diff options
Diffstat (limited to 'virtual/eldiron.nix')
| -rw-r--r-- | virtual/eldiron.nix | 57 |
1 files changed, 17 insertions, 40 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index efaa068..a1e6909 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix | |||
| @@ -4,7 +4,7 @@ | |||
| 4 | enableRollback = true; | 4 | enableRollback = true; |
| 5 | }; | 5 | }; |
| 6 | 6 | ||
| 7 | eldiron = { config, pkgs, mylibs, ... }: | 7 | eldiron = { config, pkgs, mylibs, myconfig, ... }: |
| 8 | with mylibs; | 8 | with mylibs; |
| 9 | let | 9 | let |
| 10 | mypkgs = pkgs.callPackage ./packages.nix { | 10 | mypkgs = pkgs.callPackage ./packages.nix { |
| @@ -14,6 +14,13 @@ | |||
| 14 | { | 14 | { |
| 15 | _module.args = { | 15 | _module.args = { |
| 16 | mylibs = import ../libs.nix; | 16 | mylibs = import ../libs.nix; |
| 17 | myconfig = { | ||
| 18 | ips = { | ||
| 19 | main = "176.9.151.89"; | ||
| 20 | production = "176.9.151.154"; | ||
| 21 | integration = "176.9.151.155"; | ||
| 22 | }; | ||
| 23 | }; | ||
| 17 | }; | 24 | }; |
| 18 | 25 | ||
| 19 | imports = [ | 26 | imports = [ |
| @@ -47,6 +54,11 @@ | |||
| 47 | enable = true; | 54 | enable = true; |
| 48 | allowedTCPPorts = [ 22 80 443 9418 ]; | 55 | allowedTCPPorts = [ 22 80 443 9418 ]; |
| 49 | }; | 56 | }; |
| 57 | interfaces."eth0".ipv4.addresses = [ | ||
| 58 | # 176.9.151.89 declared in nixops -> infra / tools | ||
| 59 | { address = myconfig.ips.production; prefixLength = 32; } | ||
| 60 | { address = myconfig.ips.integration; prefixLength = 32; } | ||
| 61 | ]; | ||
| 50 | }; | 62 | }; |
| 51 | 63 | ||
| 52 | deployment = { | 64 | deployment = { |
| @@ -54,7 +66,7 @@ | |||
| 54 | hetzner = { | 66 | hetzner = { |
| 55 | #robotUser = "defined in HETZNER_ROBOT_USER"; | 67 | #robotUser = "defined in HETZNER_ROBOT_USER"; |
| 56 | #robotPass = "defined in HETZNER_ROBOT_PASS"; | 68 | #robotPass = "defined in HETZNER_ROBOT_PASS"; |
| 57 | mainIPv4 = "176.9.151.89"; | 69 | mainIPv4 = myconfig.ips.main; |
| 58 | partitions = '' | 70 | partitions = '' |
| 59 | clearpart --all --initlabel --drives=sda,sdb | 71 | clearpart --all --initlabel --drives=sda,sdb |
| 60 | 72 | ||
| @@ -138,7 +150,6 @@ | |||
| 138 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions | 150 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions |
| 139 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer | 151 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer |
| 140 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt | 152 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt |
| 141 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss | ||
| 142 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical | 153 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical |
| 143 | ''; | 154 | ''; |
| 144 | # FIXME: initial sync | 155 | # FIXME: initial sync |
| @@ -187,7 +198,9 @@ | |||
| 187 | sslServerKey = "/var/lib/acme/${domain}/key.pem"; | 198 | sslServerKey = "/var/lib/acme/${domain}/key.pem"; |
| 188 | sslServerChain = "/var/lib/acme/${domain}/fullchain.pem"; | 199 | sslServerChain = "/var/lib/acme/${domain}/fullchain.pem"; |
| 189 | logFormat = "combinedVhost"; | 200 | logFormat = "combinedVhost"; |
| 190 | listen = [ { ip = "*"; port = 443; } ]; | 201 | listen = [ |
| 202 | { ip = "176.9.151.89"; port = 443; } | ||
| 203 | ]; | ||
| 191 | }; | 204 | }; |
| 192 | apacheConfig = config.services.myWebsites.apacheConfig; | 205 | apacheConfig = config.services.myWebsites.apacheConfig; |
| 193 | in rec { | 206 | in rec { |
| @@ -240,14 +253,6 @@ | |||
| 240 | mypkgs.davical.apache.vhostConf | 253 | mypkgs.davical.apache.vhostConf |
| 241 | ]; | 254 | ]; |
| 242 | }) | 255 | }) |
| 243 | (withConf "eldiron" // { | ||
| 244 | hostName = "connexionswing.immae.eu"; | ||
| 245 | serverAliases = [ "sandetludo.immae.eu" ]; | ||
| 246 | documentRoot = mypkgs.connexionswing_dev.webRoot; | ||
| 247 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 248 | mypkgs.connexionswing_dev.apache.vhostConf | ||
| 249 | ]; | ||
| 250 | }) | ||
| 251 | (withConf "connexionswing" // { | 256 | (withConf "connexionswing" // { |
| 252 | hostName = "connexionswing.com"; | 257 | hostName = "connexionswing.com"; |
| 253 | serverAliases = [ "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; | 258 | serverAliases = [ "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; |
| @@ -256,13 +261,6 @@ | |||
| 256 | mypkgs.connexionswing_prod.apache.vhostConf | 261 | mypkgs.connexionswing_prod.apache.vhostConf |
| 257 | ]; | 262 | ]; |
| 258 | }) | 263 | }) |
| 259 | (withConf "eldiron" // { | ||
| 260 | hostName = "ludivine.immae.eu"; | ||
| 261 | documentRoot = mypkgs.ludivinecassal_dev.webRoot; | ||
| 262 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 263 | mypkgs.ludivinecassal_dev.apache.vhostConf | ||
| 264 | ]; | ||
| 265 | }) | ||
| 266 | (withConf "ludivinecassal" // { | 264 | (withConf "ludivinecassal" // { |
| 267 | hostName = "ludivinecassal.com"; | 265 | hostName = "ludivinecassal.com"; |
| 268 | serverAliases = [ "www.ludivinecassal.com" ]; | 266 | serverAliases = [ "www.ludivinecassal.com" ]; |
| @@ -271,13 +269,6 @@ | |||
| 271 | mypkgs.ludivinecassal_prod.apache.vhostConf | 269 | mypkgs.ludivinecassal_prod.apache.vhostConf |
| 272 | ]; | 270 | ]; |
| 273 | }) | 271 | }) |
| 274 | (withConf "eldiron" // { | ||
| 275 | hostName = "piedsjaloux.immae.eu"; | ||
| 276 | documentRoot = mypkgs.piedsjaloux_dev.webRoot; | ||
| 277 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 278 | mypkgs.piedsjaloux_dev.apache.vhostConf | ||
| 279 | ]; | ||
| 280 | }) | ||
| 281 | (withConf "piedsjaloux" // { | 272 | (withConf "piedsjaloux" // { |
| 282 | hostName = "piedsjaloux.fr"; | 273 | hostName = "piedsjaloux.fr"; |
| 283 | serverAliases = [ "www.piedsjaloux.fr" ]; | 274 | serverAliases = [ "www.piedsjaloux.fr" ]; |
| @@ -286,13 +277,6 @@ | |||
| 286 | mypkgs.piedsjaloux_prod.apache.vhostConf | 277 | mypkgs.piedsjaloux_prod.apache.vhostConf |
| 287 | ]; | 278 | ]; |
| 288 | }) | 279 | }) |
| 289 | (withConf "eldiron" // { | ||
| 290 | hostName = "chloe.immae.eu"; | ||
| 291 | documentRoot = mypkgs.chloe_dev.webRoot; | ||
| 292 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 293 | mypkgs.chloe_dev.apache.vhostConf | ||
| 294 | ]; | ||
| 295 | }) | ||
| 296 | (withConf "chloe" // { | 280 | (withConf "chloe" // { |
| 297 | hostName = "osteopathe-cc.fr"; | 281 | hostName = "osteopathe-cc.fr"; |
| 298 | serverAliases = [ "www.osteopathe-cc.fr" ]; | 282 | serverAliases = [ "www.osteopathe-cc.fr" ]; |
| @@ -301,13 +285,6 @@ | |||
| 301 | mypkgs.chloe_prod.apache.vhostConf | 285 | mypkgs.chloe_prod.apache.vhostConf |
| 302 | ]; | 286 | ]; |
| 303 | }) | 287 | }) |
| 304 | (withConf "eldiron" // { | ||
| 305 | hostName = "dev.aten.pro"; | ||
| 306 | documentRoot = mypkgs.aten_dev.webRoot; | ||
| 307 | extraConfig = builtins.concatStringsSep "\n" [ | ||
| 308 | mypkgs.aten_dev.apache.vhostConf | ||
| 309 | ]; | ||
| 310 | }) | ||
| 311 | (withConf "aten" // { | 288 | (withConf "aten" // { |
| 312 | hostName = "aten.pro"; | 289 | hostName = "aten.pro"; |
| 313 | serverAliases = [ "www.aten.pro" ]; | 290 | serverAliases = [ "www.aten.pro" ]; |