diff options
-rw-r--r-- | modules/websites/default.nix | 229 | ||||
-rw-r--r-- | modules/websites/php-application.nix | 4 |
2 files changed, 124 insertions, 109 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix index 2e1d23a4..ef79cb3c 100644 --- a/modules/websites/default.nix +++ b/modules/websites/default.nix | |||
@@ -1,119 +1,131 @@ | |||
1 | { lib, config, ... }: with lib; | 1 | { lib, config, ... }: with lib; |
2 | let | 2 | let |
3 | cfg = { | 3 | cfg = config.services.websites; |
4 | certs = config.services.websitesCerts; | ||
5 | webappDirs = config.services.websitesWebappDirs; | ||
6 | env = config.services.websites; | ||
7 | }; | ||
8 | in | 4 | in |
9 | { | 5 | { |
10 | options.services.websitesCerts = mkOption { | 6 | options.services.websites = with types; { |
11 | description = "Default websites configuration for certificates as accepted by acme"; | 7 | certs = mkOption { |
12 | }; | 8 | description = "Default websites configuration for certificates as accepted by acme"; |
13 | options.services.websitesWebappDirs = mkOption { | 9 | }; |
14 | description = '' | 10 | webappDirs = mkOption { |
15 | Defines a symlink between /run/current-system/webapps and a store | 11 | description = '' |
16 | app directory to be used in http configuration. Permits to avoid | 12 | Defines a symlink between /run/current-system/webapps and a store |
17 | restarting httpd when only the folder name changes. | 13 | app directory to be used in http configuration. Permits to avoid |
18 | ''; | 14 | restarting httpd when only the folder name changes. |
19 | type = types.attrsOf types.path; | 15 | ''; |
20 | default = {}; | 16 | type = types.attrsOf types.path; |
21 | }; | 17 | default = {}; |
22 | # TODO: ajouter /run/current-system/webapps (RO) et webapps (RW) | 18 | }; |
23 | options.services.websites = with types; mkOption { | 19 | webappDirsName = mkOption { |
24 | default = {}; | 20 | type = str; |
25 | description = "Each type of website to enable will target a distinct httpd server"; | 21 | default = "webapps"; |
26 | type = attrsOf (submodule { | 22 | description = '' |
27 | options = { | 23 | Name of the webapp dir to create in /run/current-system |
28 | enable = mkEnableOption "Enable websites of this type"; | 24 | ''; |
29 | adminAddr = mkOption { | 25 | }; |
30 | type = str; | 26 | webappDirsPath = mkOption { |
31 | description = "Admin e-mail address of the instance"; | 27 | type = str; |
32 | }; | 28 | readOnly = true; |
33 | httpdName = mkOption { | 29 | description = '' |
34 | type = str; | 30 | Full path of the webapp dir |
35 | description = "Name of the httpd instance to assign this type to"; | 31 | ''; |
36 | }; | 32 | default = "/run/current-system/${cfg.webappDirsName}"; |
37 | ips = mkOption { | 33 | }; |
38 | type = listOf string; | 34 | env = mkOption { |
39 | default = []; | 35 | default = {}; |
40 | description = "ips to listen to"; | 36 | description = "Each type of website to enable will target a distinct httpd server"; |
41 | }; | 37 | type = attrsOf (submodule { |
42 | modules = mkOption { | 38 | options = { |
43 | type = listOf str; | 39 | enable = mkEnableOption "Enable websites of this type"; |
44 | default = []; | 40 | adminAddr = mkOption { |
45 | description = "Additional modules to load in Apache"; | 41 | type = str; |
46 | }; | 42 | description = "Admin e-mail address of the instance"; |
47 | extraConfig = mkOption { | 43 | }; |
48 | type = listOf lines; | 44 | httpdName = mkOption { |
49 | default = []; | 45 | type = str; |
50 | description = "Additional configuration to append to Apache"; | 46 | description = "Name of the httpd instance to assign this type to"; |
51 | }; | 47 | }; |
52 | nosslVhost = mkOption { | 48 | ips = mkOption { |
53 | description = "A default nossl vhost for captive portals"; | 49 | type = listOf string; |
54 | default = {}; | 50 | default = []; |
55 | type = submodule { | 51 | description = "ips to listen to"; |
56 | options = { | 52 | }; |
57 | enable = mkEnableOption "Add default no-ssl vhost for this instance"; | 53 | modules = mkOption { |
58 | host = mkOption { | 54 | type = listOf str; |
59 | type = string; | 55 | default = []; |
60 | description = "The hostname to use for this vhost"; | 56 | description = "Additional modules to load in Apache"; |
61 | }; | 57 | }; |
62 | root = mkOption { | 58 | extraConfig = mkOption { |
63 | type = path; | 59 | type = listOf lines; |
64 | default = ./nosslVhost; | 60 | default = []; |
65 | description = "The root folder to serve"; | 61 | description = "Additional configuration to append to Apache"; |
66 | }; | 62 | }; |
67 | indexFile = mkOption { | 63 | nosslVhost = mkOption { |
68 | type = string; | 64 | description = "A default nossl vhost for captive portals"; |
69 | default = "index.html"; | 65 | default = {}; |
70 | description = "The index file to show."; | 66 | type = submodule { |
67 | options = { | ||
68 | enable = mkEnableOption "Add default no-ssl vhost for this instance"; | ||
69 | host = mkOption { | ||
70 | type = string; | ||
71 | description = "The hostname to use for this vhost"; | ||
72 | }; | ||
73 | root = mkOption { | ||
74 | type = path; | ||
75 | default = ./nosslVhost; | ||
76 | description = "The root folder to serve"; | ||
77 | }; | ||
78 | indexFile = mkOption { | ||
79 | type = string; | ||
80 | default = "index.html"; | ||
81 | description = "The index file to show."; | ||
82 | }; | ||
71 | }; | 83 | }; |
72 | }; | 84 | }; |
73 | }; | 85 | }; |
74 | }; | 86 | fallbackVhost = mkOption { |
75 | fallbackVhost = mkOption { | 87 | description = "The fallback vhost that will be defined as first vhost in Apache"; |
76 | description = "The fallback vhost that will be defined as first vhost in Apache"; | 88 | type = submodule { |
77 | type = submodule { | 89 | options = { |
78 | options = { | 90 | certName = mkOption { type = string; }; |
79 | certName = mkOption { type = string; }; | 91 | hosts = mkOption { type = listOf string; }; |
80 | hosts = mkOption { type = listOf string; }; | 92 | root = mkOption { type = nullOr path; }; |
81 | root = mkOption { type = nullOr path; }; | 93 | extraConfig = mkOption { type = listOf lines; default = []; }; |
82 | extraConfig = mkOption { type = listOf lines; default = []; }; | 94 | }; |
83 | }; | 95 | }; |
84 | }; | 96 | }; |
85 | }; | 97 | vhostConfs = mkOption { |
86 | vhostConfs = mkOption { | 98 | default = {}; |
87 | default = {}; | 99 | description = "List of vhosts to define for Apache"; |
88 | description = "List of vhosts to define for Apache"; | 100 | type = attrsOf (submodule { |
89 | type = attrsOf (submodule { | 101 | options = { |
90 | options = { | 102 | certName = mkOption { type = string; }; |
91 | certName = mkOption { type = string; }; | 103 | addToCerts = mkOption { |
92 | addToCerts = mkOption { | 104 | type = bool; |
93 | type = bool; | 105 | default = false; |
94 | default = false; | 106 | description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null"; |
95 | description = "Use these to certificates. Is ignored (considered true) if certMainHost is not null"; | 107 | }; |
96 | }; | 108 | certMainHost = mkOption { |
97 | certMainHost = mkOption { | 109 | type = nullOr string; |
98 | type = nullOr string; | 110 | description = "Use that host as 'main host' for acme certs"; |
99 | description = "Use that host as 'main host' for acme certs"; | 111 | default = null; |
100 | default = null; | 112 | }; |
113 | hosts = mkOption { type = listOf string; }; | ||
114 | root = mkOption { type = nullOr path; }; | ||
115 | extraConfig = mkOption { type = listOf lines; default = []; }; | ||
101 | }; | 116 | }; |
102 | hosts = mkOption { type = listOf string; }; | 117 | }); |
103 | root = mkOption { type = nullOr path; }; | 118 | }; |
104 | extraConfig = mkOption { type = listOf lines; default = []; }; | 119 | watchPaths = mkOption { |
105 | }; | 120 | type = listOf string; |
106 | }); | 121 | default = []; |
107 | }; | 122 | description = '' |
108 | watchPaths = mkOption { | 123 | Paths to watch that should trigger a reload of httpd |
109 | type = listOf string; | 124 | ''; |
110 | default = []; | 125 | }; |
111 | description = '' | ||
112 | Paths to watch that should trigger a reload of httpd | ||
113 | ''; | ||
114 | }; | 126 | }; |
115 | }; | 127 | }); |
116 | }); | 128 | }; |
117 | }; | 129 | }; |
118 | 130 | ||
119 | config.services.httpd = let | 131 | config.services.httpd = let |
@@ -226,7 +238,10 @@ in | |||
226 | ) groupedCerts; | 238 | ) groupedCerts; |
227 | 239 | ||
228 | config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) '' | 240 | config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) '' |
229 | mkdir -p $out/webapps | 241 | mkdir -p $out/${cfg.webappDirsName} |
230 | ${builtins.concatStringsSep "\n" (attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") cfg.webappDirs)} | 242 | ${builtins.concatStringsSep "\n" |
243 | (attrsets.mapAttrsToList | ||
244 | (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs) | ||
245 | } | ||
231 | ''; | 246 | ''; |
232 | } | 247 | } |
diff --git a/modules/websites/php-application.nix b/modules/websites/php-application.nix index 7bbae50a..765d4067 100644 --- a/modules/websites/php-application.nix +++ b/modules/websites/php-application.nix | |||
@@ -97,14 +97,14 @@ in | |||
97 | }; | 97 | }; |
98 | 98 | ||
99 | config = { | 99 | config = { |
100 | services.websites = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair | 100 | services.websites.env = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair |
101 | name { | 101 | name { |
102 | modules = [ "proxy_fcgi" ]; | 102 | modules = [ "proxy_fcgi" ]; |
103 | watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs); | 103 | watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs); |
104 | } | 104 | } |
105 | ) cfgByEnv; | 105 | ) cfgByEnv; |
106 | 106 | ||
107 | services.websitesWebappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair | 107 | services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair |
108 | icfg.webappName icfg.webRoot | 108 | icfg.webappName icfg.webRoot |
109 | ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg); | 109 | ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg); |
110 | 110 | ||