infrastructure/machines/nixos/compute01/ds-fr/default.nix

# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2

{
  config,
  pkgs,
  sources,
  ...
}:

let
  host = "demarches.dgnum.eu";
  port = 3000;

  dgn-id = "8dfdc60d1aa66e7206461ed7a49199f624a66b4e";
  patch = pkgs.fetchurl {
    url = "https://git.dgnum.eu/DGNum/demarches-normaliennes/commit/${dgn-id}.patch";
    hash = "sha256-6JdbUf2fc79E5F1wtYFnP1JLGJffhGbjaxysRFr8xN4=";
  };
in
{
  imports = [ ./module.nix ];

  dgn-web.internalPorts.ds-fr = port;

  services.demarches-simplifiees = {
    enable = true;

    package = (import sources.nix-pkgs { inherit pkgs; }).demarches-simplifiees.overrideAttrs (old: {
      dsModules = old.dsModules.overrideAttrs {
        prePatch = ''
          ${pkgs.lib.getExe pkgs.git} apply -p1 < ${patch}
        '';
      };

      patches = (old.patches or [ ]) ++ [ ./01-smtp-tls.patch ];

      prePatch = ''
        ${pkgs.lib.getExe pkgs.git} apply -p1 < ${patch}
      '';

      postPatch = ''
        rm -f lib/tasks/deployment/20240830192553_backfill_hide_instructeurs_email.rake
        rm -f lib/tasks/deployment/20240912151317_clean_virtual_column_from_procedure_presentation.rake
        rm -f lib/tasks/deployment/20240920130741_migrate_procedure_presentation_to_columns.rake
      '';
    });

    inherit host port;

    environmentFile = config.age.secrets."ds-fr-secret_file".path;

    initialDeploymentDate = "20230923";

    environment = {
      # Disable France Connect and Agent Connect
      FRANCE_CONNECT_ENABLED = "disabled";
      AGENT_CONNECT_ENABLED = "disabled";

      # S3 storage setup
      ACTIVE_STORAGE_SERVICE = "local";

      # SAML_IDP_ENABLED = "enabled";

      # Optional settings
      APPLICATION_NAME = ''"Démarches normaliennes"'';
      APPLICATION_SHORTNAME = "d-s.dgnum.eu";
      APPLICATION_BASE_URL = "https://${host}";

      # SMTP setup, TODO: Fix and stop using sendmail
      CLASSIC_SMTP_ENABLED = "enabled";
      SMTP_HOST = "kurisu.lahfa.xyz";
      SMTP_PORT = "465";
      SMTP_USER = "web-services@infra.dgnum.eu";
      SMTP_STARTTLS = "";
      SMTP_TLS = "true";
      SMTP_AUTHENTICATION = "plain";

      SUPER_ADMIN_OTP_ENABLED = "disabled";

      CONTACT_EMAIL = "demarches@infra.dgnum.eu";
      EQUIPE_EMAIL = "equipe@infra.dgnum.eu";
      TECH_EMAIL = "tech@infra.dgnum.eu";
      NO_REPLY_EMAIL = ''"Ne pas répondre <demarches@infra.dgnum.eu>"'';
      OLD_CONTACT_EMAIL = "";
      CONTACT_PHONE = "";

      STATUS_URL = "https://status.dgnum.eu/demarches-normaliennes";

      DEMANDE_INSCRIPTION_ADMIN_PAGE_URL = "https://demarches.dgnum.eu/commencer/demande-d-inscription-demarches-normaliennes";
      DOC_URL = "https://docs.dgnum.eu/s/demarches-normaliennes";

      ADMINS_GROUP_ENABLED = "enabled";

      RUBY_YJIT_ENABLE = "1";

      STRICT_EMAIL_VALIDATION_STARTS_ON = "2024-12-18";
    };
  };

  # dgn-backups.jobs.ds-fr.settings.paths = [ "/var/lib/private/demarches-simplifiees/" ];
  dgn-backups.postgresDatabases = [ "ds-fr" ];
}