blob: ca1aabe65f36cb3953980933bf8c32a348ac361e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
{ lib, pkgs, config, myconfig, mylibs, ... }:
let
cfg = config.services.myWebsites.Papa;
varDir = "/var/lib/ftp/papa";
in {
options.services.myWebsites.Papa = {
production = {
enable = lib.mkEnableOption "enable Papa's website";
};
};
config = lib.mkIf cfg.production.enable {
security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
security.acme.certs."papa" = config.services.myCertificates.certConfig // {
domain = "surveillance.maison.bbc.bouya.org";
};
services.cron = {
systemCronJobs = let
script = pkgs.writeScript "cleanup-papa" ''
#!${pkgs.stdenv.shell}
d=$(date -d "7 days ago" +%Y%m%d)
for i in /var/lib/ftp/papa/*/20[0-9][0-9][0-9][0-9][0-9][0-9]; do
if [ "$d" -gt $(basename $i) ]; then
rm -rf "$i"
fi
done
'';
in
[
''
0 6 * * * wwwrun ${script}
''
];
};
services.myWebsites.production.vhostConfs.papa = {
certName = "papa";
hosts = [ "surveillance.maison.bbc.bouya.org" ];
root = varDir;
extraConfig = [
''
Use Apaxy "${varDir}" "title .duplicity-ignore"
<Directory ${varDir}>
Use LDAPConnect
Options Indexes
AllowOverride None
Require ldap-group cn=surveillance.maison.bbc.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
</Directory>
''
];
};
};
}
|
