1 files changed, 73 insertions, 8 deletions
diff --git a/virtual/modules/websites.nix b/virtual/modules/websites.nix
index 62f45d9..cbd7de0 100644
--- a/virtual/modules/websites.nix
+++ b/virtual/modules/websites.nix
@@ -1,6 +1,61 @@
-{ lib, pkgs, config, mylibs, ... }:
+{ lib, pkgs, config, mylibs, myconfig, ... }:
 let
  cfg = config.services.myWebsites;
+  makeService = name: cfg: let
+    toVhost = vhostConf: {
+      enableSSL = true;
+      sslServerCert = "/var/lib/acme/${vhostConf.certName}/cert.pem";
+      sslServerKey = "/var/lib/acme/${vhostConf.certName}/key.pem";
+      sslServerChain = "/var/lib/acme/${vhostConf.certName}/fullchain.pem";
+      logFormat = "combinedVhost";
+      listen = [
+        { ip = cfg.ip;  port = 443; }
+      ];
+      hostName = builtins.head vhostConf.hosts;
+      serverAliases = builtins.tail vhostConf.hosts or [];
+      documentRoot = vhostConf.root;
+      extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
+    };
+  in rec {
+    enable = true;
+    listen = [
+      { ip = cfg.ip;  port = 443; }
+    ];
+    stateDir = "/run/httpd_${name}";
+    logPerVirtualHost = true;
+    multiProcessingModule = "worker";
+    adminAddr = "httpd@immae.eu";
+    logFormat = "combinedVhost";
+    extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
+    extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
+    virtualHosts = pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs;
+  };
+  makeServiceOptions = name: ip: {
+    enable = lib.mkEnableOption "enable websites in ${name}";
+    ip = lib.mkOption {
+      type = lib.types.string;
+      default = ip;
+      description = "${name} ip to listen to";
+    };
+    modules = lib.mkOption {
+      type = lib.types.listOf (lib.types.str);
+      default = [];
+    };
+    extraConfig = lib.mkOption {
+      type = lib.types.listOf (lib.types.lines);
+      default = [];
+    };
+    vhostConfs = lib.mkOption {
+      type = lib.types.attrsOf (lib.types.submodule {
+        options = {
+          certName = lib.mkOption { type = lib.types.string; };
+          hosts    = lib.mkOption { type = lib.types.listOf lib.types.string; };
+          root     = lib.mkOption { type = lib.types.nullOr lib.types.path; };
+          extraConfig = lib.mkOption { type = lib.types.listOf lib.types.lines; default = []; };
+        };
+      });
+    };
+  };
 in
 {
  imports = [
@@ -9,16 +64,16 @@ in
    ./websites/aten.nix
    ./websites/piedsjaloux.nix
    ./websites/connexionswing.nix
+    # built using:
+    # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
+    # And removed users / groups
+    ./websites/apache/httpd_prod.nix
+    ./websites/apache/httpd_inte.nix
  ];
  options.services.myWebsites = {
-    production = {
+    production = makeServiceOptions "production" myconfig.ips.production;
-      enable = lib.mkEnableOption "enable websites in production";
+    integration = makeServiceOptions "integration" myconfig.ips.integration;
-    };
-    integration = {
-      enable = lib.mkEnableOption "enable websites in integration";
-    };
    apacheConfig = lib.mkOption {
      type = lib.types.attrsOf (lib.types.submodule {
@@ -111,5 +166,15 @@ in
        '';
      };
    };
+    # FIXME: logrotate
+    # FIXME: ipv6
+    services.httpdProd = makeService "production" config.services.myWebsites.production;
+    services.myWebsites.production.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
+    services.myWebsites.production.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
+    services.httpdInte = makeService "integration" config.services.myWebsites.integration;
+    services.myWebsites.integration.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
+    services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
  };
 }

diff --git a/virtual/modules/websites.nix b/virtual/modules/websites.nix index 62f45d9..cbd7de0 100644 --- a/virtual/modules/websites.nix +++ b/virtual/modules/websites.nix
@@ -1,6 +1,61 @@
1	{ lib, pkgs, config, mylibs, ... }:	1	{ lib, pkgs, config, mylibs, myconfig, ... }:
2	let	2	let
3	cfg = config.services.myWebsites;	3	cfg = config.services.myWebsites;
		4	makeService = name: cfg: let
		5	toVhost = vhostConf: {
		6	enableSSL = true;
		7	sslServerCert = "/var/lib/acme/${vhostConf.certName}/cert.pem";
		8	sslServerKey = "/var/lib/acme/${vhostConf.certName}/key.pem";
		9	sslServerChain = "/var/lib/acme/${vhostConf.certName}/fullchain.pem";
		10	logFormat = "combinedVhost";
		11	listen = [
		12	{ ip = cfg.ip; port = 443; }
		13	];
		14	hostName = builtins.head vhostConf.hosts;
		15	serverAliases = builtins.tail vhostConf.hosts or [];
		16	documentRoot = vhostConf.root;
		17	extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
		18	};
		19	in rec {
		20	enable = true;
		21	listen = [
		22	{ ip = cfg.ip; port = 443; }
		23	];
		24	stateDir = "/run/httpd_${name}";
		25	logPerVirtualHost = true;
		26	multiProcessingModule = "worker";
		27	adminAddr = "httpd@immae.eu";
		28	logFormat = "combinedVhost";
		29	extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
		30	extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
		31	virtualHosts = pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs;
		32	};
		33	makeServiceOptions = name: ip: {
		34	enable = lib.mkEnableOption "enable websites in ${name}";
		35	ip = lib.mkOption {
		36	type = lib.types.string;
		37	default = ip;
		38	description = "${name} ip to listen to";
		39	};
		40	modules = lib.mkOption {
		41	type = lib.types.listOf (lib.types.str);
		42	default = [];
		43	};
		44	extraConfig = lib.mkOption {
		45	type = lib.types.listOf (lib.types.lines);
		46	default = [];
		47	};
		48	vhostConfs = lib.mkOption {
		49	type = lib.types.attrsOf (lib.types.submodule {
		50	options = {
		51	certName = lib.mkOption { type = lib.types.string; };
		52	hosts = lib.mkOption { type = lib.types.listOf lib.types.string; };
		53	root = lib.mkOption { type = lib.types.nullOr lib.types.path; };
		54	extraConfig = lib.mkOption { type = lib.types.listOf lib.types.lines; default = []; };
		55	};
		56	});
		57	};
		58	};
4	in	59	in
5	{	60	{
6	imports = [	61	imports = [
@@ -9,16 +64,16 @@ in
9	./websites/aten.nix	64	./websites/aten.nix
10	./websites/piedsjaloux.nix	65	./websites/piedsjaloux.nix
11	./websites/connexionswing.nix	66	./websites/connexionswing.nix
		67	# built using:
		68	# sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
		69	# And removed users / groups
		70	./websites/apache/httpd_prod.nix
		71	./websites/apache/httpd_inte.nix
12	];	72	];
13		73
14	options.services.myWebsites = {	74	options.services.myWebsites = {
15	production = {	75	production = makeServiceOptions "production" myconfig.ips.production;
16	enable = lib.mkEnableOption "enable websites in production";	76	integration = makeServiceOptions "integration" myconfig.ips.integration;
17	};
18
19	integration = {
20	enable = lib.mkEnableOption "enable websites in integration";
21	};
22		77
23	apacheConfig = lib.mkOption {	78	apacheConfig = lib.mkOption {
24	type = lib.types.attrsOf (lib.types.submodule {	79	type = lib.types.attrsOf (lib.types.submodule {
@@ -111,5 +166,15 @@ in
111	'';	166	'';
112	};	167	};
113	};	168	};
		169
		170	# FIXME: logrotate
		171	# FIXME: ipv6
		172	services.httpdProd = makeService "production" config.services.myWebsites.production;
		173	services.myWebsites.production.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
		174	services.myWebsites.production.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
		175
		176	services.httpdInte = makeService "integration" config.services.myWebsites.integration;
		177	services.myWebsites.integration.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
		178	services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
114	};	179	};
115	}	180	}