forked from DGNum/infrastructure
53 lines
1.1 KiB
Nix
53 lines
1.1 KiB
Nix
|
{ pkgs, sources, ... }:
|
||
|
|
||
|
let
|
||
|
nix-pkgs = import sources.nix-pkgs { inherit pkgs; };
|
||
|
in
|
||
|
|
||
|
{
|
||
|
services.django-apps.sites.annuaire = {
|
||
|
source = "https://git.dgnum.eu/DGNum/annuaire-eleves";
|
||
|
branch = "main";
|
||
|
domain = "annuaire-ens.webapps.dgnum.eu";
|
||
|
|
||
|
nginx = {
|
||
|
enableACME = true;
|
||
|
forceSSL = true;
|
||
|
};
|
||
|
|
||
|
webHookSecret = builtins.toFile "insecure-secret" "T5hNeDraMivRZLUkrekv&QeM";
|
||
|
|
||
|
python = pkgs.python3.override {
|
||
|
packageOverrides = _: _: { inherit (nix-pkgs) authens loadcredential; };
|
||
|
};
|
||
|
|
||
|
dependencies = ps: [
|
||
|
ps.django
|
||
|
ps.pillow
|
||
|
ps.loadcredential
|
||
|
ps.authens
|
||
|
ps.python-dateutil
|
||
|
];
|
||
|
|
||
|
credentials = {
|
||
|
SECRET_KEY = builtins.toFile "insecure-key" "insecure-key";
|
||
|
};
|
||
|
|
||
|
environment = {
|
||
|
ANNUAIRE_ALLOWED_HOSTS = [ "annuaire-ens.webapps.dgnum.eu" ];
|
||
|
ANNUAIRE_LDAP = {
|
||
|
SPI = {
|
||
|
PROTOCOL = "ldaps";
|
||
|
URL = "ldap.spi.ens.fr";
|
||
|
PORT = 636;
|
||
|
};
|
||
|
CRI = {
|
||
|
PROTOCOL = "ldaps";
|
||
|
URL = "annuaire.ens.fr";
|
||
|
PORT = 636;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|