summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--modules/websites/default.nix229
-rw-r--r--modules/websites/php-application.nix4
2 files changed, 124 insertions, 109 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 2e1d23a4..ef79cb3c 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -1,119 +1,131 @@
1{ lib, config, ... }: with lib; 1{ lib, config, ... }: with lib;
2let 2let
3 cfg = { 3 cfg = config.services.websites;
4 certs = config.services.websitesCerts;
5 webappDirs = config.services.websitesWebappDirs;
6 env = config.services.websites;
7 };
8in 4in
9{ 5{
10 options.services.websitesCerts = mkOption { 6 options.services.websites = with types; {
11 description = "Default websites configuration for certificates as accepted by acme"; 7 certs = mkOption {
12 }; 8 description = "Default websites configuration for certificates as accepted by acme";
13 options.services.websitesWebappDirs = mkOption { 9 };
14 description = '' 10 webappDirs = mkOption {
15 Defines a symlink between /run/current-system/webapps and a store 11 description = ''
16 app directory to be used in http configuration. Permits to avoid 12 Defines a symlink between /run/current-system/webapps and a store
17 restarting httpd when only the folder name changes. 13 app directory to be used in http configuration. Permits to avoid
18 ''; 14 restarting httpd when only the folder name changes.
19 type = types.attrsOf types.path; 15 '';
20 default = {}; 16 type = types.attrsOf types.path;
21 }; 17 default = {};
22 # TODO: ajouter /run/current-system/webapps (RO) et webapps (RW) 18 };
23 options.services.websites = with types; mkOption { 19 webappDirsName = mkOption {
24 default = {}; 20 type = str;
25 description = "Each type of website to enable will target a distinct httpd server"; 21 default = "webapps";
26 type = attrsOf (submodule { 22 description = ''
27 options = { 23 Name of the webapp dir to create in /run/current-system
28 enable = mkEnableOption "Enable websites of this type"; 24 '';
29 adminAddr = mkOption { 25 };
30 type = str; 26 webappDirsPath = mkOption {
31 description = "Admin e-mail address of the instance"; 27 type = str;
32 }; 28 readOnly = true;
33 httpdName = mkOption { 29 description = ''
34 type = str; 30 Full path of the webapp dir
35 description = "Name of the httpd instance to assign this type to"; 31 '';
36 }; 32 default = "/run/current-system/${cfg.webappDirsName}";
37 ips = mkOption { 33 };
38 type = listOf string; 34 env = mkOption {
39 default = []; 35 default = {};
40 description = "ips to listen to"; 36 description = "Each type of website to enable will target a distinct httpd server";
41 }; 37 type = attrsOf (submodule {
42 modules = mkOption { 38 options = {
43 type = listOf str; 39 enable = mkEnableOption "Enable websites of this type";
44 default = []; 40 adminAddr = mkOption {
45 description = "Additional modules to load in Apache"; 41 type = str;
46 }; 42 description = "Admin e-mail address of the instance";
47 extraConfig = mkOption { 43 };
48 type = listOf lines; 44 httpdName = mkOption {
49 default = []; 45 type = str;
50 description = "Additional configuration to append to Apache"; 46 description = "Name of the httpd instance to assign this type to";
51 }; 47 };
52 nosslVhost = mkOption { 48 ips = mkOption {
53 description = "A default nossl vhost for captive portals"; 49 type = listOf string;
54 default = {}; 50 default = [];
55 type = submodule { 51 description = "ips to listen to";
56 options = { 52 };
57 enable = mkEnableOption "Add default no-ssl vhost for this instance"; 53 modules = mkOption {
58 host = mkOption { 54 type = listOf str;
59 type = string; 55 default = [];
60 description = "The hostname to use for this vhost"; 56 description = "Additional modules to load in Apache";
61 }; 57 };
62 root = mkOption { 58 extraConfig = mkOption {
63 type = path; 59 type = listOf lines;
64 default = ./nosslVhost; 60 default = [];
65 description = "The root folder to serve"; 61 description = "Additional configuration to append to Apache";
66 }; 62 };
67 indexFile = mkOption { 63 nosslVhost = mkOption {
68 type = string; 64 description = "A default nossl vhost for captive portals";
69 default = "index.html"; 65 default = {};
70 description = "The index file to show."; 66 type = submodule {
67 options = {
68 enable = mkEnableOption "Add default no-ssl vhost for this instance";
69 host = mkOption {
70 type = string;
71 description = "The hostname to use for this vhost";
72 };
73 root = mkOption {
74 type = path;
75 default = ./nosslVhost;
76 description = "The root folder to serve";
77 };
78 indexFile = mkOption {
79 type = string;
80 default = "index.html";
81 description = "The index file to show.";
82 };
71 }; 83 };
72 }; 84 };
73 }; 85 };
74 }; 86 fallbackVhost = mkOption {
75 fallbackVhost = mkOption { 87 description = "The fallback vhost that will be defined as first vhost in Apache";
76 description = "The fallback vhost that will be defined as first vhost in Apache"; 88 type = submodule {
77 type = submodule { 89 options = {
78 options = { 90 certName = mkOption { type = string; };
79 certName = mkOption { type = string; }; 91 hosts = mkOption { type = listOf string; };
80 hosts = mkOption { type = listOf string; }; 92 root = mkOption { type = nullOr path; };
81 root = mkOption { type = nullOr path; }; 93 extraConfig = mkOption { type = listOf lines; default = []; };
82 extraConfig = mkOption { type = listOf lines; default = []; }; 94 };
83 }; 95 };
84 }; 96 };
85 }; 97 vhostConfs = mkOption {
86 vhostConfs = mkOption { 98 default = {};
87 default = {}; 99 description = "List of vhosts to define for Apache";
88 description = "List of vhosts to define for Apache"; 100 type = attrsOf (submodule {
89 type = attrsOf (submodule { 101 options = {
90 options = { 102 certName = mkOption { type = string; };
91 certName = mkOption { type = string; }; 103 addToCerts = mkOption {
92 addToCerts = mkOption { 104 type = bool;
93 type = bool; 105 default = false;
94 default = false; 106 description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null";
95 description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null"; 107 };
96 }; 108 certMainHost = mkOption {
97 certMainHost = mkOption { 109 type = nullOr string;
98 type = nullOr string; 110 description = "Use that host as 'main host' for acme certs";
99 description = "Use that host as 'main host' for acme certs"; 111 default = null;
100 default = null; 112 };
113 hosts = mkOption { type = listOf string; };
114 root = mkOption { type = nullOr path; };
115 extraConfig = mkOption { type = listOf lines; default = []; };
101 }; 116 };
102 hosts = mkOption { type = listOf string; }; 117 });
103 root = mkOption { type = nullOr path; }; 118 };
104 extraConfig = mkOption { type = listOf lines; default = []; }; 119 watchPaths = mkOption {
105 }; 120 type = listOf string;
106 }); 121 default = [];
107 }; 122 description = ''
108 watchPaths = mkOption { 123 Paths to watch that should trigger a reload of httpd
109 type = listOf string; 124 '';
110 default = []; 125 };
111 description = ''
112 Paths to watch that should trigger a reload of httpd
113 '';
114 }; 126 };
115 }; 127 });
116 }); 128 };
117 }; 129 };
118 130
119 config.services.httpd = let 131 config.services.httpd = let
@@ -226,7 +238,10 @@ in
226 ) groupedCerts; 238 ) groupedCerts;
227 239
228 config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) '' 240 config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) ''
229 mkdir -p $out/webapps 241 mkdir -p $out/${cfg.webappDirsName}
230 ${builtins.concatStringsSep "\n" (attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") cfg.webappDirs)} 242 ${builtins.concatStringsSep "\n"
243 (attrsets.mapAttrsToList
244 (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs)
245 }
231 ''; 246 '';
232} 247}
diff --git a/modules/websites/php-application.nix b/modules/websites/php-application.nix
index 7bbae50a..765d4067 100644
--- a/modules/websites/php-application.nix
+++ b/modules/websites/php-application.nix
@@ -97,14 +97,14 @@ in
97 }; 97 };
98 98
99 config = { 99 config = {
100 services.websites = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair 100 services.websites.env = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair
101 name { 101 name {
102 modules = [ "proxy_fcgi" ]; 102 modules = [ "proxy_fcgi" ];
103 watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs); 103 watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs);
104 } 104 }
105 ) cfgByEnv; 105 ) cfgByEnv;
106 106
107 services.websitesWebappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair 107 services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
108 icfg.webappName icfg.webRoot 108 icfg.webappName icfg.webRoot
109 ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg); 109 ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg);
110 110