From a295d69fcfabe64bd17ae05f1948505531ea99a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Mon, 15 Jun 2020 00:39:03 +0200
Subject: Add Denise websites

---
 modules/private/websites/denise/oms.nix        | 49 ++++++++++++++++++++++++++
 modules/private/websites/denise/production.nix | 25 +++++++++++++
 2 files changed, 74 insertions(+)
 create mode 100644 modules/private/websites/denise/oms.nix
 create mode 100644 modules/private/websites/denise/production.nix

(limited to 'modules/private/websites/denise')

diff --git a/modules/private/websites/denise/oms.nix b/modules/private/websites/denise/oms.nix
new file mode 100644
index 0000000..9650468
--- /dev/null
+++ b/modules/private/websites/denise/oms.nix
@@ -0,0 +1,49 @@
+{ lib, config, pkgs, ... }:
+let
+  cfg = config.myServices.websites.denise.oms;
+  varDir = "/var/lib/buildbot/outputs/denise_oms";
+  socket = "/run/denise_oms/socket.sock";
+in {
+  options.myServices.websites.denise.oms.enable = lib.mkEnableOption "enable Denise's OMS website";
+
+  config = lib.mkIf cfg.enable {
+    services.websites.env.production.vhostConfs.denise_oms = {
+      certName     = "denise";
+      addToCerts   = true;
+      hosts        = [ "oms.syanni.eu" ];
+      root         = null;
+      extraConfig  = [
+        ''
+        ProxyPreserveHost on
+        ProxyVia On
+        ProxyRequests Off
+        ProxyPassMatch ^/.well-known/acme-challenge !
+        ProxyPass / unix://${socket}|http://oms.syanni.eu/
+        ProxyPassReverse / unix://${socket}|http://oms.syanni.eu/
+          ''
+      ];
+    };
+
+    systemd.services.denise-oms = {
+      description = "Denise OMS website";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        Type = "simple";
+        WorkingDirectory = varDir;
+        ExecStart = let
+          python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib ]);
+        in
+          "${python}/bin/gunicorn -w4 -p /run/denise_oms/gunicorn.pid --bind unix:${socket} app:app";
+        User = "buildbot";
+        Restart = "always";
+        RestartSec = "5s";
+        PIDFile = "/run/denise_oms/gunicorn.pid";
+        RuntimeDirectory = "denise_oms";
+        StandardOutput = "journal";
+        StandardError = "inherit";
+      };
+    };
+  };
+}
diff --git a/modules/private/websites/denise/production.nix b/modules/private/websites/denise/production.nix
new file mode 100644
index 0000000..9b28e9e
--- /dev/null
+++ b/modules/private/websites/denise/production.nix
@@ -0,0 +1,25 @@
+{ lib, config, pkgs, ... }:
+let
+  cfg = config.myServices.websites.denise.production;
+in {
+  options.myServices.websites.denise.production.enable = lib.mkEnableOption "enable Denise's website";
+
+  config = lib.mkIf cfg.enable {
+    services.websites.env.production.vhostConfs.denise_production = {
+      certName     = "denise";
+      addToCerts   = true;
+      hosts        = [ "syanni.eu" "www.syanni.eu" ];
+      root         = ../_www;
+      extraConfig  = [
+        ''
+        <Directory ${../_www}>
+          DirectoryIndex index.htm index.html
+          Options Indexes FollowSymLinks MultiViews Includes
+          AllowOverride AuthConfig
+          Require all granted
+        </Directory>
+          ''
+      ];
+    };
+  };
+}
-- 
cgit v1.2.3