fruitbasket/modules/course-management/default.nix

75 lines
2.2 KiB
Nix
Raw Normal View History

{ pkgs, config, lib, ... }:
2023-06-08 13:34:45 +02:00
let
hostName = "kurse.${config.networking.domain}";
2023-06-08 13:34:45 +02:00
in
{
sops.secrets =
let inherit (config.services.course-management) user;
2023-07-19 15:46:49 +02:00
in
{
2023-06-08 13:34:45 +02:00
"course-management/secret-key".owner = user;
"course-management/adminpass".owner = user;
};
2023-08-21 12:10:44 +02:00
systemd.services.course-management.after = [ "postgresql.service" ];
2023-06-08 13:34:45 +02:00
services.course-management = {
inherit hostName;
enable = true;
package = (pkgs.course-management.overrideAttrs (_: {
patches = [
./0001-show-participants-again.patch
];
}));
2023-06-08 13:34:45 +02:00
settings = {
secretKeyFile = config.sops.secrets."course-management/secret-key".path;
adminPassFile = config.sops.secrets."course-management/adminpass".path;
admins = [{
name = "Root iFSR";
email = "root@${config.networking.domain}";
2023-06-08 13:34:45 +02:00
}];
database = {
ENGINE = "django.db.backends.postgresql";
NAME = "course-management";
};
email = lib.mkDefault {
fromEmail = "noreply@${config.networking.domain}";
serverEmail = "root@${config.networking.domain}";
2023-06-08 13:34:45 +02:00
};
};
};
services.postgresql = {
2023-07-19 15:46:49 +02:00
enable = lib.mkForce true; # upstream bacula config wants to disable it, so we need to force
2023-06-08 13:34:45 +02:00
ensureUsers = [{
name = "course-management";
ensurePermissions = {
"DATABASE \"course-management\"" = "ALL PRIVILEGES";
};
}];
ensureDatabases = [ "course-management" ];
};
services.nginx.virtualHosts.${hostName} = {
enableACME = true;
forceSSL = true;
2023-09-28 13:34:58 +02:00
# phil redirects
locations =
let
philDomain = "https://kurse-phil.ifsr.de";
courses = [ "238" "239" "240" "241" "242" "243" ];
subjects = [
"ESE 2023 PHIL Campustour"
"ESE 2023 PHIL Bowlingabend"
"ESE 2023 PHIL Filmabend"
"ESE 2023 PHIL Wandern"
"ESE 2023 PHIL Spieleabend Pen and Paper"
];
in
{
"~ \"^/course/(${builtins.concatStringsSep "|" courses})/\"".return = "301 ${philDomain}/course/$1";
"~ \"^/subject/(${builtins.concatStringsSep "|" subjects})/\"".return = "301 ${philDomain}/subject/$1";
};
2023-06-08 13:34:45 +02:00
};
}