catvayor
b7c225a9cd
All checks were successful
Check meta / check_meta (pull_request) Successful in 21s
Check meta / check_dns (pull_request) Successful in 21s
Build all the nodes / netaccess01 (pull_request) Successful in 20s
Build all the nodes / netcore02 (pull_request) Successful in 20s
Build all the nodes / netcore01 (pull_request) Successful in 20s
Check workflows / check_workflows (pull_request) Successful in 27s
Build all the nodes / ap01 (pull_request) Successful in 31s
Build the shell / build-shell (pull_request) Successful in 1m1s
Build all the nodes / bridge01 (pull_request) Successful in 1m53s
Build all the nodes / geo02 (pull_request) Successful in 1m53s
Run pre-commit on all files / pre-commit (pull_request) Successful in 40s
Build all the nodes / geo01 (pull_request) Successful in 2m30s
Build all the nodes / web02 (pull_request) Successful in 2m9s
Build all the nodes / rescue01 (pull_request) Successful in 2m20s
Build all the nodes / tower01 (pull_request) Successful in 2m18s
Build all the nodes / hypervisor03 (pull_request) Successful in 2m38s
Build all the nodes / hypervisor02 (pull_request) Successful in 2m50s
Build all the nodes / build01 (pull_request) Successful in 2m51s
Build all the nodes / hypervisor01 (pull_request) Successful in 2m51s
Build all the nodes / storage01 (pull_request) Successful in 2m39s
Build all the nodes / vault01 (pull_request) Successful in 2m45s
Build all the nodes / web03 (pull_request) Successful in 2m36s
Build all the nodes / compute01 (pull_request) Successful in 3m8s
Build all the nodes / web01 (pull_request) Successful in 3m13s
Build all the nodes / netcore01 (push) Successful in 21s
Build all the nodes / netcore02 (push) Successful in 21s
Build all the nodes / netaccess01 (push) Successful in 22s
Build all the nodes / ap01 (push) Successful in 1m16s
Build all the nodes / bridge01 (push) Successful in 1m47s
Build all the nodes / hypervisor02 (push) Successful in 1m59s
Build all the nodes / geo02 (push) Successful in 1m59s
Build all the nodes / storage01 (push) Successful in 1m59s
Build all the nodes / build01 (push) Successful in 2m15s
Build all the nodes / rescue01 (push) Successful in 2m26s
Build all the nodes / hypervisor01 (push) Successful in 2m29s
Build all the nodes / hypervisor03 (push) Successful in 2m33s
Build all the nodes / tower01 (push) Successful in 2m32s
Build all the nodes / vault01 (push) Successful in 2m36s
Build all the nodes / geo01 (push) Successful in 2m42s
Build the shell / build-shell (push) Successful in 48s
Run pre-commit on all files / pre-commit (push) Successful in 51s
Build all the nodes / web02 (push) Successful in 1m41s
Build all the nodes / compute01 (push) Successful in 3m13s
Build all the nodes / web01 (push) Successful in 2m50s
Build all the nodes / web03 (push) Successful in 1m50s
156 lines
4 KiB
Nix
156 lines
4 KiB
Nix
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
inherit (lib) listToAttrs nameValuePair;
|
|
in
|
|
|
|
{
|
|
services.django-apps.sites.gestiocof = {
|
|
source = "https://git.dgnum.eu/DGNum/gestioCOF";
|
|
branch = "cof-prod";
|
|
domain = "cof.ens.fr";
|
|
|
|
nginx = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
locations =
|
|
{
|
|
"/ws/" = {
|
|
proxyPass = "http://unix:/run/django-apps/gestiocof/socket";
|
|
proxyWebsockets = true;
|
|
};
|
|
}
|
|
// (listToAttrs (
|
|
builtins.map (folder: nameValuePair "~ ^/${folder}/" { root = "/users/guests/cof/www/"; }) [
|
|
"arcanoid"
|
|
"cirque"
|
|
"pompom"
|
|
"trouveres"
|
|
]
|
|
));
|
|
|
|
extraConfig = ''
|
|
rewrite ^/$ /news;
|
|
'';
|
|
};
|
|
|
|
webHookSecret = config.age.secrets."webhook-gestiocof_token".path;
|
|
|
|
overlays = {
|
|
kat-pkgs = [
|
|
"django-djconfig"
|
|
"django-hCaptcha"
|
|
"wagtail-modeltranslation"
|
|
"wagtailmenus"
|
|
"django-cogwheels"
|
|
];
|
|
|
|
nix-pkgs = [
|
|
# Required packages
|
|
"authens"
|
|
"django-bootstrap-form"
|
|
"django-cas-ng"
|
|
"loadcredential"
|
|
|
|
# Dependencies
|
|
"python-cas"
|
|
];
|
|
};
|
|
|
|
dependencies = ps: [
|
|
ps.authens
|
|
ps.channels
|
|
ps.channels-redis
|
|
ps.configparser
|
|
ps.django
|
|
ps.django-autocomplete-light
|
|
ps.django-bootstrap-form
|
|
ps.django-cas-ng
|
|
ps.django-cors-headers
|
|
ps.django-djconfig
|
|
ps.django-hCaptcha
|
|
ps.django-js-reverse
|
|
ps.django-widget-tweaks
|
|
ps.icalendar
|
|
ps.loadcredential
|
|
ps.pillow
|
|
ps.python-dateutil
|
|
ps.redis
|
|
ps.statistics
|
|
ps.wagtail
|
|
ps.wagtail-modeltranslation
|
|
ps.wagtailmenus
|
|
];
|
|
|
|
application = {
|
|
module = "gestioasso";
|
|
type = "daphne";
|
|
settingsModule = "gestioasso.settings_cof";
|
|
};
|
|
|
|
credentials = {
|
|
SECRET_KEY = config.age.secrets."dj_gestiocof-secret_key_file".path;
|
|
HCAPTCHA_SECRET = config.age.secrets."dj_gestiocof-hcaptcha_secret_file".path;
|
|
HCAPTCHA_SITEKEY = config.age.secrets."dj_gestiocof-hcaptcha_sitekey_file".path;
|
|
KFETOPEN_TOKEN = config.age.secrets."dj_gestiocof-kfetopen_token_file".path;
|
|
SYMPA_PASSWORD = config.age.secrets."dj_gestiocof-sympa_password_file".path;
|
|
SYMPA_USERNAME = config.age.secrets."dj_gestiocof-sympa_username_file".path;
|
|
EMAIL_HOST = config.age.secrets."dj_gestiocof-email_host_file".path;
|
|
};
|
|
|
|
environment = {
|
|
GESTIOCOF_CHANNEL_LAYERS.default = {
|
|
BACKEND = "shared.channels.ChannelLayer";
|
|
CONFIG.hosts = [ "unix://${config.services.redis.servers.gestiocof.unixSocket}" ];
|
|
};
|
|
GESTIOCOF_CACHES.default = {
|
|
BACKEND = "django.core.cache.backends.redis.RedisCache";
|
|
LOCATION = "unix://${config.services.redis.servers.gestiocof.unixSocket}";
|
|
};
|
|
GESTIOCOF_CORS_ALLOWED_ORIGINS = [
|
|
"https://${config.services.django-apps.sites.gestiocof.domain}"
|
|
];
|
|
GESTIOCOF_SERVER_EMAIL = "gestion@cof.ens.fr";
|
|
};
|
|
|
|
extraServices.worker = {
|
|
script = "python3 manage.py runworker default";
|
|
|
|
serviceConfig = {
|
|
WorkingDirectory = "/var/lib/django-apps/gestiocof/source";
|
|
SupplementaryGroups = [ "redis-gestiocof" ];
|
|
};
|
|
};
|
|
timers = {
|
|
rappel-negatifs = {
|
|
script = ''
|
|
python3 manage.py sendrappelsnegatifs
|
|
'';
|
|
startAt = "*-*-* 1,13:17:19";
|
|
};
|
|
rappel-bda = {
|
|
script = ''
|
|
python3 manage.py sendrappels
|
|
'';
|
|
startAt = "*-*-* 2,14:17:19";
|
|
};
|
|
manage-reventes = {
|
|
script = ''
|
|
python3 manage.py manage_reventes
|
|
'';
|
|
startAt = "*-*-* *:01..56/5:29";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.redis.servers.gestiocof = {
|
|
enable = true;
|
|
};
|
|
|
|
systemd.services.dj-gestiocof.serviceConfig.SupplementaryGroups = [ "redis-gestiocof" ];
|
|
}
|