From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 01:35:06 +0200 Subject: Squash changes containing private information There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository --- .../private/websites/ressourcerie_banon/cloud.nix | 20 ------- .../websites/ressourcerie_banon/cryptpad.nix | 49 --------------- .../websites/ressourcerie_banon/production.nix | 70 ---------------------- 3 files changed, 139 deletions(-) delete mode 100644 modules/private/websites/ressourcerie_banon/cloud.nix delete mode 100644 modules/private/websites/ressourcerie_banon/cryptpad.nix delete mode 100644 modules/private/websites/ressourcerie_banon/production.nix (limited to 'modules/private/websites/ressourcerie_banon') diff --git a/modules/private/websites/ressourcerie_banon/cloud.nix b/modules/private/websites/ressourcerie_banon/cloud.nix deleted file mode 100644 index 5179218..0000000 --- a/modules/private/websites/ressourcerie_banon/cloud.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, pkgs, config, ... }: -let - cfg = config.myServices.websites.ressourcerie_banon.cloud; - nextcloud = config.myServices.tools.cloud.farm.package; -in { - options.myServices.websites.ressourcerie_banon.cloud.enable = lib.mkEnableOption "enable Ressourcerie Banon’s cloud"; - - config = lib.mkIf cfg.enable { - myServices.tools.cloud.farm.instances = [ "ressourcerie_banon" ]; - services.websites.env.production.modules = [ "proxy_fcgi" ]; - services.websites.env.production.vhostConfs.ressourcerie_banon_cloud = { - certName = "ressourcerie_banon"; - addToCerts = true; - hosts = ["cloud.le-garage-autonome.org"]; - root = nextcloud; - extraConfig = [ config.myServices.tools.cloud.farm.vhosts.ressourcerie_banon ]; - }; - }; -} - diff --git a/modules/private/websites/ressourcerie_banon/cryptpad.nix b/modules/private/websites/ressourcerie_banon/cryptpad.nix deleted file mode 100644 index 7aea728..0000000 --- a/modules/private/websites/ressourcerie_banon/cryptpad.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ lib, pkgs, config, ... }: -let - cfg = config.myServices.websites.ressourcerie_banon.cryptpad; - envCfg = config.myEnv.tools.cryptpad.ressourcerie_banon; - port = envCfg.port; - configFile = pkgs.writeText "config.js" '' - // ${pkgs.cryptpad}/lib/node_modules/cryptpad/config/config.example.js - module.exports = { - httpUnsafeOrigin: 'https://${domain}', - httpPort: ${toString port}, - adminEmail: '${envCfg.email}', - filePath: './datastore/', - archivePath: './data/archive', - pinPath: './data/pins', - taskPath: './data/tasks', - blockPath: './block', - blobPath: './blob', - blobStagingPath: './data/blobstage', - decreePath: './data/decrees', - logPath: './data/logs', - logToStdout: false, - logLevel: 'info', - logFeedback: false, - verbose: false, - inactiveTime: false, - adminKeys: ${builtins.toJSON envCfg.admins}, - }; - ''; - domain = "pad.le-garage-autonome.org"; -in { - options.myServices.websites.ressourcerie_banon.cryptpad.enable = lib.mkEnableOption "Enable Ressourcerie Banon’s cryptpad"; - - config = lib.mkIf cfg.enable { - myServices.tools.cryptpad.farm.hosts.ressourcerie_banon = { - inherit domain port; - config = configFile; - }; - services.websites.env.production.modules = [ "proxy_wstunnel" ]; - services.websites.env.production.vhostConfs.ressourcerie_banon_cryptpad = { - certName = "ressourcerie_banon"; - addToCerts = true; - hosts = [domain]; - root = config.myServices.tools.cryptpad.farm.vhostRoots.ressourcerie_banon; - extraConfig = [ - config.myServices.tools.cryptpad.farm.vhosts.ressourcerie_banon - ]; - }; - }; -} diff --git a/modules/private/websites/ressourcerie_banon/production.nix b/modules/private/websites/ressourcerie_banon/production.nix deleted file mode 100644 index fa00d92..0000000 --- a/modules/private/websites/ressourcerie_banon/production.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ lib, pkgs, config, ... }: -let - cfg = config.myServices.websites.ressourcerie_banon.production; - varDir = "/var/lib/ftp/ressourcerie_banon"; - apacheUser = config.services.httpd.Prod.user; - apacheGroup = config.services.httpd.Prod.group; -in { - options.myServices.websites.ressourcerie_banon.production.enable = lib.mkEnableOption "enable Ressourcerie Banon's website"; - - config = lib.mkIf cfg.enable { - services.webstats.sites = [ { name = "ressourcerie-banon.org"; } ]; - - system.activationScripts.ressourcerie_banon = { - deps = [ "httpd" ]; - text = '' - install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/php/sessions/ressourcerie_banon - ''; - }; - systemd.services.phpfpm-ressourcerie_banon.after = lib.mkAfter [ "mysql.service" ]; - systemd.services.phpfpm-ressourcerie_banon.wants = [ "mysql.service" ]; - services.phpfpm.pools.ressourcerie_banon = { - user = apacheUser; - group = apacheGroup; - settings = { - "listen.owner" = apacheUser; - "listen.group" = apacheGroup; - - "pm" = "ondemand"; - "pm.max_children" = "5"; - "pm.process_idle_timeout" = "60"; - - "php_admin_value[open_basedir]" = "/var/lib/php/sessions/ressourcerie_banon:${varDir}:/tmp"; - "php_admin_value[session.save_path]" = "/var/lib/php/sessions/ressourcerie_banon"; - }; - phpOptions = config.services.phpfpm.phpOptions + '' - disable_functions = "mail" - ''; - phpPackage = pkgs.php72; - }; - services.websites.env.production.modules = [ "proxy_fcgi" ]; - services.websites.env.production.vhostConfs.ressourcerie_banon = { - certName = "ressourcerie_banon"; - certMainHost = "ressourcerie-banon.org"; - hosts = ["ressourcerie-banon.org" "www.ressourcerie-banon.org" "ressourcerie-sault.org" "www.ressourcerie-sault.org" "le-garage-autonome.org" - "www.le-garage-autonome.org"]; - root = varDir; - extraConfig = [ - '' - Use Stats ressourcerie-banon.org - - RewriteEngine on - RewriteCond "%{HTTP_HOST}" "!^ressourcerie-banon\.org$" [NC] - RewriteRule ^(.+)$ https://ressourcerie-banon.org$1 [R=302,L] - - - SetHandler "proxy:unix:${config.services.phpfpm.pools.ressourcerie_banon.socket}|fcgi://localhost" - - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride all - Require all granted - - '' - ]; - }; - }; -} - -- cgit v1.2.3