From 97953ca44b0438d6b366d610678906944ea63835 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 1 May 2019 13:49:37 +0200 Subject: Add surveillance for papa --- nixops/modules/websites/default.nix | 2 ++ nixops/modules/websites/ftp/papa.nix | 55 ++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 nixops/modules/websites/ftp/papa.nix (limited to 'nixops/modules/websites') diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix index b0bc7a4..6a0a19f 100644 --- a/nixops/modules/websites/default.nix +++ b/nixops/modules/websites/default.nix @@ -117,6 +117,7 @@ in ./ftp/florian.nix ./ftp/denisejerome.nix ./ftp/leila.nix + ./ftp/papa.nix ./ftp/immae.nix ./ftp/release.nix ./ftp/temp.nix @@ -214,6 +215,7 @@ in services.myWebsites.Nassime.production.enable = cfg.production.enable; services.myWebsites.Florian.production.enable = cfg.production.enable; services.myWebsites.Leila.production.enable = cfg.production.enable; + services.myWebsites.Papa.production.enable = cfg.production.enable; services.myWebsites.DeniseJerome.production.enable = cfg.production.enable; services.myWebsites.Emilia.production.enable = cfg.production.enable; services.myWebsites.Capitaines.production.enable = cfg.production.enable; diff --git a/nixops/modules/websites/ftp/papa.nix b/nixops/modules/websites/ftp/papa.nix new file mode 100644 index 0000000..ca1aabe --- /dev/null +++ b/nixops/modules/websites/ftp/papa.nix @@ -0,0 +1,55 @@ +{ lib, pkgs, config, myconfig, mylibs, ... }: +let + cfg = config.services.myWebsites.Papa; + varDir = "/var/lib/ftp/papa"; +in { + options.services.myWebsites.Papa = { + production = { + enable = lib.mkEnableOption "enable Papa's website"; + }; + }; + + config = lib.mkIf cfg.production.enable { + security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null; + security.acme.certs."papa" = config.services.myCertificates.certConfig // { + domain = "surveillance.maison.bbc.bouya.org"; + }; + + services.cron = { + systemCronJobs = let + script = pkgs.writeScript "cleanup-papa" '' + #!${pkgs.stdenv.shell} + d=$(date -d "7 days ago" +%Y%m%d) + for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do + if [ "$d" -gt $(basename $i) ]; then + rm -rf "$i" + fi + done + ''; + in + [ + '' + 0 6 * * * wwwrun ${script} + '' + ]; + }; + + services.myWebsites.production.vhostConfs.papa = { + certName = "papa"; + hosts = [ "surveillance.maison.bbc.bouya.org" ]; + root = varDir; + extraConfig = [ + '' + Use Apaxy "${varDir}" "title .duplicity-ignore" + + Use LDAPConnect + Options Indexes + AllowOverride None + Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu + + '' + ]; + }; + }; +} + -- cgit v1.2.3