Sites statiques, my

hosts/hackens-org/configuration.nix

@@ -10,12 +10,17 @@
       ./hardware-configuration.nix
       ./physical.nix
       ../../profiles/core-hackens
+      ./hackens-my.nix
+      #Services
       ./wiki.nix
       ./webpass.nix
+      ./test-static.nix
       # ./bridge.nix
       # ./gha.nix
       # ./sync.nix
+      #Modules
       ./misc
+      ./modules
     ];
 
   networking.hostName = "hackens-org"; # Define your hostname.

hosts/hackens-org/hackens-my.nix

@@ -0,0 +1,10 @@
+# Inspire du club reseau
+{ ... }:
+{
+  imports = [ ./my.nix ];
+
+  my = {
+    email = "hackens@clipper.ens.fr";
+    acmeStaging = true;
+  };
+}

hosts/hackens-org/modules/acme-ssl.nix

@@ -0,0 +1,13 @@
+# Issue du club reseau
+{ config, ... }:
+let
+    my = config.my;
+in
+{
+  security.acme.acceptTerms = true;
+  security.acme.email = my.email;
+  security.acme.server =
+    if my.acmeStaging
+    then "https://acme-staging-v02.api.letsencrypt.org/directory"
+    else null;
+}

hosts/hackens-org/modules/default.nix

@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+  imports = [
+    ./my.nix
+    ./acme-ssl.nix
+    ./staticWebsite.nix
+    ./nginx.nix
+  ];
+}

hosts/hackens-org/modules/my.nix

@@ -0,0 +1,27 @@
+# Inspiré du club réseau
+{ config, lib, ... }:
+with lib;
+{
+  options.my = {
+    email = mkOption {
+      description = "Admin email";
+      type = str;
+      default = "";
+      example = "hackens@clipper.ens.fr";
+    };
+    acmeStaging = mkOption {
+      description = "Enable staging servers";
+      type = bool;
+      default = false;
+    };
+    subZone = mkOption {
+      description = "Sub zone for hosting the services";
+      type = str
+
+    debug = mkOption {
+      description = "Debug mode";
+      type = bool;
+      default = false;
+    }
+  };
+};

hosts/hackens-org/modules/static-website.nix

@@ -1,26 +0,0 @@
-{ lib, config }:
-
-with lib;
-let
-  cfg = config.services.static-website.config;
-  l = builtins.split cfg.name "/";
-  name = lists.last l;
-in
-{
-  services.static-website.config = lib.mkOption {
-    type = with types; attrsOf (submodule {
-      options.name = mkOption path;
-    });
-  };
-
-  config = {
-    services.nginx.enable = cfg.enable;
-    virtualHosts."${cfg.name}" = {
-      root = "/var/lib/nginx/static/${name}";
-    }
-  };
-}
-
-/* TODO
-ACME
-*/

hosts/hackens-org/modules/staticWebsite.nix

@@ -0,0 +1,39 @@
+{ lib, config }:
+with lib;
+let
+  eachSite = config.services.static-website;
+  website = { pkgs, config, name, ... }: {
+    options = {
+      root = mkOption {
+        type = types.path;
+        default = "/var/lib/nginx/static/${name}";
+        description = "Static files path for the website";
+      };
+      hostname = mkOption {
+        type = str;
+        default = name;
+        description = "Website hostname";
+      };
+    };
+  };
+  debug = config.my.debug;
+in
+{
+  services.staticWebsite = lib.mkOption {
+    type = types.attrsOf (types.submodule website;)
+    description = "Specification of one or more static-websites to serve";
+  };
+
+  config = (mkIf eachSite != {}) {
+    services.nginx.enable = cfg;
+    virtualHosts = mapAttrs ( hostName: conf: {
+      serverName = conf.path;
+      root = conf.root;
+      forceSSL = if debug then false else true;
+    }) eachSite;
+  };
+}
+
+/* TODO
+ACME
+*/

hosts/hackens-org/test-static.nix

@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+  services.staticWebsite.testStatic.hostname = "test.${my.subZone}";
+}