From 969f59fbc43e2d2734ab331020fc9d2ab0de2a84 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Mon, 21 Oct 2024 19:41:59 +0200 Subject: [PATCH] feat(web03): Deploy the new annuaire --- machines/web03/django-apps/annuaire.nix | 52 +++++++++++++++++++++++++ machines/web03/django-apps/default.nix | 5 ++- 2 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 machines/web03/django-apps/annuaire.nix diff --git a/machines/web03/django-apps/annuaire.nix b/machines/web03/django-apps/annuaire.nix new file mode 100644 index 0000000..16709b8 --- /dev/null +++ b/machines/web03/django-apps/annuaire.nix @@ -0,0 +1,52 @@ +{ pkgs, sources, ... }: + +let + nix-pkgs = import sources.nix-pkgs { inherit pkgs; }; +in + +{ + services.django-apps.sites.annuaire = { + source = "https://git.dgnum.eu/DGNum/annuaire-eleves"; + branch = "main"; + domain = "annuaire-ens.webapps.dgnum.eu"; + + nginx = { + enableACME = true; + forceSSL = true; + }; + + webHookSecret = builtins.toFile "insecure-secret" "T5hNeDraMivRZLUkrekv&QeM"; + + python = pkgs.python3.override { + packageOverrides = _: _: { inherit (nix-pkgs) authens loadcredential; }; + }; + + dependencies = ps: [ + ps.django + ps.pillow + ps.loadcredential + ps.authens + ps.python-dateutil + ]; + + credentials = { + SECRET_KEY = builtins.toFile "insecure-key" "insecure-key"; + }; + + environment = { + ANNUAIRE_ALLOWED_HOSTS = [ "annuaire-ens.webapps.dgnum.eu" ]; + ANNUAIRE_LDAP = { + SPI = { + PROTOCOL = "ldaps"; + URL = "ldap.spi.ens.fr"; + PORT = 636; + }; + CRI = { + PROTOCOL = "ldaps"; + URL = "annuaire.ens.fr"; + PORT = 636; + }; + }; + }; + }; +} diff --git a/machines/web03/django-apps/default.nix b/machines/web03/django-apps/default.nix index 5d3ae0b..9b42eab 100644 --- a/machines/web03/django-apps/default.nix +++ b/machines/web03/django-apps/default.nix @@ -1,5 +1,8 @@ { - imports = [ ./gestiojeux.nix ]; + imports = [ + ./annuaire.nix + ./gestiojeux.nix + ]; services.django-apps = { enable = true;