infrastructure/machines/compute01/ds-fr/default.nix
2023-09-24 13:16:22 +02:00

77 lines
2.2 KiB
Nix

{ config, lib, dgn-lib, ... }:
let
inherit (dgn-lib) setDefault;
host = "demarches.dgnum.eu";
in {
imports = [ ./module.nix ];
services.demarches-simplifiees = {
enable = true;
secretFile = config.age.secrets.ds_fr-secret_file.path;
initialDeploymentDate = "20230923";
settings = {
APP_HOST = host;
# TODO: use France Connect ?
FRANCE_CONNECT_ENABLED = "disabled";
FC_PARTICULIER_ID = "demarches_dgn";
FC_PARTICULIER_SECRET = "JD2MKKR3aMapqk1f27AcMZMy8sTW7ypRkqcegvf5TUy8bMRp";
FC_PARTICULIER_BASE_URL = "https://sso.dgnum.eu";
# S3 storage setup
ACTIVE_STORAGE_SERVICE = "garage";
S3_ENDPOINT = "https://s3.dgnum.eu";
S3_BUCKET = "demarches-dgnum";
S3_REGION = "garage";
S3_FORCE_PATH_STYLE = "true";
S3_ACCESS_KEY_ID = "GK4d244118eac2336ae0ab2dd9";
S3_SECRET_ACCESS_KEY = "61100261fb0a0c861371596f9ffcd1e83134301a6d0c665a077135af04ba18c3";
# SAML_IDP_ENABLED = "enabled";
# Optional settings
APPLICATION_NAME = ''"Démarches normaliennes"'';
APPLICATION_SHORTNAME = "d-s.dgnum.eu";
APPLICATION_BASE_URL = "https://${host}";
# Deactivate connexion methods
AGENT_CONNECT_ENABLED = "disabled";
# SMTP setup, TODO: Fix and stop using sendmail
CLASSIC_SMTP_ENABLED = "enabled";
SMTP_HOST = "kurisu.lahfa.xyz";
SMTP_PORT = "465";
SMTP_USER = "web-services@infra.dgnum.eu";
SMTP_TLS = "";
SMTP_SSL = "true";
SMTP_AUTHENTICATION = "plain";
SUPER_ADMIN_OTP_ENABLED = "disabled";
CONTACT_EMAIL = "demarches@infra.dgnum.eu";
EQUIPE_EMAIL = "equipe@infra.dgnum.eu";
TECH_EMAIL = "tech@infra.dgnum.eu";
NO_REPLY_EMAIL =
''"Ne pas répondre <@infra.dgnum.eu>"'';
OLD_CONTACT_EMAIL = "";
CONTACT_PHONE = "";
# Customization
# HEADER_LOGO_SRC = "logo_ens_psl_couleur.png";
# HEADER_LOGO_ALT = "Par la Recherche, pour la Recherche";
# PROCEDURE_DEFAULT_LOGO_SRC = "logo_ens_psl_couleur.png";
};
};
dgn-secrets.options = [
(setDefault { owner = "ds-fr"; }
(builtins.filter (lib.hasPrefix "ds_fr") config.dgn-secrets.names))
];
users.users.ds-fr.extraGroups = [ "sendmail" ];
}