From f8026b6e4c869aa108f6361c8ccd50890657994d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sat, 18 May 2019 10:49:00 +0200 Subject: Move personal websites to modules --- nixops/modules/websites/ftp/denisejerome.nix | 35 ----------- nixops/modules/websites/ftp/florian.nix | 68 --------------------- nixops/modules/websites/ftp/immae.nix | 68 --------------------- nixops/modules/websites/ftp/jerome.nix | 90 ---------------------------- nixops/modules/websites/ftp/leila.nix | 86 -------------------------- nixops/modules/websites/ftp/nassime.nix | 38 ------------ nixops/modules/websites/ftp/papa.nix | 53 ---------------- nixops/modules/websites/ftp/release.nix | 43 ------------- nixops/modules/websites/ftp/temp.nix | 40 ------------- 9 files changed, 521 deletions(-) delete mode 100644 nixops/modules/websites/ftp/denisejerome.nix delete mode 100644 nixops/modules/websites/ftp/florian.nix delete mode 100644 nixops/modules/websites/ftp/immae.nix delete mode 100644 nixops/modules/websites/ftp/jerome.nix delete mode 100644 nixops/modules/websites/ftp/leila.nix delete mode 100644 nixops/modules/websites/ftp/nassime.nix delete mode 100644 nixops/modules/websites/ftp/papa.nix delete mode 100644 nixops/modules/websites/ftp/release.nix delete mode 100644 nixops/modules/websites/ftp/temp.nix (limited to 'nixops/modules/websites/ftp') diff --git a/nixops/modules/websites/ftp/denisejerome.nix b/nixops/modules/websites/ftp/denisejerome.nix deleted file mode 100644 index 884fb62..0000000 --- a/nixops/modules/websites/ftp/denisejerome.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.DeniseJerome; - varDir = "/var/lib/ftp/denisejerome"; - env = myconfig.env.websites.denisejerome; -in { - options.services.myWebsites.DeniseJerome = { - production = { - enable = lib.mkEnableOption "enable Denise Jerome's website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ]; - - services.websites.production.vhostConfs.denisejerome = { - certName = "denisejerome"; - certMainHost = "denisejerome.piedsjaloux.fr"; - hosts = ["denisejerome.piedsjaloux.fr" ]; - root = varDir; - extraConfig = [ - '' - Use Stats denisejerome.piedsjaloux.fr - - - DirectoryIndex index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride AuthConfig - Require all granted - - '' - ]; - }; - }; -} diff --git a/nixops/modules/websites/ftp/florian.nix b/nixops/modules/websites/ftp/florian.nix deleted file mode 100644 index ebd461e..0000000 --- a/nixops/modules/websites/ftp/florian.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - adminer = pkgs.callPackage ../commons/adminer.nix {}; - cfg = config.services.myWebsites.Florian; - varDir = "/var/lib/ftp/florian"; - env = myconfig.env.websites.florian; -in { - options.services.myWebsites.Florian = { - production = { - enable = lib.mkEnableOption "enable Florian's website production"; - }; - integration = { - enable = lib.mkEnableOption "enable Florian's website integration"; - }; - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.production.enable { - security.acme.certs."ftp".extraDomains."tellesflorian.com" = null; - - services.websites.production.modules = adminer.apache.modules; - services.websites.production.vhostConfs.florian = { - certName = "florian"; - certMainHost = "tellesflorian.com"; - hosts = [ "tellesflorian.com" "www.tellesflorian.com" ]; - root = "${varDir}/tellesflorian.com"; - extraConfig = [ - adminer.apache.vhostConf - '' - ServerAdmin ${env.server_admin} - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - '' - ]; - }; - }) - - (lib.mkIf cfg.integration.enable { - security.acme.certs."ftp".extraDomains."florian.immae.eu" = null; - - services.websites.integration.modules = adminer.apache.modules; - services.websites.integration.vhostConfs.florian = { - certName = "eldiron"; - addToCerts = true; - hosts = [ "florian.immae.eu" ]; - root = "${varDir}/florian.immae.eu"; - extraConfig = [ - adminer.apache.vhostConf - '' - ServerAdmin ${env.server_admin} - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - '' - ]; - }; - }) - ]; -} diff --git a/nixops/modules/websites/ftp/immae.nix b/nixops/modules/websites/ftp/immae.nix deleted file mode 100644 index 2ba30a1..0000000 --- a/nixops/modules/websites/ftp/immae.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.Immae; - varDir = "/var/lib/ftp/immae"; - env = myconfig.env.websites.immae; -in { - options.services.myWebsites.Immae = { - production = { - enable = lib.mkEnableOption "enable Immae's website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.webstats.sites = [ { name = "www.immae.eu"; } ]; - - services.myPhpfpm.poolConfigs.immae = '' - listen = /run/phpfpm/immae.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - - pm = ondemand - pm.max_children = 5 - pm.process_idle_timeout = 60 - - php_admin_value[open_basedir] = "${varDir}:/tmp" - ''; - services.websites.production.modules = [ "proxy_fcgi" ]; - services.websites.production.vhostConfs.immae = { - certName = "eldiron"; - addToCerts = true; - hosts = [ "www.immae.eu" ]; - root = varDir; - extraConfig = [ - '' - Use Stats www.immae.eu - - - SetHandler "proxy:unix:/run/phpfpm/immae.sock|fcgi://localhost" - - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride All - Require all granted - - - - Use LDAPConnect - Require ldap-group cn=blog,cn=immae.eu,ou=services,dc=immae,dc=eu - - '' - ]; - }; - - services.websites.production.vhostConfs.bouya = { - certName = "eldiron"; - addToCerts = true; - hosts = [ "bouya.org" "www.bouya.org" ]; - root = null; - extraConfig = [ '' - RedirectMatch 301 ^/((?!\.well-known.*$).*)$ https://www.normalesup.org/~bouya/ - '' ]; - }; - }; -} diff --git a/nixops/modules/websites/ftp/jerome.nix b/nixops/modules/websites/ftp/jerome.nix deleted file mode 100644 index d00c42d..0000000 --- a/nixops/modules/websites/ftp/jerome.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - adminer = pkgs.callPackage ../commons/adminer.nix {}; - cfg = config.services.myWebsites.Jerome; - varDir = "/var/lib/ftp/jerome"; - env = myconfig.env.websites.jerome; -in { - options.services.myWebsites.Jerome = { - production = { - enable = lib.mkEnableOption "enable Jerome's website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.webstats.sites = [ { name = "naturaloutil.immae.eu"; } ]; - - security.acme.certs."ftp".extraDomains."naturaloutil.immae.eu" = null; - - secrets.keys = [{ - dest = "webapps/prod-naturaloutil"; - user = "wwwrun"; - group = "wwwrun"; - permissions = "0400"; - text = '' - ssl_set(NULL, NULL, "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt", NULL, NULL); - '' else ""} - $database = connect_db($db, $mysql_server, $mysql_base, $mysql_user, $mysql_password); - ?> - ''; - }]; - services.myPhpfpm.serviceDependencies.jerome = [ "mysql.service" ]; - services.myPhpfpm.poolConfigs.jerome = '' - listen = /run/phpfpm/naturaloutil.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - - pm = ondemand - pm.max_children = 5 - pm.process_idle_timeout = 60 - - env[BDD_CONNECT] = "/var/secrets/webapps/prod-naturaloutil" - php_admin_value[open_basedir] = "/var/secrets/webapps/prod-naturaloutil:${varDir}:/tmp" - ''; - services.myPhpfpm.poolPhpConfigs.jerome = '' - extension=${pkgs.php}/lib/php/extensions/mysqli.so - ''; - services.websites.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ]; - services.websites.production.vhostConfs.naturaloutil = { - certName = "naturaloutil"; - certMainHost = "naturaloutil.immae.eu"; - hosts = ["naturaloutil.immae.eu" ]; - root = varDir; - extraConfig = [ - adminer.apache.vhostConf - '' - Use Stats naturaloutil.immae.eu - ServerAdmin ${env.server_admin} - ErrorLog "${varDir}/logs/error_log" - CustomLog "${varDir}/logs/access_log" combined - - - SetHandler "proxy:unix:/run/phpfpm/naturaloutil.sock|fcgi://localhost" - - - - AllowOverride None - Require all denied - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - '' - ]; - }; - }; -} diff --git a/nixops/modules/websites/ftp/leila.nix b/nixops/modules/websites/ftp/leila.nix deleted file mode 100644 index 14bfa20..0000000 --- a/nixops/modules/websites/ftp/leila.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ lib, pkgs, config, ... }: -let - cfg = config.services.myWebsites.Leila; - varDir = "/var/lib/ftp/leila"; -in { - options.services.myWebsites.Leila = { - production = { - enable = lib.mkEnableOption "enable Leila's website in production"; - }; - }; - - config = (lib.mkIf cfg.production.enable { - services.myPhpfpm.poolConfigs.leila = '' - listen = /run/phpfpm/leila.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - - pm = ondemand - pm.max_children = 5 - pm.process_idle_timeout = 60 - - php_admin_value[open_basedir] = "${varDir}:/tmp" - ''; - - services.webstats.sites = [ - { name = "leila.bouya.org"; } - { name = "chorale.leila.bouya.org"; } - ]; - - services.websites.production.modules = [ "proxy_fcgi" ]; - services.websites.production.vhostConfs.leila_chorale = { - certName = "leila"; - addToCerts = true; - hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ]; - root = "${varDir}/Chorale"; - extraConfig = [ - '' - Use Stats chorale.leila.bouya.org - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - - Use LDAPConnect - Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu - - - SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" - - - '' - ]; - }; - services.websites.production.vhostConfs.leila = { - certName = "leila"; - certMainHost = "leila.bouya.org"; - hosts = [ "leila.bouya.org" ]; - root = varDir; - extraConfig = [ - '' - Use Stats leila.bouya.org - - DirectoryIndex index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - - Use LDAPConnect - Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu - - - SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" - - - - DirectoryIndex index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - '' - ]; - }; - }); -} diff --git a/nixops/modules/websites/ftp/nassime.nix b/nixops/modules/websites/ftp/nassime.nix deleted file mode 100644 index 3c982d3..0000000 --- a/nixops/modules/websites/ftp/nassime.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.Nassime; - varDir = "/var/lib/ftp/nassime"; - env = myconfig.env.websites.nassime; -in { - options.services.myWebsites.Nassime = { - production = { - enable = lib.mkEnableOption "enable Nassime's website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.webstats.sites = [ { name = "nassime.bouya.org"; } ]; - - security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null; - - services.websites.production.vhostConfs.nassime = { - certName = "nassime"; - certMainHost = "nassime.bouya.org"; - hosts = ["nassime.bouya.org" ]; - root = varDir; - extraConfig = [ - '' - Use Stats nassime.bouya.org - ServerAdmin ${env.server_admin} - - - DirectoryIndex index.php index.htm index.html - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - '' - ]; - }; - }; -} diff --git a/nixops/modules/websites/ftp/papa.nix b/nixops/modules/websites/ftp/papa.nix deleted file mode 100644 index c8d05ef..0000000 --- a/nixops/modules/websites/ftp/papa.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.Papa; - varDir = "/var/lib/ftp/papa"; -in { - options.services.myWebsites.Papa = { - production = { - enable = lib.mkEnableOption "enable Papa's website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null; - - services.cron = { - systemCronJobs = let - script = pkgs.writeScript "cleanup-papa" '' - #!${pkgs.stdenv.shell} - d=$(date -d "7 days ago" +%Y%m%d) - for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do - if [ "$d" -gt $(basename $i) ]; then - rm -rf "$i" - fi - done - ''; - in - [ - '' - 0 6 * * * wwwrun ${script} - '' - ]; - }; - - services.websites.production.vhostConfs.papa = { - certName = "papa"; - certMainHost = "surveillance.maison.bbc.bouya.org"; - hosts = [ "surveillance.maison.bbc.bouya.org" ]; - root = varDir; - extraConfig = [ - '' - Use Apaxy "${varDir}" "title .duplicity-ignore" - - Use LDAPConnect - Options Indexes - AllowOverride None - Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu - - '' - ]; - }; - }; -} - diff --git a/nixops/modules/websites/ftp/release.nix b/nixops/modules/websites/ftp/release.nix deleted file mode 100644 index db3487f..0000000 --- a/nixops/modules/websites/ftp/release.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.Release; - varDir = "/var/lib/ftp/release.immae.eu"; - env = myconfig.env.websites.release; -in { - options.services.myWebsites.Release = { - production = { - enable = lib.mkEnableOption "enable Release' website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.webstats.sites = [ { name = "release.immae.eu"; } ]; - - services.websites.production.vhostConfs.release = { - certName = "eldiron"; - addToCerts = true; - hosts = [ "release.immae.eu" ]; - root = varDir; - extraConfig = [ - '' - Use Stats release.immae.eu - - Use Apaxy "${varDir}" "title .duplicity-ignore" - - Use LDAPConnect - Options Indexes - AllowOverride All - Require all granted - - - - Use LDAPConnect - Options Indexes FollowSymlinks - AllowOverride None - Require all granted - - '' - ]; - }; - }; -} diff --git a/nixops/modules/websites/ftp/temp.nix b/nixops/modules/websites/ftp/temp.nix deleted file mode 100644 index 86dfde3..0000000 --- a/nixops/modules/websites/ftp/temp.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -let - cfg = config.services.myWebsites.Temp; - varDir = "/var/lib/ftp/temp.immae.eu"; - env = myconfig.env.websites.temp; -in { - options.services.myWebsites.Temp = { - production = { - enable = lib.mkEnableOption "enable Temp' website"; - }; - }; - - config = lib.mkIf cfg.production.enable { - services.websites.production.modules = [ "headers" ]; - services.websites.production.vhostConfs.temp = { - certName = "eldiron"; - addToCerts = true; - hosts = [ "temp.immae.eu" ]; - root = varDir; - extraConfig = [ - '' - Use Apaxy "${varDir}" "title .duplicity-ignore" - - Header set Content-Disposition attachment - - - Options -Indexes - AllowOverride None - Require all granted - - - - Options Indexes - - '' - ]; - }; - }; -} - -- cgit v1.2.3