blob: 48d96b1bf2a0acd520112470282b928e7b47c354 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
{ config, pkgs, lib, ... }:
with lib;
let
inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
genid
head
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
manageCerts
ssl
servePage
serveWordpress
;
msmtprc = pkgs.writeText "msmtprc" ''
account localhost
host localhost
account default: localhost
'';
sendmail = pkgs.writeDash "msmtp" ''
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
in {
imports = [
./sqlBackup.nix
(ssl [ "biostase.de" "www.biostase.de" ])
(serveWordpress [ "biostase.de" "www.biostase.de" ])
(ssl [ "radical-dreamers.de" "www.radical-dreamers.de" ])
(serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ])
(ssl [ "gs-maubach.de" "www.gs-maubach.de" ])
(serveWordpress [ "gs-maubach.de" "www.gs-maubach.de" ])
(ssl [ "spielwaren-kern.de" "www.spielwaren-kern.de" ])
(serveWordpress [ "spielwaren-kern.de" "www.spielwaren-kern.de" ])
(ssl [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ])
(servePage [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ])
(ssl [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ])
(serveWordpress [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ])
(ssl [ "eastuttgart.de" "www.eastuttgart.de" ])
(serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ])
(ssl [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
(servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
(manageCerts [ "goldbarrendiebstahl.radical-dreamers.de" ])
(serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ])
];
lass.mysqlBackup.config.all.databases = [
"biostase_de"
"eastuttgart_de"
"radical_dreamers_de"
"spielwaren_kern_de"
"ttf_kleinaspach_de"
];
#password protect some dirs
krebs.nginx.servers."biostase.de".locations = [
(nameValuePair "/old_biostase.de" ''
auth_basic "Administrator Login";
auth_basic_user_file /srv/http/biostase.de/old_biostase.de/.htpasswd;
'')
(nameValuePair "/mysqldumper" ''
auth_basic "Administrator Login";
auth_basic_user_file /srv/http/biostase.de/mysqldumper/.htpasswd;
'')
];
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.fritz.pubkey
];
users.users.goldbarrendiebstahl = {
home = "/srv/http/goldbarrendiebstahl.radical-dreamers.de";
uid = genid "goldbarrendiebstahl";
createHome = true;
useDefaultShell = true;
openssh.authorizedKeys.keys = [
config.krebs.users.fritz.pubkey
];
};
services.phpfpm.phpIni = pkgs.runCommand "php.ini" {
options = ''
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
sendmail_path = "${sendmail} -t -i"
'';
} ''
cat ${pkgs.php}/etc/php-recommended.ini > $out
echo "$options" >> $out
'';
}
|
