nix
/
lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

jabber: site & hostname should be distinct

This commit is contained in:
Peter Selby 2021-12-22 14:28:49 -08:00
parent ff83c3713b
commit cac1b7bd3e
1 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
lib/fudo/jabber.nix
View File

@ -14,6 +14,11 @@ let
default = true; default = true;
}; };
hostname = mkOption {
type = str;
description = "Hostname of this server.";
};
site-config = mkOption { site-config = mkOption {
type = attrs; type = attrs;
description = "Site-specific configuration."; description = "Site-specific configuration.";
@ -31,16 +36,16 @@ let
host-domains = config.fudo.acme.host-domains.${hostname}; host-domains = config.fudo.acme.host-domains.${hostname};
siteCerts = site: let hostCerts = host: let
cert-copy = host-domains.${site}.local-copies.ejabberd; cert-copy = host-domains.${host}.local-copies.ejabberd;
in [ in [
cert-copy.certificate cert-copy.certificate
cert-copy.private-key cert-copy.private-key
# cert-copy.full-certificate # cert-copy.full-certificate
]; ];
siteCertService = site: hostCertService = host:
host-domains.${site}.local-copies.ejabberd.service; host-domains.${host}.local-copies.ejabberd.service;
config-file-template = let config-file-template = let
jabber-config = { jabber-config = {
@ -60,7 +65,9 @@ let
cfg.admins; cfg.admins;
}; };
hosts = attrNames cfg.sites; hosts =
mapAttrsToList (_: siteOpts: siteOpts.hostname)
cfg.sites;
# By default, listen on all ips # By default, listen on all ips
listen = let listen = let
@ -79,7 +86,7 @@ let
certfiles = concatMapAttrsToList certfiles = concatMapAttrsToList
(site: siteOpts: (site: siteOpts:
if (siteOpts.enableACME) then if (siteOpts.enableACME) then
(siteCerts site) (siteCerts siteOpts.hostname)
else []) else [])
cfg.sites; cfg.sites;
@ -203,9 +210,9 @@ in {
fudo = let fudo = let
host-fqdn = config.instance.host-fqdn; host-fqdn = config.instance.host-fqdn;
in { in {
acme.host-domains.${hostname} = mapAttrs (site: siteCfg: acme.host-domains.${hostname} = mapAttrs (site: siteOpts:
mkIf siteCfg.enableACME { mkIf siteOpts.enableACME {
extra-domains = optional (site != host-fqdn) host-fqdn; extra-domains = optional (siteOpts.hostname != host-fqdn) host-fqdn;
local-copies.ejabberd = { local-copies.ejabberd = {
user = cfg.user; user = cfg.user;
group = cfg.group; group = cfg.group;
@ -248,7 +255,9 @@ in {
services = { services = {
ejabberd = { ejabberd = {
wants = map (site: siteCertService site) (attrNames cfg.sites); wants =
map (host: hostCertService host)
(mapAttrsToList (_: siteOpts: siteOpts.hostname) cfg.sites);
requires = [ "ejabberd-config-generator.service" ]; requires = [ "ejabberd-config-generator.service" ];
environment = cfg.environment; environment = cfg.environment;
}; };