forked from DGNum/infrastructure
Tom Hubrecht
88d9b8c3e3
Signed-off-by: Tom Hubrecht <tom.hubrecht@dgnum.eu> Acked-by: Ryan Lahfa <ryan.lahfa@dgnum.eu> Acked-by: Maurice Debray <maurice.debray@dgnum.eu> Acked-by: Lubin Bailly <lubin.bailly@dgnum.eu> Acked-by: Jean-Marc Gailis <jean-marc.gailis@dgnum.eu> as the legal authority, at the time of writing, in DGNum. Acked-by: Elias Coppens <elias.coppens@dgnum.eu> as a member, at the time of writing, of the DGNum executive counsel.
61 lines
1.2 KiB
Nix
61 lines
1.2 KiB
Nix
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{
|
|
pkgs,
|
|
sources,
|
|
config,
|
|
...
|
|
}:
|
|
|
|
let
|
|
nix-pkgs = import sources.nix-pkgs { inherit pkgs; };
|
|
in
|
|
|
|
{
|
|
services.django-apps.sites.annuaire = {
|
|
source = "https://git.dgnum.eu/DGNum/annuaire-eleves";
|
|
branch = "main";
|
|
domain = "annuaire-ens.webapps.dgnum.eu";
|
|
|
|
nginx = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
};
|
|
|
|
webHookSecret = config.age.secrets."webhook-annuaire_token".path;
|
|
|
|
python = pkgs.python3.override {
|
|
packageOverrides = _: _: { inherit (nix-pkgs) authens loadcredential; };
|
|
};
|
|
|
|
dependencies = ps: [
|
|
ps.django
|
|
ps.pillow
|
|
ps.loadcredential
|
|
ps.authens
|
|
ps.python-dateutil
|
|
];
|
|
|
|
credentials = {
|
|
SECRET_KEY = config.age.secrets."dj_annuaire-secret_key_file".path;
|
|
};
|
|
|
|
environment = {
|
|
ANNUAIRE_ALLOWED_HOSTS = [ "annuaire-ens.webapps.dgnum.eu" ];
|
|
ANNUAIRE_LDAP = {
|
|
SPI = {
|
|
PROTOCOL = "ldaps";
|
|
URL = "ldap.spi.ens.fr";
|
|
PORT = 636;
|
|
};
|
|
CRI = {
|
|
PROTOCOL = "ldaps";
|
|
URL = "annuaire.ens.fr";
|
|
PORT = 636;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|