From 2e573da3e091144d7d6f8c72021a8602fb71d61f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 6 Aug 2021 01:38:35 +0200 Subject: Site de Bingo de Denise --- modules/private/websites/denise/bingo.nix | 100 ++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 modules/private/websites/denise/bingo.nix (limited to 'modules/private/websites/denise') diff --git a/modules/private/websites/denise/bingo.nix b/modules/private/websites/denise/bingo.nix new file mode 100644 index 0000000..9130462 --- /dev/null +++ b/modules/private/websites/denise/bingo.nix @@ -0,0 +1,100 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.myServices.websites.denise.bingo; + varDir = "/var/lib/buildbot/outputs/denise/bingo"; + varDirBeta = "/var/lib/buildbot/outputs/denise/bingo_beta"; + socket = "/run/denise_bingo/socket.sock"; + socket_beta = "/run/denise_bingo_beta/socket.sock"; +in { + options.myServices.websites.denise.bingo.enable = lib.mkEnableOption "enable Denise's bingo website"; + + config = lib.mkIf cfg.enable { + services.websites.env.production.vhostConfs.denise_bingo = { + certName = "denise"; + addToCerts = true; + hosts = [ "bingo.syanni.eu" ]; + root = null; + extraConfig = [ + '' + ProxyPreserveHost on + ProxyVia On + ProxyRequests Off + ProxyPassMatch ^/.well-known/acme-challenge ! + ProxyPass / unix://${socket}|http://bingo.syanni.eu/ + ProxyPassReverse / unix://${socket}|http://bingo.syanni.eu/ + '' + ]; + }; + + systemd.services.denise-bingo = { + description = "Denise bingo website"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + WorkingDirectory = varDir; + ExecStart = let + python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]); + in + "${python}/bin/gunicorn -w4 -p /run/denise_bingo/gunicorn.pid --bind unix:${socket} app:app"; + User = "wwwrun"; + Restart = "always"; + RestartSec = "5s"; + PIDFile = "/run/denise_bingo/gunicorn.pid"; + RuntimeDirectory = "denise_bingo"; + StandardOutput = "journal"; + StandardError = "inherit"; + }; + }; + + security.sudo.extraRules = [ + { + commands = [ + { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo-beta.service"; } + { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo.service"; } + ]; + users = ["buildbot"]; + runAs = "root"; + } + ]; + services.websites.env.integration.vhostConfs.denise_bingo_beta = { + certName = "denise"; + addToCerts = true; + hosts = [ "beta.bingo.syanni.eu" ]; + root = null; + extraConfig = [ + '' + ProxyPreserveHost on + ProxyVia On + ProxyRequests Off + ProxyPassMatch ^/.well-known/acme-challenge ! + ProxyPass / unix://${socket_beta}|http://beta.bingo.syanni.eu/ + ProxyPassReverse / unix://${socket_beta}|http://beta.bingo.syanni.eu/ + '' + ]; + }; + + systemd.services.denise-bingo-beta = { + description = "Denise bingo beta website"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + WorkingDirectory = varDirBeta; + ExecStart = let + python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask ]); + in + "${python}/bin/gunicorn -w4 -p /run/denise_bingo_beta/gunicorn.pid --bind unix:${socket_beta} app:app"; + User = "wwwrun"; + Restart = "always"; + RestartSec = "5s"; + PIDFile = "/run/denise_bingo_beta/gunicorn.pid"; + RuntimeDirectory = "denise_bingo_beta"; + StandardOutput = "journal"; + StandardError = "inherit"; + }; + }; + }; +} -- cgit v1.2.3