1 files changed, 6 insertions, 88 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 7189c39..efaa068 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -21,25 +21,13 @@
      ./modules/gitolite.nix
      ./modules/gitweb.nix
      ./modules/databases.nix
-      ./modules/websites/chloe.nix
+      ./modules/websites.nix
-      ./modules/websites/ludivine.nix
-      ./modules/websites/aten.nix
-      ./modules/websites/piedsjaloux.nix
-      ./modules/websites/connexionswing.nix
    ];
    services.myGitolite.enable = true;
    services.myGitweb.enable = true;
    services.myDatabases.enable = true;
-    services.myWebsites.Chloe.production.enable = true;
+    services.myWebsites.production.enable = true;
-    services.myWebsites.Chloe.integration.enable = true;
+    services.myWebsites.integration.enable = true;
-    services.myWebsites.Ludivine.production.enable = true;
-    services.myWebsites.Ludivine.integration.enable = true;
-    services.myWebsites.Aten.production.enable = true;
-    services.myWebsites.Aten.integration.enable = true;
-    services.myWebsites.PiedsJaloux.production.enable = true;
-    services.myWebsites.PiedsJaloux.integration.enable = true;
-    services.myWebsites.Connexionswing.production.enable = true;
-    services.myWebsites.Connexionswing.integration.enable = true;
    nixpkgs.config.packageOverrides = oldpkgs: rec {
      goaccess = oldpkgs.goaccess.overrideAttrs(old: rec {
@@ -153,10 +141,6 @@
        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss
        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
        '';
-      redis = ''
-        mkdir -p /run/redis
-        chown redis /run/redis
-        '';
      # FIXME: initial sync
      goaccess = ''
        mkdir -p /var/lib/goaccess
@@ -205,62 +189,7 @@
        logFormat = "combinedVhost";
        listen = [ { ip = "*"; port = 443; } ];
      };
-      apacheConfig = {
+      apacheConfig = config.services.myWebsites.apacheConfig;
-        gzip = {
-          modules = [ "deflate" "filter" ];
-          extraConfig = ''
-            AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
-          '';
-        };
-        ldap = {
-          modules = [ "ldap" "authnz_ldap" ];
-          extraConfig = assert checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
-            <IfModule ldap_module>
-              LDAPSharedCacheSize 500000
-              LDAPCacheEntries 1024
-              LDAPCacheTTL 600
-              LDAPOpCacheEntries 1024
-              LDAPOpCacheTTL 600
-            </IfModule>
-            <Macro LDAPConnect>
-              <IfModule authnz_ldap_module>
-                AuthLDAPURL          ldap://ldap.immae.eu:389/dc=immae,dc=eu
-                AuthLDAPBindDN       cn=httpd,ou=services,dc=immae,dc=eu
-                AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
-                AuthType             Basic
-                AuthName             "Authentification requise (Acces LDAP)"
-                AuthBasicProvider    ldap
-              </IfModule>
-            </Macro>
-            <Macro Stats %{domain}>
-              Alias /awstats /var/lib/goaccess/%{domain}
-              <Directory /var/lib/goaccess/%{domain}>
-                DirectoryIndex index.html
-                AllowOverride None
-                Require all granted
-              </Directory>
-              <Location /awstats>
-                Use LDAPConnect
-                Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
-              </Location>
-            </Macro>
-          '';
-        };
-        http2 = {
-          modules = [ "http2" ];
-          extraConfig = ''
-            Protocols h2 http/1.1
-          '';
-        };
-        customLog = {
-          modules = [];
-          extraConfig = ''
-            LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedVhost
-          '';
-        };
-      };
    in rec {
      enable = true;
      logPerVirtualHost = true;
@@ -270,25 +199,14 @@
      extraModules = pkgs.lib.lists.unique (
        mypkgs.adminer.apache.modules ++
        mypkgs.nextcloud.apache.modules ++
-        mypkgs.connexionswing_dev.apache.modules ++
-        mypkgs.connexionswing_prod.apache.modules ++
-        mypkgs.ludivinecassal_dev.apache.modules ++
-        mypkgs.ludivinecassal_prod.apache.modules ++
-        mypkgs.piedsjaloux_dev.apache.modules ++
-        mypkgs.piedsjaloux_prod.apache.modules ++
-        mypkgs.chloe_dev.apache.modules ++
-        mypkgs.chloe_prod.apache.modules ++
-        mypkgs.aten_dev.apache.modules ++
-        mypkgs.aten_prod.apache.modules ++
        mypkgs.ympd.apache.modules ++
        mypkgs.git.web.apache.modules ++
        mypkgs.mantisbt.apache.modules ++
        mypkgs.ttrss.apache.modules ++
        mypkgs.roundcubemail.apache.modules ++
-        pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
+        pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) apacheConfig));
-        [ "macro" ]);
      extraConfig = builtins.concatStringsSep "\n"
-        (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig) apacheConfig);
+        (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) apacheConfig));
      virtualHosts = [
        (withConf "eldiron" // {
          hostName = "eldiron.immae.eu";

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index 7189c39..efaa068 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix
@@ -21,25 +21,13 @@
21	./modules/gitolite.nix	21	./modules/gitolite.nix
22	./modules/gitweb.nix	22	./modules/gitweb.nix
23	./modules/databases.nix	23	./modules/databases.nix
24	./modules/websites/chloe.nix	24	./modules/websites.nix
25	./modules/websites/ludivine.nix
26	./modules/websites/aten.nix
27	./modules/websites/piedsjaloux.nix
28	./modules/websites/connexionswing.nix
29	];	25	];
30	services.myGitolite.enable = true;	26	services.myGitolite.enable = true;
31	services.myGitweb.enable = true;	27	services.myGitweb.enable = true;
32	services.myDatabases.enable = true;	28	services.myDatabases.enable = true;
33	services.myWebsites.Chloe.production.enable = true;	29	services.myWebsites.production.enable = true;
34	services.myWebsites.Chloe.integration.enable = true;	30	services.myWebsites.integration.enable = true;
35	services.myWebsites.Ludivine.production.enable = true;
36	services.myWebsites.Ludivine.integration.enable = true;
37	services.myWebsites.Aten.production.enable = true;
38	services.myWebsites.Aten.integration.enable = true;
39	services.myWebsites.PiedsJaloux.production.enable = true;
40	services.myWebsites.PiedsJaloux.integration.enable = true;
41	services.myWebsites.Connexionswing.production.enable = true;
42	services.myWebsites.Connexionswing.integration.enable = true;
43		31
44	nixpkgs.config.packageOverrides = oldpkgs: rec {	32	nixpkgs.config.packageOverrides = oldpkgs: rec {
45	goaccess = oldpkgs.goaccess.overrideAttrs(old: rec {	33	goaccess = oldpkgs.goaccess.overrideAttrs(old: rec {
@@ -153,10 +141,6 @@
153	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss	141	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss
154	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical	142	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
155	'';	143	'';
156	redis = ''
157	mkdir -p /run/redis
158	chown redis /run/redis
159	'';
160	# FIXME: initial sync	144	# FIXME: initial sync
161	goaccess = ''	145	goaccess = ''
162	mkdir -p /var/lib/goaccess	146	mkdir -p /var/lib/goaccess
@@ -205,62 +189,7 @@
205	logFormat = "combinedVhost";	189	logFormat = "combinedVhost";
206	listen = [ { ip = "*"; port = 443; } ];	190	listen = [ { ip = "*"; port = 443; } ];
207	};	191	};
208	apacheConfig = {	192	apacheConfig = config.services.myWebsites.apacheConfig;
209	gzip = {
210	modules = [ "deflate" "filter" ];
211	extraConfig = ''
212	AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
213	'';
214	};
215	ldap = {
216	modules = [ "ldap" "authnz_ldap" ];
217	extraConfig = assert checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
218	<IfModule ldap_module>
219	LDAPSharedCacheSize 500000
220	LDAPCacheEntries 1024
221	LDAPCacheTTL 600
222	LDAPOpCacheEntries 1024
223	LDAPOpCacheTTL 600
224	</IfModule>
225
226	<Macro LDAPConnect>
227	<IfModule authnz_ldap_module>
228	AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu
229	AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
230	AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
231	AuthType Basic
232	AuthName "Authentification requise (Acces LDAP)"
233	AuthBasicProvider ldap
234	</IfModule>
235	</Macro>
236
237	<Macro Stats %{domain}>
238	Alias /awstats /var/lib/goaccess/%{domain}
239	<Directory /var/lib/goaccess/%{domain}>
240	DirectoryIndex index.html
241	AllowOverride None
242	Require all granted
243	</Directory>
244	<Location /awstats>
245	Use LDAPConnect
246	Require ldap-group cn=%{domain},ou=stats,cn=httpd,ou=services,dc=immae,dc=eu
247	</Location>
248	</Macro>
249	'';
250	};
251	http2 = {
252	modules = [ "http2" ];
253	extraConfig = ''
254	Protocols h2 http/1.1
255	'';
256	};
257	customLog = {
258	modules = [];
259	extraConfig = ''
260	LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedVhost
261	'';
262	};
263	};
264	in rec {	193	in rec {
265	enable = true;	194	enable = true;
266	logPerVirtualHost = true;	195	logPerVirtualHost = true;
@@ -270,25 +199,14 @@
270	extraModules = pkgs.lib.lists.unique (	199	extraModules = pkgs.lib.lists.unique (
271	mypkgs.adminer.apache.modules ++	200	mypkgs.adminer.apache.modules ++
272	mypkgs.nextcloud.apache.modules ++	201	mypkgs.nextcloud.apache.modules ++
273	mypkgs.connexionswing_dev.apache.modules ++
274	mypkgs.connexionswing_prod.apache.modules ++
275	mypkgs.ludivinecassal_dev.apache.modules ++
276	mypkgs.ludivinecassal_prod.apache.modules ++
277	mypkgs.piedsjaloux_dev.apache.modules ++
278	mypkgs.piedsjaloux_prod.apache.modules ++
279	mypkgs.chloe_dev.apache.modules ++
280	mypkgs.chloe_prod.apache.modules ++
281	mypkgs.aten_dev.apache.modules ++
282	mypkgs.aten_prod.apache.modules ++
283	mypkgs.ympd.apache.modules ++	202	mypkgs.ympd.apache.modules ++
284	mypkgs.git.web.apache.modules ++	203	mypkgs.git.web.apache.modules ++
285	mypkgs.mantisbt.apache.modules ++	204	mypkgs.mantisbt.apache.modules ++
286	mypkgs.ttrss.apache.modules ++	205	mypkgs.ttrss.apache.modules ++
287	mypkgs.roundcubemail.apache.modules ++	206	mypkgs.roundcubemail.apache.modules ++
288	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++	207	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) apacheConfig));
289	[ "macro" ]);
290	extraConfig = builtins.concatStringsSep "\n"	208	extraConfig = builtins.concatStringsSep "\n"
291	(pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig) apacheConfig);	209	(builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) apacheConfig));
292	virtualHosts = [	210	virtualHosts = [
293	(withConf "eldiron" // {	211	(withConf "eldiron" // {
294	hostName = "eldiron.immae.eu";	212	hostName = "eldiron.immae.eu";