92 lines
2.2 KiB
Nix
92 lines
2.2 KiB
Nix
|
{
|
||
|
pkgs,
|
||
|
lib,
|
||
|
config,
|
||
|
...
|
||
|
}:
|
||
|
let
|
||
|
src = pkgs.fetchgit {
|
||
|
url = "https://git.rz.ens.wtf/HackENS/gestiojeux.git";
|
||
|
rev = "HEAD";
|
||
|
hash = "sha256-ly786xct9U4hdsHr7NLl23smnOfE891au9/GXqxpFb4=";
|
||
|
};
|
||
|
in
|
||
|
{
|
||
|
imports =
|
||
|
[
|
||
|
];
|
||
|
systemd.services.django-gestiohackens.serviceConfig = {
|
||
|
DynamicUser = lib.mkForce false;
|
||
|
User = "django-gestiohackens";
|
||
|
SupplementaryGroups = [ "nginx" ];
|
||
|
};
|
||
|
users.users.django-gestiohackens = {
|
||
|
group = "django-gestiohackens";
|
||
|
isSystemUser = true;
|
||
|
};
|
||
|
users.groups.django-gestiohackens = { };
|
||
|
services.nginx = {
|
||
|
enable = true;
|
||
|
recommendedProxySettings = true;
|
||
|
virtualHosts."inventaire.hackens.org" = {
|
||
|
enableACME = true;
|
||
|
forceSSL = true;
|
||
|
locations = {
|
||
|
"/" = {
|
||
|
proxyPass = "http://localhost:51667";
|
||
|
};
|
||
|
"/media/".alias = "/var/lib/django-gestiohackens/media/";
|
||
|
"/static".root = config.services.django.gestiohackens.staticAssets;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
services.django.gestiohackens = {
|
||
|
inherit src;
|
||
|
enable = true;
|
||
|
mainModule = "gestiojeux";
|
||
|
port = 51667;
|
||
|
settings = {
|
||
|
DEBUG = false;
|
||
|
CSRF_COOKIE_SECURE = true;
|
||
|
AUTHENS_ALLOW_STAFF = true;
|
||
|
SESSION_COOKIE_SECURE = true;
|
||
|
MEDIA_URL = "media/";
|
||
|
ALLOWED_HOSTS = [ "inventaire.hackens.org" ];
|
||
|
DATABASES = {
|
||
|
"default" = {
|
||
|
"ENGINE" = "django.db.backends.sqlite3";
|
||
|
"NAME" = "/var/lib/django-gestiohackens/db.sqlite3";
|
||
|
};
|
||
|
};
|
||
|
HAYSTACK_CONNECTIONS = {
|
||
|
"default" = {
|
||
|
"ENGINE" = "haystack.backends.whoosh_backend.WhooshEngine";
|
||
|
"PATH" = "/var/lib/django-gestiohackens/whoosh_index";
|
||
|
};
|
||
|
};
|
||
|
MEDIA_ROOT = "/var/lib/django-gestiohackens/media";
|
||
|
};
|
||
|
extraPackages = ps: [
|
||
|
ps.django-autoslug
|
||
|
ps.loadcredential
|
||
|
ps.django-cleanup
|
||
|
ps.django-haystack
|
||
|
ps.django-markdownx
|
||
|
ps.django-tables2
|
||
|
ps.pillow
|
||
|
ps.whoosh
|
||
|
ps.markdown-icons
|
||
|
ps.authens
|
||
|
|
||
|
ps.qrcode
|
||
|
ps.pillow
|
||
|
|
||
|
# Django haystack is drunk
|
||
|
ps.setuptools
|
||
|
];
|
||
|
secrets = {
|
||
|
SECRET_KEY = config.age.secrets.django-gestiohackens.path;
|
||
|
};
|
||
|
};
|
||
|
}
|