Tom Hubrecht
ad39c91168
All checks were successful
lint / check (push) Successful in 23s
build configuration / build_web02 (push) Successful in 1m3s
build configuration / build_vault01 (push) Successful in 1m5s
build configuration / build_storage01 (push) Successful in 1m9s
build configuration / build_web01 (push) Successful in 1m39s
npins update / npins_update (push) Successful in 53s
build configuration / build_compute01 (push) Successful in 42m1s
56 lines
1.3 KiB
Nix
56 lines
1.3 KiB
Nix
{ config, ... }:
|
|
|
|
let
|
|
host = "docs.dgnum.eu";
|
|
in
|
|
{
|
|
services.outline = {
|
|
enable = true;
|
|
|
|
storage.storageType = "local";
|
|
|
|
smtp = {
|
|
username = "web-services@infra.dgnum.eu";
|
|
port = 465;
|
|
host = "kurisu.lahfa.xyz";
|
|
|
|
fromEmail = "docs@infra.dgnum.eu";
|
|
replyEmail = "web-services@infra.dgnum.eu";
|
|
passwordFile = config.age.secrets."outline-smtp_password_file".path;
|
|
};
|
|
|
|
redisUrl = "local";
|
|
publicUrl = "https://${host}";
|
|
|
|
oidcAuthentication = {
|
|
clientId = "outline_dgn";
|
|
authUrl = "https://sso.dgnum.eu/ui/oauth2";
|
|
tokenUrl = "https://sso.dgnum.eu/oauth2/token";
|
|
userinfoUrl = "https://sso.dgnum.eu/oauth2/openid/outline_dgn/userinfo";
|
|
displayName = "DGNum SSO";
|
|
|
|
clientSecretFile = config.age.secrets."outline-oidc_client_secret_file".path;
|
|
};
|
|
|
|
defaultLanguage = "fr_FR";
|
|
|
|
forceHttps = false;
|
|
port = 3003;
|
|
};
|
|
|
|
services.nginx.virtualHosts.${host} = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:3003";
|
|
proxyWebsockets = true;
|
|
};
|
|
|
|
locations."/robots.txt" = {
|
|
return = ''200 "User-agent: *\nDisallow: /s/demarches-normaliennes/\n"'';
|
|
};
|
|
};
|
|
|
|
age-secrets.autoMatch = [ "outline" ];
|
|
}
|