5 files changed, 18 insertions, 114 deletions
diff --git a/modules/default.nix b/modules/default.nix
index abf4547..1b09c94 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -11,7 +11,7 @@ in
  etherpad-lite = ./webapps/etherpad-lite.nix;
  mastodon = ./webapps/mastodon.nix;
  mediagoblin = ./webapps/mediagoblin.nix;
-  peertube = ./webapps/peertube.nix;
+  peertube = (flakeCompat ../flakes/peertube).nixosModule;
  fiche = ./webapps/fiche.nix;
  opendmarc = (flakeCompat ../flakes/opendmarc).nixosModule;
diff --git a/modules/private/databases/openldap/immae.schema b/modules/private/databases/openldap/immae.schema
index f5ee5d5..d2ef972 100644
--- a/modules/private/databases/openldap/immae.schema
+++ b/modules/private/databases/openldap/immae.schema
@@ -161,7 +161,19 @@ objectclass ( ImmaeobjectClass:9 NAME 'immaeTaskClass'
        MUST ( immaeTaskId )
        )
-# Last:
+# Peertube uid
-# attributetype (ImmaeattributeType:19 NAME 'immaeTaskId'
+attributetype ( ImmaeattributeType:20 NAME 'immaePeertubeId'
-# objectclass ( ImmaeobjectClass:9 NAME 'immaeTaskClass'
+        DESC 'login for Peertube'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
+objectclass ( ImmaeobjectClass:10 NAME 'immaePeertubeClass'
+        DESC 'Expansion of the existing object classes for peertube'
+        SUP top AUXILIARY
+        MUST ( immaePeertubeId ) )
+# Last:
+# attributetype ( ImmaeattributeType:20 NAME 'immaePeertubeId'
+# objectclass ( ImmaeobjectClass:10 NAME 'immaePeertubeClass'
diff --git a/modules/private/websites/syden/peertube.nix b/modules/private/websites/syden/peertube.nix
index 5732928..aa465d7 100644
--- a/modules/private/websites/syden/peertube.nix
+++ b/modules/private/websites/syden/peertube.nix
@@ -3,7 +3,7 @@ let
  scfg = config.myServices.websites.syden.peertube;
  name = "peertube";
  dataDir = "/var/lib/syden_peertube";
-  package = (pkgs.mylibs.flakeCompat ../../../../flakes/private/peertube).default;
+  package = (pkgs.mylibs.flakeCompat ../../../../flakes/private/peertube).packages.x86_64-linux.peertube_syden;
  env = config.myEnv.tools.syden_peertube;
 in
 {
diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix
index 3345453..9c5ef5a 100644
--- a/modules/private/websites/tools/peertube/default.nix
+++ b/modules/private/websites/tools/peertube/default.nix
@@ -15,7 +15,6 @@ in {
    services.peertube = {
      enable = true;
      configFile = "/var/secrets/webapps/tools-peertube";
-      package = pkgs.webapps.peertube.override { ldap = true; sendmail = true; light = "fr-FR"; };
    };
    users.users.peertube.extraGroups = [ "keys" ];
@@ -73,6 +72,7 @@ in {
          captions: '${pcfg.dataDir}/storage/captions/'
          cache: '${pcfg.dataDir}/storage/cache/'
          plugins: '${pcfg.dataDir}/storage/plugins/'
+          client_overrides: '${pcfg.dataDir}/storage/client-overrides/'
        '';
    }];
diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix
deleted file mode 100644
index 1d76e9b..0000000
--- a/modules/webapps/peertube.nix
+++ /dev/null
@@ -1,108 +0,0 @@
-{ lib, pkgs, config, ... }:
-let
-  name = "peertube";
-  cfg = config.services.peertube;
-  uid = config.ids.uids.peertube;
-  gid = config.ids.gids.peertube;
-in
-{
-  options.services.peertube = {
-    enable = lib.mkEnableOption "Enable Peertube’s service";
-    user = lib.mkOption {
-      type = lib.types.str;
-      default = name;
-      description = "User account under which Peertube runs";
-    };
-    group = lib.mkOption {
-      type = lib.types.str;
-      default = name;
-      description = "Group under which Peertube runs";
-    };
-    dataDir = lib.mkOption {
-      type = lib.types.path;
-      default = "/var/lib/${name}";
-      description = ''
-        The directory where Peertube stores its data.
-      '';
-    };
-    configFile = lib.mkOption {
-      type = lib.types.path;
-      description = ''
-        The configuration file path for Peertube.
-        '';
-    };
-    package = lib.mkOption {
-      type = lib.types.package;
-      default = pkgs.webapps.peertube;
-      description = ''
-        Peertube package to use.
-        '';
-    };
-    # Output variables
-    systemdStateDirectory = lib.mkOption {
-      type = lib.types.str;
-      # Use ReadWritePaths= instead if varDir is outside of /var/lib
-      default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
-        lib.strings.removePrefix "/var/lib/" cfg.dataDir;
-      description = ''
-      Adjusted Peertube data directory for systemd
-      '';
-      readOnly = true;
-    };
-  };
-  config = lib.mkIf cfg.enable {
-    users.users = lib.optionalAttrs (cfg.user == name) {
-      "${name}" = {
-        inherit uid;
-        group = cfg.group;
-        description = "Peertube user";
-        home = cfg.dataDir;
-        useDefaultShell = true;
-      };
-    };
-    users.groups = lib.optionalAttrs (cfg.group == name) {
-      "${name}" = {
-        inherit gid;
-      };
-    };
-    systemd.services.peertube = {
-      description = "Peertube";
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" "postgresql.service" ];
-      wants = [ "postgresql.service" ];
-      environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
-      environment.NODE_ENV = "production";
-      environment.HOME = cfg.package;
-      path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
-      script = ''
-        install -m 0750 -d ${cfg.dataDir}/config
-        ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
-        ln -sf ${cfg.package}/config/default.yaml ${cfg.dataDir}/config/default.yaml
-        exec npm run start
-      '';
-      serviceConfig = {
-        User = cfg.user;
-        Group = cfg.group;
-        WorkingDirectory = cfg.package;
-        StateDirectory = cfg.systemdStateDirectory;
-        StateDirectoryMode = 0750;
-        PrivateTmp = true;
-        ProtectHome = true;
-        ProtectControlGroups = true;
-        Restart = "always";
-        Type = "simple";
-        TimeoutSec = 60;
-      };
-      unitConfig.RequiresMountsFor = cfg.dataDir;
-    };
-  };
-}

diff --git a/modules/default.nix b/modules/default.nix index abf4547..1b09c94 100644 --- a/modules/default.nix +++ b/modules/default.nix
@@ -11,7 +11,7 @@ in
11	etherpad-lite = ./webapps/etherpad-lite.nix;	11	etherpad-lite = ./webapps/etherpad-lite.nix;
12	mastodon = ./webapps/mastodon.nix;	12	mastodon = ./webapps/mastodon.nix;
13	mediagoblin = ./webapps/mediagoblin.nix;	13	mediagoblin = ./webapps/mediagoblin.nix;
14	peertube = ./webapps/peertube.nix;	14	peertube = (flakeCompat ../flakes/peertube).nixosModule;
15	fiche = ./webapps/fiche.nix;	15	fiche = ./webapps/fiche.nix;
16		16
17	opendmarc = (flakeCompat ../flakes/opendmarc).nixosModule;	17	opendmarc = (flakeCompat ../flakes/opendmarc).nixosModule;


diff --git a/modules/private/databases/openldap/immae.schema b/modules/private/databases/openldap/immae.schema index f5ee5d5..d2ef972 100644 --- a/modules/private/databases/openldap/immae.schema +++ b/modules/private/databases/openldap/immae.schema
@@ -161,7 +161,19 @@ objectclass ( ImmaeobjectClass:9 NAME 'immaeTaskClass'
161	MUST ( immaeTaskId )	161	MUST ( immaeTaskId )
162	)	162	)
163		163
164	# Last:	164	# Peertube uid
165	# attributetype (ImmaeattributeType:19 NAME 'immaeTaskId'	165	attributetype ( ImmaeattributeType:20 NAME 'immaePeertubeId'
166	# objectclass ( ImmaeobjectClass:9 NAME 'immaeTaskClass'	166	DESC 'login for Peertube'
		167	EQUALITY caseIgnoreMatch
		168	SUBSTR caseIgnoreSubstringsMatch
		169	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
167		170
		171	objectclass ( ImmaeobjectClass:10 NAME 'immaePeertubeClass'
		172	DESC 'Expansion of the existing object classes for peertube'
		173	SUP top AUXILIARY
		174	MUST ( immaePeertubeId ) )
		175
		176
		177	# Last:
		178	# attributetype ( ImmaeattributeType:20 NAME 'immaePeertubeId'
		179	# objectclass ( ImmaeobjectClass:10 NAME 'immaePeertubeClass'


diff --git a/modules/private/websites/syden/peertube.nix b/modules/private/websites/syden/peertube.nix index 5732928..aa465d7 100644 --- a/modules/private/websites/syden/peertube.nix +++ b/modules/private/websites/syden/peertube.nix
@@ -3,7 +3,7 @@ let
3	scfg = config.myServices.websites.syden.peertube;	3	scfg = config.myServices.websites.syden.peertube;
4	name = "peertube";	4	name = "peertube";
5	dataDir = "/var/lib/syden_peertube";	5	dataDir = "/var/lib/syden_peertube";
6	package = (pkgs.mylibs.flakeCompat ../../../../flakes/private/peertube).default;	6	package = (pkgs.mylibs.flakeCompat ../../../../flakes/private/peertube).packages.x86_64-linux.peertube_syden;
7	env = config.myEnv.tools.syden_peertube;	7	env = config.myEnv.tools.syden_peertube;
8	in	8	in
9	{	9	{


diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix index 3345453..9c5ef5a 100644 --- a/modules/private/websites/tools/peertube/default.nix +++ b/modules/private/websites/tools/peertube/default.nix
@@ -15,7 +15,6 @@ in {
15	services.peertube = {	15	services.peertube = {
16	enable = true;	16	enable = true;
17	configFile = "/var/secrets/webapps/tools-peertube";	17	configFile = "/var/secrets/webapps/tools-peertube";
18	package = pkgs.webapps.peertube.override { ldap = true; sendmail = true; light = "fr-FR"; };
19	};	18	};
20	users.users.peertube.extraGroups = [ "keys" ];	19	users.users.peertube.extraGroups = [ "keys" ];
21		20
@@ -73,6 +72,7 @@ in {
73	captions: '${pcfg.dataDir}/storage/captions/'	72	captions: '${pcfg.dataDir}/storage/captions/'
74	cache: '${pcfg.dataDir}/storage/cache/'	73	cache: '${pcfg.dataDir}/storage/cache/'
75	plugins: '${pcfg.dataDir}/storage/plugins/'	74	plugins: '${pcfg.dataDir}/storage/plugins/'
		75	client_overrides: '${pcfg.dataDir}/storage/client-overrides/'
76	'';	76	'';
77	}];	77	}];
78		78


diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix deleted file mode 100644 index 1d76e9b..0000000 --- a/modules/webapps/peertube.nix +++ /dev/null
@@ -1,108 +0,0 @@
1	{ lib, pkgs, config, ... }:
2	let
3	name = "peertube";
4	cfg = config.services.peertube;
5
6	uid = config.ids.uids.peertube;
7	gid = config.ids.gids.peertube;
8	in
9	{
10	options.services.peertube = {
11	enable = lib.mkEnableOption "Enable Peertube’s service";
12	user = lib.mkOption {
13	type = lib.types.str;
14	default = name;
15	description = "User account under which Peertube runs";
16	};
17	group = lib.mkOption {
18	type = lib.types.str;
19	default = name;
20	description = "Group under which Peertube runs";
21	};
22	dataDir = lib.mkOption {
23	type = lib.types.path;
24	default = "/var/lib/${name}";
25	description = ''
26	The directory where Peertube stores its data.
27	'';
28	};
29	configFile = lib.mkOption {
30	type = lib.types.path;
31	description = ''
32	The configuration file path for Peertube.
33	'';
34	};
35	package = lib.mkOption {
36	type = lib.types.package;
37	default = pkgs.webapps.peertube;
38	description = ''
39	Peertube package to use.
40	'';
41	};
42	# Output variables
43	systemdStateDirectory = lib.mkOption {
44	type = lib.types.str;
45	# Use ReadWritePaths= instead if varDir is outside of /var/lib
46	default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
47	lib.strings.removePrefix "/var/lib/" cfg.dataDir;
48	description = ''
49	Adjusted Peertube data directory for systemd
50	'';
51	readOnly = true;
52	};
53	};
54
55	config = lib.mkIf cfg.enable {
56	users.users = lib.optionalAttrs (cfg.user == name) {
57	"${name}" = {
58	inherit uid;
59	group = cfg.group;
60	description = "Peertube user";
61	home = cfg.dataDir;
62	useDefaultShell = true;
63	};
64	};
65	users.groups = lib.optionalAttrs (cfg.group == name) {
66	"${name}" = {
67	inherit gid;
68	};
69	};
70
71	systemd.services.peertube = {
72	description = "Peertube";
73	wantedBy = [ "multi-user.target" ];
74	after = [ "network.target" "postgresql.service" ];
75	wants = [ "postgresql.service" ];
76
77	environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
78	environment.NODE_ENV = "production";
79	environment.HOME = cfg.package;
80
81	path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
82
83	script = ''
84	install -m 0750 -d ${cfg.dataDir}/config
85	ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
86	ln -sf ${cfg.package}/config/default.yaml ${cfg.dataDir}/config/default.yaml
87	exec npm run start
88	'';
89
90	serviceConfig = {
91	User = cfg.user;
92	Group = cfg.group;
93	WorkingDirectory = cfg.package;
94	StateDirectory = cfg.systemdStateDirectory;
95	StateDirectoryMode = 0750;
96	PrivateTmp = true;
97	ProtectHome = true;
98	ProtectControlGroups = true;
99	Restart = "always";
100	Type = "simple";
101	TimeoutSec = 60;
102	};
103
104	unitConfig.RequiresMountsFor = cfg.dataDir;
105	};
106	};
107	}
108