diff --git a/machines/web03/_configuration.nix b/machines/web03/_configuration.nix index 3704d52..0126b02 100644 --- a/machines/web03/_configuration.nix +++ b/machines/web03/_configuration.nix @@ -8,9 +8,12 @@ lib.extra.mkConfig { enabledServices = [ # List of services to enable + "django-apps" ]; - extraConfig = { }; + extraConfig = { + services.netbird.enable = true; + }; root = ./.; } diff --git a/machines/web03/django-apps/default.nix b/machines/web03/django-apps/default.nix new file mode 100644 index 0000000..5d3ae0b --- /dev/null +++ b/machines/web03/django-apps/default.nix @@ -0,0 +1,15 @@ +{ + imports = [ ./gestiojeux.nix ]; + + services.django-apps = { + enable = true; + + webhook = { + domain = "hooks.webapps.dgnum.eu"; + nginx = { + enableACME = true; + forceSSL = true; + }; + }; + }; +} diff --git a/machines/web03/django-apps/gestiojeux.nix b/machines/web03/django-apps/gestiojeux.nix new file mode 100644 index 0000000..e7aedf1 --- /dev/null +++ b/machines/web03/django-apps/gestiojeux.nix @@ -0,0 +1,69 @@ +{ pkgs, sources, ... }: + +let + nix-pkgs = import sources.nix-pkgs { inherit pkgs; }; +in + +{ + services.django-apps.sites.gestiojeux = { + source = "https://git.dgnum.eu/DGNum/gestiojeux"; + branch = "production"; + domain = "gestiojeux.webapps.dgnum.eu"; + + nginx = { + enableACME = true; + forceSSL = true; + }; + + webHookSecret = builtins.toFile "insecure-secret" "T5hNeDraMivRZLUkrekv&QeM"; + + application = { + type = "wsgi"; + module = "gestiojeux"; + }; + + python = pkgs.python3.override { + packageOverrides = _: _: { + inherit (nix-pkgs) + django-autoslug + django-cas-ng + loadcredential + markdown-icons + ; + }; + }; + + django = ps: ps.django_4; + dependencies = ps: [ + ps.django-autoslug + ps.loadcredential + ps.django-cas-ng + ps.django-cleanup + ps.django-haystack + ps.django-markdownx + ps.django-tables2 + ps.pillow + ps.psycopg2 + ps.whoosh + + # Django haystack is drunk + ps.setuptools + ]; + + staticDirectory = "source/public/static"; + mediaDirectory = "source/public/media"; + + credentials = { + SECRET_KEY = builtins.toFile "insecure-key" "insecure-key"; + }; + + environment = { + GESTIOJEUX_ALLOWED_HOSTS = [ "gestiojeux.webapps.dgnum.eu" ]; + GESTIOJEUX_EMAIL_HOST_USER = "web-services@infra.dgnum.eu"; + GESTIOJEUX_DEFAULT_FROM_EMAIL = "Kadenios "; + GESTIOJEUX_SERVER_EMAIL = "webapps@infra.dgnum.eu"; + GESTIOJEUX_DB_NAME = "dj-gestiojeux"; + GESTIOJEUX_DB_USER = "dj-gestiojeux"; + }; + }; +} diff --git a/meta/nodes.nix b/meta/nodes.nix index ad6d53f..4d2b679 100644 --- a/meta/nodes.nix +++ b/meta/nodes.nix @@ -129,6 +129,8 @@ hashedPassword = "$y$j9T$Un/tcX5SPKNXG.sy/BcTa.$kyNHELjb1GAOWnauJfcjyVi5tacWcuEBKflZDCUC6x4"; + nix-modules = [ "services/django-apps" ]; + stateVersion = "24.05"; nixpkgs = "24.05"; vm-cluster = "Hyperviseur NPS";