diff options
Diffstat (limited to 'virtual/eldiron.nix')
-rw-r--r-- | virtual/eldiron.nix | 57 |
1 files changed, 17 insertions, 40 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index efaa068..a1e6909 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix | |||
@@ -4,7 +4,7 @@ | |||
4 | enableRollback = true; | 4 | enableRollback = true; |
5 | }; | 5 | }; |
6 | 6 | ||
7 | eldiron = { config, pkgs, mylibs, ... }: | 7 | eldiron = { config, pkgs, mylibs, myconfig, ... }: |
8 | with mylibs; | 8 | with mylibs; |
9 | let | 9 | let |
10 | mypkgs = pkgs.callPackage ./packages.nix { | 10 | mypkgs = pkgs.callPackage ./packages.nix { |
@@ -14,6 +14,13 @@ | |||
14 | { | 14 | { |
15 | _module.args = { | 15 | _module.args = { |
16 | mylibs = import ../libs.nix; | 16 | mylibs = import ../libs.nix; |
17 | myconfig = { | ||
18 | ips = { | ||
19 | main = "176.9.151.89"; | ||
20 | production = "176.9.151.154"; | ||
21 | integration = "176.9.151.155"; | ||
22 | }; | ||
23 | }; | ||
17 | }; | 24 | }; |
18 | 25 | ||
19 | imports = [ | 26 | imports = [ |
@@ -47,6 +54,11 @@ | |||
47 | enable = true; | 54 | enable = true; |
48 | allowedTCPPorts = [ 22 80 443 9418 ]; | 55 | allowedTCPPorts = [ 22 80 443 9418 ]; |
49 | }; | 56 | }; |
57 | interfaces."eth0".ipv4.addresses = [ | ||
58 | # 176.9.151.89 declared in nixops -> infra / tools | ||
59 | { address = myconfig.ips.production; prefixLength = 32; } | ||
60 | { address = myconfig.ips.integration; prefixLength = 32; } | ||
61 | ]; | ||
50 | }; | 62 | }; |
51 | 63 | ||
52 | deployment = { | 64 | deployment = { |
@@ -54,7 +66,7 @@ | |||
54 | hetzner = { | 66 | hetzner = { |
55 | #robotUser = "defined in HETZNER_ROBOT_USER"; | 67 | #robotUser = "defined in HETZNER_ROBOT_USER"; |
56 | #robotPass = "defined in HETZNER_ROBOT_PASS"; | 68 | #robotPass = "defined in HETZNER_ROBOT_PASS"; |
57 | mainIPv4 = "176.9.151.89"; | 69 | mainIPv4 = myconfig.ips.main; |
58 | partitions = '' | 70 | partitions = '' |
59 | clearpart --all --initlabel --drives=sda,sdb | 71 | clearpart --all --initlabel --drives=sda,sdb |
60 | 72 | ||
@@ -138,7 +150,6 @@ | |||
138 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions | 150 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions |
139 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer | 151 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer |
140 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt | 152 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt |
141 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss | ||
142 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical | 153 | install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical |
143 | ''; | 154 | ''; |
144 | # FIXME: initial sync | 155 | # FIXME: initial sync |
@@ -187,7 +198,9 @@ | |||
187 | sslServerKey = "/var/lib/acme/${domain}/key.pem"; | 198 | sslServerKey = "/var/lib/acme/${domain}/key.pem"; |
188 | sslServerChain = "/var/lib/acme/${domain}/fullchain.pem"; | 199 | sslServerChain = "/var/lib/acme/${domain}/fullchain.pem"; |
189 | logFormat = "combinedVhost"; | 200 | logFormat = "combinedVhost"; |
190 | listen = [ { ip = "*"; port = 443; } ]; | 201 | listen = [ |
202 | { ip = "176.9.151.89"; port = 443; } | ||
203 | ]; | ||
191 | }; | 204 | }; |
192 | apacheConfig = config.services.myWebsites.apacheConfig; | 205 | apacheConfig = config.services.myWebsites.apacheConfig; |
193 | in rec { | 206 | in rec { |
@@ -240,14 +253,6 @@ | |||
240 | mypkgs.davical.apache.vhostConf | 253 | mypkgs.davical.apache.vhostConf |
241 | ]; | 254 | ]; |
242 | }) | 255 | }) |
243 | (withConf "eldiron" // { | ||
244 | hostName = "connexionswing.immae.eu"; | ||
245 | serverAliases = [ "sandetludo.immae.eu" ]; | ||
246 | documentRoot = mypkgs.connexionswing_dev.webRoot; | ||
247 | extraConfig = builtins.concatStringsSep "\n" [ | ||
248 | mypkgs.connexionswing_dev.apache.vhostConf | ||
249 | ]; | ||
250 | }) | ||
251 | (withConf "connexionswing" // { | 256 | (withConf "connexionswing" // { |
252 | hostName = "connexionswing.com"; | 257 | hostName = "connexionswing.com"; |
253 | serverAliases = [ "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; | 258 | serverAliases = [ "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; |
@@ -256,13 +261,6 @@ | |||
256 | mypkgs.connexionswing_prod.apache.vhostConf | 261 | mypkgs.connexionswing_prod.apache.vhostConf |
257 | ]; | 262 | ]; |
258 | }) | 263 | }) |
259 | (withConf "eldiron" // { | ||
260 | hostName = "ludivine.immae.eu"; | ||
261 | documentRoot = mypkgs.ludivinecassal_dev.webRoot; | ||
262 | extraConfig = builtins.concatStringsSep "\n" [ | ||
263 | mypkgs.ludivinecassal_dev.apache.vhostConf | ||
264 | ]; | ||
265 | }) | ||
266 | (withConf "ludivinecassal" // { | 264 | (withConf "ludivinecassal" // { |
267 | hostName = "ludivinecassal.com"; | 265 | hostName = "ludivinecassal.com"; |
268 | serverAliases = [ "www.ludivinecassal.com" ]; | 266 | serverAliases = [ "www.ludivinecassal.com" ]; |
@@ -271,13 +269,6 @@ | |||
271 | mypkgs.ludivinecassal_prod.apache.vhostConf | 269 | mypkgs.ludivinecassal_prod.apache.vhostConf |
272 | ]; | 270 | ]; |
273 | }) | 271 | }) |
274 | (withConf "eldiron" // { | ||
275 | hostName = "piedsjaloux.immae.eu"; | ||
276 | documentRoot = mypkgs.piedsjaloux_dev.webRoot; | ||
277 | extraConfig = builtins.concatStringsSep "\n" [ | ||
278 | mypkgs.piedsjaloux_dev.apache.vhostConf | ||
279 | ]; | ||
280 | }) | ||
281 | (withConf "piedsjaloux" // { | 272 | (withConf "piedsjaloux" // { |
282 | hostName = "piedsjaloux.fr"; | 273 | hostName = "piedsjaloux.fr"; |
283 | serverAliases = [ "www.piedsjaloux.fr" ]; | 274 | serverAliases = [ "www.piedsjaloux.fr" ]; |
@@ -286,13 +277,6 @@ | |||
286 | mypkgs.piedsjaloux_prod.apache.vhostConf | 277 | mypkgs.piedsjaloux_prod.apache.vhostConf |
287 | ]; | 278 | ]; |
288 | }) | 279 | }) |
289 | (withConf "eldiron" // { | ||
290 | hostName = "chloe.immae.eu"; | ||
291 | documentRoot = mypkgs.chloe_dev.webRoot; | ||
292 | extraConfig = builtins.concatStringsSep "\n" [ | ||
293 | mypkgs.chloe_dev.apache.vhostConf | ||
294 | ]; | ||
295 | }) | ||
296 | (withConf "chloe" // { | 280 | (withConf "chloe" // { |
297 | hostName = "osteopathe-cc.fr"; | 281 | hostName = "osteopathe-cc.fr"; |
298 | serverAliases = [ "www.osteopathe-cc.fr" ]; | 282 | serverAliases = [ "www.osteopathe-cc.fr" ]; |
@@ -301,13 +285,6 @@ | |||
301 | mypkgs.chloe_prod.apache.vhostConf | 285 | mypkgs.chloe_prod.apache.vhostConf |
302 | ]; | 286 | ]; |
303 | }) | 287 | }) |
304 | (withConf "eldiron" // { | ||
305 | hostName = "dev.aten.pro"; | ||
306 | documentRoot = mypkgs.aten_dev.webRoot; | ||
307 | extraConfig = builtins.concatStringsSep "\n" [ | ||
308 | mypkgs.aten_dev.apache.vhostConf | ||
309 | ]; | ||
310 | }) | ||
311 | (withConf "aten" // { | 288 | (withConf "aten" // { |
312 | hostName = "aten.pro"; | 289 | hostName = "aten.pro"; |
313 | serverAliases = [ "www.aten.pro" ]; | 290 | serverAliases = [ "www.aten.pro" ]; |