infrastructure/machines/nixos/web03/django-apps/gestiocof.nix

# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2

{
  pkgs,
  sources,
  config,
  ...
}:

let
  inherit (import "${sources.nix-pkgs}/overlay.nix") mkOverlay;
in

{
  services.django-apps.sites.gestiocof = {
    source = "https://git.dgnum.eu/DGNum/gestioCOF";
    branch = "django-apps";
    domain = "gestiocof.webapps.dgnum.eu";

    nginx = {
      enableACME = true;
      forceSSL = true;
    };

    webHookSecret = config.age.secrets."webhook-gestiocof_token".path;

    python = pkgs.python3.override {
      packageOverrides =
        self: super:
        (
          (mkOverlay {
            folder = "python-modules";
            plist = [
              # Required packages
              "authens"
              "django-bootstrap-form"
              "django-cas-ng"
              "loadcredential"

              # Dependencies
              "python-cas"
            ];
          })
          self
          super
        )
        // (super.lib.genAttrs [
          "django-djconfig"
          "django-hCaptcha"
          "wagtail-modeltranslation"
          "wagtailmenus"
          "django-cogwheels"
        ] (name: self.callPackage "${sources.kat-pkgs}/python-pkgs/${name}.nix" { }));
    };

    dependencies = ps: [
      ps.authens
      ps.channels
      ps.configparser
      ps.django
      ps.django-autocomplete-light
      ps.django-bootstrap-form
      ps.django-cas-ng
      ps.django-cors-headers
      ps.django-djconfig
      ps.django-hCaptcha
      ps.django-js-reverse
      ps.django-widget-tweaks
      ps.icalendar
      ps.loadcredential
      ps.pillow
      ps.python-dateutil
      ps.statistics
      ps.wagtail
      ps.wagtail-modeltranslation
      ps.wagtailmenus
    ];

    application = {
      module = "gestioasso";
      settingsModule = "gestioasso.settings_cof";
    };

    credentials = {
      SECRET_KEY = config.age.secrets."dj_gestiocof-secret_key_file".path;
      HCAPTCHA_SECRET = config.age.secrets."dj_gestiocof-hcaptcha_secret_file".path;
      HCAPTCHA_SITEKEY = config.age.secrets."dj_gestiocof-hcaptcha_sitekey_file".path;
      KFETOPEN_TOKEN = config.age.secrets."dj_gestiocof-kfetopen_token_file".path;
    };
  };
}