null; 12 security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null;
13 13
14 services.websites.production.vhostConfs.nassime = { 14 services.websites.env.production.vhostConfs.nassime = {
15 certName = "nassime"; 15 certName = "nassime";
16 certMainHost = "nassime.bouya.org"; 16 certMainHost = "nassime.bouya.org";
17 hosts = ["nassime.bouya.org" ]; 17 hosts = ["nassime.bouya.org" ];
diff --git a/modules/private/websites/naturaloutil/production.nix b/modules/private/websites/naturaloutil/production.nix
index f59957d..93940d5 100644
--- a/modules/private/websites/naturaloutil/production.nix
+++ b/modules/private/websites/naturaloutil/production.nix
@@ -61,8 +61,8 @@ in {
61 extension=${pkgs.php}/lib/php/extensions/mysqli.so 61 extension=${pkgs.php}/lib/php/extensions/mysqli.so
62 ''; 62 '';
63 }; 63 };
64 services.websites.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ]; 64 services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
65 services.websites.production.vhostConfs.naturaloutil = { 65 services.websites.env.production.vhostConfs.naturaloutil = {
66 certName = "naturaloutil"; 66 certName = "naturaloutil";
67 certMainHost = "naturaloutil.immae.eu"; 67 certMainHost = "naturaloutil.immae.eu";
68 hosts = ["naturaloutil.immae.eu" ]; 68 hosts = ["naturaloutil.immae.eu" ];
diff --git a/modules/private/websites/papa/surveillance.nix b/modules/private/websites/papa/surveillance.nix
index 8e7cd9d..ca6bf9e 100644
--- a/modules/private/websites/papa/surveillance.nix
+++ b/modules/private/websites/papa/surveillance.nix
@@ -27,7 +27,7 @@ in {
27 ]; 27 ];
28 }; 28 };
29 29
30 services.websites.production.vhostConfs.papa = { 30 services.websites.env.production.vhostConfs.papa = {
31 certName = "papa"; 31 certName = "papa";
32 certMainHost = "surveillance.maison.bbc.bouya.org"; 32 certMainHost = "surveillance.maison.bbc.bouya.org";
33 hosts = [ "surveillance.maison.bbc.bouya.org" ]; 33 hosts = [ "surveillance.maison.bbc.bouya.org" ];
diff --git a/modules/private/websites/piedsjaloux/integration.nix b/modules/private/websites/piedsjaloux/integration.nix
index 5f574e1..8007c91 100644
--- a/modules/private/websites/piedsjaloux/integration.nix
+++ b/modules/private/websites/piedsjaloux/integration.nix
@@ -19,8 +19,8 @@ in {
19 services.phpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool; 19 services.phpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool;
20 system.activationScripts.piedsjaloux_dev = piedsjaloux.activationScript; 20 system.activationScripts.piedsjaloux_dev = piedsjaloux.activationScript;
21 myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot; 21 myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot;
22 services.websites.integration.modules = piedsjaloux.apache.modules; 22 services.websites.env.integration.modules = piedsjaloux.apache.modules;
23 services.websites.integration.vhostConfs.piedsjaloux = { 23 services.websites.env.integration.vhostConfs.piedsjaloux = {
24 certName = "eldiron"; 24 certName = "eldiron";
25 addToCerts = true; 25 addToCerts = true;
26 hosts = [ "piedsjaloux.immae.eu" ]; 26 hosts = [ "piedsjaloux.immae.eu" ];
diff --git a/modules/private/websites/piedsjaloux/production.nix b/modules/private/websites/piedsjaloux/production.nix
index e3bd2dd..30066a5 100644
--- a/modules/private/websites/piedsjaloux/production.nix
+++ b/modules/private/websites/piedsjaloux/production.nix
@@ -21,8 +21,8 @@ in {
21 services.phpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool; 21 services.phpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool;
22 system.activationScripts.piedsjaloux_prod = piedsjaloux.activationScript; 22 system.activationScripts.piedsjaloux_prod = piedsjaloux.activationScript;
23 myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot; 23 myServices.websites.webappDirs."${piedsjaloux.apache.webappName}" = piedsjaloux.app.webRoot;
24 services.websites.production.modules = piedsjaloux.apache.modules; 24 services.websites.env.production.modules = piedsjaloux.apache.modules;
25 services.websites.production.vhostConfs.piedsjaloux = { 25 services.websites.env.production.vhostConfs.piedsjaloux = {
26 certName = "piedsjaloux"; 26 certName = "piedsjaloux";
27 certMainHost = "piedsjaloux.fr"; 27 certMainHost = "piedsjaloux.fr";
28 hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ]; 28 hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
diff --git a/modules/private/websites/tools/cloud/default.nix b/modules/private/websites/tools/cloud/default.nix
index ceb8f77..fffe04c 100644
--- a/modules/private/websites/tools/cloud/default.nix
+++ b/modules/private/websites/tools/cloud/default.nix
@@ -48,9 +48,9 @@ in {
48 }; 48 };
49 49
50 config = lib.mkIf cfg.enable { 50 config = lib.mkIf cfg.enable {
51 services.websites.tools.modules = [ "proxy_fcgi" ]; 51 services.websites.env.tools.modules = [ "proxy_fcgi" ];
52 52
53 services.websites.tools.vhostConfs.cloud = { 53 services.websites.env.tools.vhostConfs.cloud = {
54 certName = "eldiron"; 54 certName = "eldiron";
55 addToCerts = true; 55 addToCerts = true;
56 hosts = ["cloud.immae.eu" ]; 56 hosts = ["cloud.immae.eu" ];
diff --git a/modules/private/websites/tools/dav/default.nix b/modules/private/websites/tools/dav/default.nix
index fb0baae..5a0f470 100644
--- a/modules/private/websites/tools/dav/default.nix
+++ b/modules/private/websites/tools/dav/default.nix
@@ -29,9 +29,9 @@ in {
29 config = lib.mkIf cfg.enable { 29 config = lib.mkIf cfg.enable {
30 system.activationScripts.davical = davical.activationScript; 30 system.activationScripts.davical = davical.activationScript;
31 secrets.keys = davical.keys; 31 secrets.keys = davical.keys;
32 services.websites.tools.modules = davical.apache.modules; 32 services.websites.env.tools.modules = davical.apache.modules;
33 33
34 services.websites.tools.vhostConfs.dav = { 34 services.websites.env.tools.vhostConfs.dav = {
35 certName = "eldiron"; 35 certName = "eldiron";
36 addToCerts = true; 36 addToCerts = true;
37 hosts = ["dav.immae.eu" ]; 37 hosts = ["dav.immae.eu" ];
diff --git a/modules/private/websites/tools/db/default.nix b/modules/private/websites/tools/db/default.nix
index 361e204..60592e5 100644
--- a/modules/private/websites/tools/db/default.nix
+++ b/modules/private/websites/tools/db/default.nix
@@ -9,8 +9,8 @@ in {
9 }; 9 };
10 10
11 config = lib.mkIf cfg.enable { 11 config = lib.mkIf cfg.enable {
12 services.websites.tools.modules = adminer.apache.modules; 12 services.websites.env.tools.modules = adminer.apache.modules;
13 services.websites.tools.vhostConfs.db-1 = { 13 services.websites.env.tools.vhostConfs.db-1 = {
14 certName = "eldiron"; 14 certName = "eldiron";
15 addToCerts = true; 15 addToCerts = true;
16 hosts = ["db-1.immae.eu" ]; 16 hosts = ["db-1.immae.eu" ];
diff --git a/modules/private/websites/tools/diaspora/default.nix b/modules/private/websites/tools/diaspora/default.nix
index 6742a81..17a6a09 100644
--- a/modules/private/websites/tools/diaspora/default.nix
+++ b/modules/private/websites/tools/diaspora/default.nix
@@ -150,14 +150,14 @@ in {
150 paths = [ dcfg.configDir ]; 150 paths = [ dcfg.configDir ];
151 }; 151 };
152 152
153 services.websites.tools.modules = [ 153 services.websites.env.tools.modules = [
154 "headers" "proxy" "proxy_http" 154 "headers" "proxy" "proxy_http"
155 ]; 155 ];
156 system.extraSystemBuilderCmds = '' 156 system.extraSystemBuilderCmds = ''
157 mkdir -p $out/webapps 157 mkdir -p $out/webapps
158 ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora 158 ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora
159 ''; 159 '';
160 services.websites.tools.vhostConfs.diaspora = { 160 services.websites.env.tools.vhostConfs.diaspora = {
161 certName = "eldiron"; 161 certName = "eldiron";
162 addToCerts = true; 162 addToCerts = true;
163 hosts = [ "diaspora.immae.eu" ]; 163 hosts = [ "diaspora.immae.eu" ];
diff --git a/modules/private/websites/tools/ether/default.nix b/modules/private/websites/tools/ether/default.nix
index 3e68d54..c038528 100644
--- a/modules/private/websites/tools/ether/default.nix
+++ b/modules/private/websites/tools/ether/default.nix
@@ -138,10 +138,10 @@ in {
138 paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ]; 138 paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
139 }; 139 };
140 140
141 services.websites.tools.modules = [ 141 services.websites.env.tools.modules = [
142 "headers" "proxy" "proxy_http" "proxy_wstunnel" 142 "headers" "proxy" "proxy_http" "proxy_wstunnel"
143 ]; 143 ];
144 services.websites.tools.vhostConfs.etherpad-lite = { 144 services.websites.env.tools.vhostConfs.etherpad-lite = {
145 certName = "eldiron"; 145 certName = "eldiron";
146 addToCerts = true; 146 addToCerts = true;
147 hosts = [ "ether.immae.eu" ]; 147 hosts = [ "ether.immae.eu" ];
diff --git a/modules/private/websites/tools/git/default.nix b/modules/private/websites/tools/git/default.nix
index 75d0240..d66d151 100644
--- a/modules/private/websites/tools/git/default.nix
+++ b/modules/private/websites/tools/git/default.nix
@@ -16,14 +16,14 @@ in {
16 16
17 config = lib.mkIf cfg.enable { 17 config = lib.mkIf cfg.enable {
18 secrets.keys = mantisbt.keys; 18 secrets.keys = mantisbt.keys;
19 services.websites.tools.modules = 19 services.websites.env.tools.modules =
20 gitweb.apache.modules ++ 20 gitweb.apache.modules ++
21 mantisbt.apache.modules; 21 mantisbt.apache.modules;
22 myServices.websites.webappDirs."${gitweb.apache.webappName}" = gitweb.webRoot; 22 myServices.websites.webappDirs."${gitweb.apache.webappName}" = gitweb.webRoot;
23 myServices.websites.webappDirs."${mantisbt.apache.webappName}" = mantisbt.webRoot; 23 myServices.websites.webappDirs."${mantisbt.apache.webappName}" = mantisbt.webRoot;
24 24
25 system.activationScripts.mantisbt = mantisbt.activationScript; 25 system.activationScripts.mantisbt = mantisbt.activationScript;
26 services.websites.tools.vhostConfs.git = { 26 services.websites.env.tools.vhostConfs.git = {
27 certName = "eldiron"; 27 certName = "eldiron";
28 addToCerts = true; 28 addToCerts = true;
29 hosts = ["git.immae.eu" ]; 29 hosts = ["git.immae.eu" ];
diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index 1a4b387..d67ae2b 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -77,14 +77,14 @@ in {
77 }; 77 };
78 78
79 79
80 services.websites.tools.modules = [ 80 services.websites.env.tools.modules = [
81 "headers" "proxy" "proxy_wstunnel" "proxy_http" 81 "headers" "proxy" "proxy_wstunnel" "proxy_http"
82 ]; 82 ];
83 system.extraSystemBuilderCmds = '' 83 system.extraSystemBuilderCmds = ''
84 mkdir -p $out/webapps 84 mkdir -p $out/webapps
85 ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon 85 ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
86 ''; 86 '';
87 services.websites.tools.vhostConfs.mastodon = { 87 services.websites.env.tools.vhostConfs.mastodon = {
88 certName = "eldiron"; 88 certName = "eldiron";
89 addToCerts = true; 89 addToCerts = true;
90 hosts = ["mastodon.immae.eu" ]; 90 hosts = ["mastodon.immae.eu" ];
diff --git a/modules/private/websites/tools/mgoblin/default.nix b/modules/private/websites/tools/mgoblin/default.nix
index 1d398db..b99b95e 100644
--- a/modules/private/websites/tools/mgoblin/default.nix
+++ b/modules/private/websites/tools/mgoblin/default.nix
@@ -87,11 +87,11 @@ in {
87 paths = [ mcfg.configFile ]; 87 paths = [ mcfg.configFile ];
88 }; 88 };
89 89
90 services.websites.tools.modules = [ 90 services.websites.env.tools.modules = [
91 "proxy" "proxy_http" 91 "proxy" "proxy_http"
92 ]; 92 ];
93 users.users.wwwrun.extraGroups = [ "mediagoblin" ]; 93 users.users.wwwrun.extraGroups = [ "mediagoblin" ];
94 services.websites.tools.vhostConfs.mgoblin = { 94 services.websites.env.tools.vhostConfs.mgoblin = {
95 certName = "eldiron"; 95 certName = "eldiron";
96 addToCerts = true; 96 addToCerts = true;
97 hosts = ["mgoblin.immae.eu" ]; 97 hosts = ["mgoblin.immae.eu" ];
diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix
index dd28530..f34acaa 100644
--- a/modules/private/websites/tools/peertube/default.nix
+++ b/modules/private/websites/tools/peertube/default.nix
@@ -150,7 +150,7 @@ in {
150 ''; 150 '';
151 }]; 151 }];
152 152
153 services.websites.tools.modules = [ 153 services.websites.env.tools.modules = [
154 "headers" "proxy" "proxy_http" "proxy_wstunnel" 154 "headers" "proxy" "proxy_http" "proxy_wstunnel"
155 ]; 155 ];
156 services.filesWatcher.peertube = { 156 services.filesWatcher.peertube = {
@@ -158,7 +158,7 @@ in {
158 paths = [ pcfg.configFile ]; 158 paths = [ pcfg.configFile ];
159 }; 159 };
160 160
161 services.websites.tools.vhostConfs.peertube = { 161 services.websites.env.tools.vhostConfs.peertube = {
162 certName = "eldiron"; 162 certName = "eldiron";
163 addToCerts = true; 163 addToCerts = true;
164 hosts = [ "peertube.immae.eu" ]; 164 hosts = [ "peertube.immae.eu" ];
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index d75def4..5ca9851 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -57,10 +57,10 @@ in {
57 ++ wallabag.keys 57 ++ wallabag.keys
58 ++ yourls.keys; 58 ++ yourls.keys;
59 59
60 services.websites.integration.modules = 60 services.websites.env.integration.modules =
61 rainloop.apache.modules; 61 rainloop.apache.modules;
62 62
63 services.websites.tools.modules = 63 services.websites.env.tools.modules =
64 [ "proxy_fcgi" ] 64 [ "proxy_fcgi" ]
65 ++ adminer.apache.modules 65 ++ adminer.apache.modules
66 ++ ympd.apache.modules 66 ++ ympd.apache.modules
@@ -74,7 +74,7 @@ in {
74 ++ ldap.apache.modules 74 ++ ldap.apache.modules
75 ++ kanboard.apache.modules; 75 ++ kanboard.apache.modules;
76 76
77 services.websites.integration.vhostConfs.devtools = { 77 services.websites.env.integration.vhostConfs.devtools = {
78 certName = "eldiron"; 78 certName = "eldiron";
79 addToCerts = true; 79 addToCerts = true;
80 hosts = ["devtools.immae.eu" ]; 80 hosts = ["devtools.immae.eu" ];
@@ -94,7 +94,7 @@ in {
94 ]; 94 ];
95 }; 95 };
96 96
97 services.websites.tools.vhostConfs.tools = { 97 services.websites.env.tools.vhostConfs.tools = {
98 certName = "eldiron"; 98 certName = "eldiron";
99 addToCerts = true; 99 addToCerts = true;
100 hosts = ["tools.immae.eu" ]; 100 hosts = ["tools.immae.eu" ];
@@ -124,7 +124,7 @@ in {
124 ]; 124 ];
125 }; 125 };
126 126
127 services.websites.tools.vhostConfs.outils = { 127 services.websites.env.tools.vhostConfs.outils = {
128 certName = "eldiron"; 128 certName = "eldiron";
129 addToCerts = true; 129 addToCerts = true;
130 hosts = [ "outils.immae.eu" ]; 130 hosts = [ "outils.immae.eu" ];
@@ -302,7 +302,7 @@ in {
302 "${kanboard.apache.webappName}" = kanboard.webRoot; 302 "${kanboard.apache.webappName}" = kanboard.webRoot;
303 }; 303 };
304 304
305 services.websites.tools.watchPaths = [ 305 services.websites.env.tools.watchPaths = [
306 "/var/secrets/webapps/tools-wallabag" 306 "/var/secrets/webapps/tools-wallabag"
307 ]; 307 ];
308 services.filesWatcher.phpfpm-wallabag = { 308 services.filesWatcher.phpfpm-wallabag = {
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 2e1d23a..ef79cb3 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -1,119 +1,131 @@
1{ lib, config, ... }: with lib; 1{ lib, config, ... }: with lib;
2let 2let
3 cfg = { 3 cfg = config.services.websites;
4 certs = config.services.websitesCerts;
5 webappDirs = config.services.websitesWebappDirs;
6 env = config.services.websites;
7 };
8in 4in
9{ 5{
10 options.services.websitesCerts = mkOption { 6 options.services.websites = with types; {
11 description = "Default websites configuration for certificates as accepted by acme"; 7 certs = mkOption {
12 }; 8 description = "Default websites configuration for certificates as accepted by acme";
13 options.services.websitesWebappDirs = mkOption { 9 };
14 description = '' 10 webappDirs = mkOption {
15 Defines a symlink between /run/current-system/webapps and a store 11 description = ''
16 app directory to be used in http configuration. Permits to avoid 12 Defines a symlink between /run/current-system/webapps and a store
17 restarting httpd when only the folder name changes. 13 app directory to be used in http configuration. Permits to avoid
18 ''; 14 restarting httpd when only the folder name changes.
19 type = types.attrsOf types.path; 15 '';
20 default = {}; 16 type = types.attrsOf types.path;
21 }; 17 default = {};
22 # TODO: ajouter /run/current-system/webapps (RO) et webapps (RW) 18 };
23 options.services.websites = with types; mkOption { 19 webappDirsName = mkOption {
24 default = {}; 20 type = str;
25 description = "Each type of website to enable will target a distinct httpd server"; 21 default = "webapps";
26 type = attrsOf (submodule { 22 description = ''
27 options = { 23 Name of the webapp dir to create in /run/current-system
28 enable = mkEnableOption "Enable websites of this type"; 24 '';
29 adminAddr = mkOption { 25 };
30 type = str; 26 webappDirsPath = mkOption {
31 description = "Admin e-mail address of the instance"; 27 type = str;
32 }; 28 readOnly = true;
33 httpdName = mkOption { 29 description = ''
34 type = str; 30 Full path of the webapp dir
35 description = "Name of the httpd instance to assign this type to"; 31 '';
36 }; 32 default = "/run/current-system/${cfg.webappDirsName}";
37 ips = mkOption { 33 };
38 type = listOf string; 34 env = mkOption {
39 default = []; 35 default = {};
40 description = "ips to listen to"; 36 description = "Each type of website to enable will target a distinct httpd server";
41 }; 37 type = attrsOf (submodule {
42 modules = mkOption { 38 options = {
43 type = listOf str; 39 enable = mkEnableOption "Enable websites of this type";
44 default = []; 40 adminAddr = mkOption {
45 description = "Additional modules to load in Apache"; 41 type = str;
46 }; 42 description = "Admin e-mail address of the instance";
47 extraConfig = mkOption { 43 };
48 type = listOf lines; 44 httpdName = mkOption {
49 default = []; 45 type = str;
50 description = "Additional configuration to append to Apache"; 46 description = "Name of the httpd instance to assign this type to";
51 }; 47 };
52 nosslVhost = mkOption { 48 ips = mkOption {
53 description = "A default nossl vhost for captive portals"; 49 type = listOf string;
54 default = {}; 50 default = [];
55 type = submodule { 51 description = "ips to listen to";
56 options = { 52 };
57 enable = mkEnableOption "Add default no-ssl vhost for this instance"; 53 modules = mkOption {
58 host = mkOption { 54 type = listOf str;
59 type = string; 55 default = [];
60 description = "The hostname to use for this vhost"; 56 description = "Additional modules to load in Apache";
61 }; 57 };
62 root = mkOption { 58 extraConfig = mkOption {
63 type = path; 59 type = listOf lines;
64 default = ./nosslVhost; 60 default = [];
65 description = "The root folder to serve"; 61 description = "Additional configuration to append to Apache";
66 }; 62 };
67 indexFile = mkOption { 63 nosslVhost = mkOption {
68 type = string; 64 description = "A default nossl vhost for captive portals";
69 default = "index.html"; 65 default = {};
70 description = "The index file to show."; 66 type = submodule {
67 options = {
68 enable = mkEnableOption "Add default no-ssl vhost for this instance";
69 host = mkOption {
70 type = string;
71 description = "The hostname to use for this vhost";
72 };
73 root = mkOption {
74 type = path;
75 default = ./nosslVhost;
76 description = "The root folder to serve";
77 };
78 indexFile = mkOption {
79 type = string;
80 default = "index.html";
81 description = "The index file to show.";
82 };
71 }; 83 };
72 }; 84 };
73 }; 85 };
74 }; 86 fallbackVhost = mkOption {
75 fallbackVhost = mkOption { 87 description = "The fallback vhost that will be defined as first vhost in Apache";
76 description = "The fallback vhost that will be defined as first vhost in Apache"; 88 type = submodule {
77 type = submodule { 89 options = {
78 options = { 90 certName = mkOption { type = string; };
79 certName = mkOption { type = string; }; 91 hosts = mkOption { type = listOf string; };
80 hosts = mkOption { type = listOf string; }; 92 root = mkOption { type = nullOr path; };
81 root = mkOption { type = nullOr path; }; 93 extraConfig = mkOption { type = listOf lines; default = []; };
82 extraConfig = mkOption { type = listOf lines; default = []; }; 94 };
83 }; 95 };
84 }; 96 };
85 }; 97 vhostConfs = mkOption {
86 vhostConfs = mkOption { 98 default = {};
87 default = {}; 99 description = "List of vhosts to define for Apache";
88 description = "List of vhosts to define for Apache"; 100 type = attrsOf (submodule {
89 type = attrsOf (submodule { 101 options = {
90 options = { 102 certName = mkOption { type = string; };
91 certName = mkOption { type = string; }; 103 addToCerts = mkOption {
92 addToCerts = mkOption { 104 type = bool;
93 type = bool; 105 default = false;
94 default = false; 106 description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null";
95 description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null"; 107 };
96 }; 108 certMainHost = mkOption {
97 certMainHost = mkOption { 109 type = nullOr string;
98 type = nullOr string; 110 description = "Use that host as 'main host' for acme certs";
99 description = "Use that host as 'main host' for acme certs"; 111 default = null;
100 default = null; 112 };
113 hosts = mkOption { type = listOf string; };
114 root = mkOption { type = nullOr path; };
115 extraConfig = mkOption { type = listOf lines; default = []; };
101 }; 116 };
102 hosts = mkOption { type = listOf string; }; 117 });
103 root = mkOption { type = nullOr path; }; 118 };
104 extraConfig = mkOption { type = listOf lines; default = []; }; 119 watchPaths = mkOption {
105 }; 120 type = listOf string;
106 }); 121 default = [];
107 }; 122 description = ''
108 watchPaths = mkOption { 123 Paths to watch that should trigger a reload of httpd
109 type = listOf string; 124 '';
110 default = []; 125 };
111 description = ''
112 Paths to watch that should trigger a reload of httpd
113 '';
114 }; 126 };
115 }; 127 });
116 }); 128 };
117 }; 129 };
118 130
119 config.services.httpd = let 131 config.services.httpd = let
@@ -226,7 +238,10 @@ in
226 ) groupedCerts; 238 ) groupedCerts;
227 239
228 config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) '' 240 config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) ''
229 mkdir -p $out/webapps 241 mkdir -p $out/${cfg.webappDirsName}
230 ${builtins.concatStringsSep "\n" (attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") cfg.webappDirs)} 242 ${builtins.concatStringsSep "\n"
243 (attrsets.mapAttrsToList
244 (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs)
245 }
231 ''; 246 '';
232} 247}
diff --git a/modules/websites/php-application.nix b/modules/websites/php-application.nix
index 7bbae50..765d406 100644
--- a/modules/websites/php-application.nix
+++ b/modules/websites/php-application.nix
@@ -97,14 +97,14 @@ in
97 }; 97 };
98 98
99 config = { 99 config = {
100 services.websites = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair 100 services.websites.env = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair
101 name { 101 name {
102 modules = [ "proxy_fcgi" ]; 102 modules = [ "proxy_fcgi" ];
103 watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs); 103 watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs);
104 } 104 }
105 ) cfgByEnv; 105 ) cfgByEnv;
106 106
107 services.websitesWebappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair 107 services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
108 icfg.webappName icfg.webRoot 108 icfg.webappName icfg.webRoot
109 ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg); 109 ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg);
110 110
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-18 18:41:54 +0000