summaryrefslogtreecommitdiffstats
path: root/lass/2configs/websites/domsen.nix
blob: f31fccd514e32bc4c8773433df12f8b0eb05686a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
{ config, pkgs, lib, ... }:

let
  inherit (config.krebs.lib)
    genid
    readFile
    ;
  inherit (import ../../4lib { inherit lib pkgs; })
    manageCert
    manageCerts
    activateACME
    ssl
    servePage
    serveOwncloud
    serveWordpress;

  msmtprc = pkgs.writeText "msmtprc" ''
    account prism
      host localhost
    account default: prism
  '';

  sendmail = pkgs.writeDash "msmtp" ''
    exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
  '';

in {
  imports = [
    ( ssl [ "reich-gebaeudereinigung.de" ])
    ( servePage [ "reich-gebaeudereinigung.de" ])

    ( manageCerts [ "karlaskop.de" ])
    ( servePage [ "karlaskop.de" ])

    ( ssl [ "makeup.apanowicz.de" ])
    ( servePage [ "makeup.apanowicz.de" ])

    ( manageCerts [ "pixelpocket.de" ])
    ( servePage [ "pixelpocket.de" ])

    ( ssl [ "o.ubikmedia.de" ])
    ( serveOwncloud [ "o.ubikmedia.de" ])

    ( ssl [ "ubikmedia.de" "aldona.ubikmedia.de" "apanowicz.de" "nirwanabluete.de" "aldonasiech.com" "360gradvideo.tv" "ubikmedia.eu" ] )
    ( serveWordpress [ "ubikmedia.de" "*.ubikmedia.de" "apanowicz.de" "nirwanabluete.de" "aldonasiech.com" "360gradvideo.tv" "ubikmedia.eu" ] )
  ];

  services.mysql = {
    enable = true;
    package = pkgs.mariadb;
    rootPassword = toString (<secrets/mysql_rootPassword>);
  };

  lass.mysqlBackup = {
    enable = true;
    config.domsen = {
      password = toString (<secrets/mysql_rootPassword>);
      databases = [
        "ubikmedia_de"
        "o_ubikmedia_de"
      ];
    };
  };
  services.mysqlBackup = {
    enable = true;
    databases = [
      "ubikmedia_de"
      "o_ubikmedia_de"
    ];
    location = "/bku/sql_dumps";
  };

  users.users.domsen = {
    uid = genid "domsen";
    description = "maintenance acc for domsen";
    home = "/home/domsen";
    useDefaultShell = true;
    extraGroups = [ "nginx" ];
    createHome = true;
  };

  services.phpfpm.phpOptions = ''
    extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
    sendmail_path = ${sendmail} -t
  '';
}