]>
Commit | Line | Data |
---|---|---|
2ff9258e IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | secrets = config.myEnv.websites.chloe.new; | |
4 | cfg = config.myServices.websites.chloe.new; | |
5 | ftpRoot = "/var/lib/chloe_new"; | |
a8001be4 | 6 | webRoot = "${ftpRoot}/wordpress"; |
2ff9258e | 7 | sessionDir = "${ftpRoot}/sessions"; |
2ff9258e IB |
8 | in { |
9 | options.myServices.websites.chloe.new.enable = lib.mkEnableOption "enable Chloe's new website in integration"; | |
10 | ||
11 | config = lib.mkIf cfg.enable { | |
12 | services.phpfpm.pools.chloe_new_integration = { | |
13 | user = config.services.httpd.Inte.user; | |
14 | group = config.services.httpd.Inte.group; | |
15 | settings = { | |
16 | "listen.owner" = config.services.httpd.Inte.user; | |
17 | "listen.group" = config.services.httpd.Inte.group; | |
18 | "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [ | |
a8001be4 IB |
19 | webRoot |
20 | sessionDir | |
2ff9258e IB |
21 | "/tmp" |
22 | ]; | |
23 | "php_admin_value[session.save_path]" = sessionDir; | |
24 | "php_admin_value[upload_max_filesize]" = "20M"; | |
25 | "php_admin_value[post_max_size]" = "20M"; | |
26 | #"php_admin_flag[log_errors]" = "on"; | |
27 | "pm" = "ondemand"; | |
28 | "pm.max_children" = "5"; | |
29 | "pm.process_idle_timeout" = "60"; | |
30 | }; | |
a8001be4 | 31 | phpPackage = pkgs.php74; |
2ff9258e IB |
32 | }; |
33 | ||
34 | system.activationScripts.chloe_new_integration = { | |
35 | deps = ["users"]; | |
36 | text = '' | |
37 | install -m 0700 -o ${config.services.httpd.Inte.user} -g ${config.services.httpd.Inte.group} -d ${ftpRoot} ${sessionDir} | |
38 | ''; | |
39 | }; | |
40 | ||
2ff9258e IB |
41 | services.websites.env.integration.vhostConfs.chloe_new_integration = { |
42 | certName = "integration"; | |
43 | addToCerts = true; | |
44 | hosts = [ "new.chc.immae.dev" ]; | |
45 | root = webRoot; | |
a8001be4 | 46 | extraConfig = [ |
2ff9258e IB |
47 | '' |
48 | <FilesMatch "\.php$"> | |
49 | SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_new_integration.socket}|fcgi://localhost" | |
50 | </FilesMatch> | |
51 | ||
52 | <Location /> | |
53 | Use LDAPConnect | |
54 | Require ldap-group cn=chc.immae.dev,cn=httpd,ou=services,dc=immae,dc=eu | |
55 | </Location> | |
56 | ||
a8001be4 IB |
57 | <Location /xmlrpc.php> |
58 | AllowOverride None | |
59 | Require all denied | |
60 | </Location> | |
2ff9258e | 61 | <Directory ${webRoot}> |
a8001be4 | 62 | DirectoryIndex index.php index.htm index.html |
2ff9258e | 63 | Options Indexes FollowSymLinks MultiViews Includes |
a8001be4 | 64 | AllowOverride all |
2ff9258e | 65 | Require all granted |
2ff9258e | 66 | </Directory> |
a8001be4 | 67 | '' |
2ff9258e IB |
68 | ]; |
69 | }; | |
70 | }; | |
71 | } |