summaryrefslogtreecommitdiff
path: root/modules/websites/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/websites/default.nix')
-rw-r--r--modules/websites/default.nix29
1 files changed, 24 insertions, 5 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 4b21efb7..2e1d23a4 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -1,11 +1,25 @@
1{ lib, config, ... }: with lib; 1{ lib, config, ... }: with lib;
2let 2let
3 cfg = config.services.websites; 3 cfg = {
4 certs = config.services.websitesCerts;
5 webappDirs = config.services.websitesWebappDirs;
6 env = config.services.websites;
7 };
4in 8in
5{ 9{
6 options.services.websitesCerts = mkOption { 10 options.services.websitesCerts = mkOption {
7 description = "Default websites configuration for certificates as accepted by acme"; 11 description = "Default websites configuration for certificates as accepted by acme";
8 }; 12 };
13 options.services.websitesWebappDirs = mkOption {
14 description = ''
15 Defines a symlink between /run/current-system/webapps and a store
16 app directory to be used in http configuration. Permits to avoid
17 restarting httpd when only the folder name changes.
18 '';
19 type = types.attrsOf types.path;
20 default = {};
21 };
22 # TODO: ajouter /run/current-system/webapps (RO) et webapps (RW)
9 options.services.websites = with types; mkOption { 23 options.services.websites = with types; mkOption {
10 default = {}; 24 default = {};
11 description = "Each type of website to enable will target a distinct httpd server"; 25 description = "Each type of website to enable will target a distinct httpd server";
@@ -164,17 +178,17 @@ in
164 ++ (attrsets.mapAttrsToList (n: v: toVhost icfg.ips v) icfg.vhostConfs) 178 ++ (attrsets.mapAttrsToList (n: v: toVhost icfg.ips v) icfg.vhostConfs)
165 ++ [ (redirectVhost icfg.ips) ]; 179 ++ [ (redirectVhost icfg.ips) ];
166 }) 180 })
167 ) cfg; 181 ) cfg.env;
168 182
169 config.services.filesWatcher = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair 183 config.services.filesWatcher = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
170 "httpd${icfg.httpdName}" { 184 "httpd${icfg.httpdName}" {
171 paths = icfg.watchPaths; 185 paths = icfg.watchPaths;
172 waitTime = 5; 186 waitTime = 5;
173 } 187 }
174 ) cfg; 188 ) cfg.env;
175 189
176 config.security.acme.certs = let 190 config.security.acme.certs = let
177 typesToManage = attrsets.filterAttrs (k: v: v.enable) cfg; 191 typesToManage = attrsets.filterAttrs (k: v: v.enable) cfg.env;
178 flatVhosts = lists.flatten (attrsets.mapAttrsToList (k: v: 192 flatVhosts = lists.flatten (attrsets.mapAttrsToList (k: v:
179 attrValues v.vhostConfs 193 attrValues v.vhostConfs
180 ) typesToManage); 194 ) typesToManage);
@@ -200,7 +214,7 @@ in
200 ); 214 );
201 in attrsets.mapAttrs (k: g: 215 in attrsets.mapAttrs (k: g:
202 if (!isNull (groupToDomain g)) 216 if (!isNull (groupToDomain g))
203 then config.services.websitesCerts // { 217 then cfg.certs // {
204 domain = groupToDomain g; 218 domain = groupToDomain g;
205 extraDomains = builtins.listToAttrs ( 219 extraDomains = builtins.listToAttrs (
206 map (d: attrsets.nameValuePair d null) (extraDomains g)); 220 map (d: attrsets.nameValuePair d null) (extraDomains g));
@@ -210,4 +224,9 @@ in
210 map (d: attrsets.nameValuePair d null) (extraDomains g)); 224 map (d: attrsets.nameValuePair d null) (extraDomains g));
211 } 225 }
212 ) groupedCerts; 226 ) groupedCerts;
227
228 config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) ''
229 mkdir -p $out/webapps
230 ${builtins.concatStringsSep "\n" (attrsets.mapAttrsToList (name: path: "ln -s ${path} $out/webapps/${name}") cfg.webappDirs)}
231 '';
213} 232}