]>
Commit | Line | Data |
---|---|---|
2ff9258e IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | secrets = config.myEnv.websites.chloe.new; | |
4 | cfg = config.myServices.websites.chloe.new; | |
5 | ftpRoot = "/var/lib/chloe_new"; | |
a8001be4 | 6 | webRoot = "${ftpRoot}/wordpress"; |
2ff9258e IB |
7 | in { |
8 | options.myServices.websites.chloe.new.enable = lib.mkEnableOption "enable Chloe's new website in integration"; | |
9 | ||
10 | config = lib.mkIf cfg.enable { | |
11 | services.phpfpm.pools.chloe_new_integration = { | |
12 | user = config.services.httpd.Inte.user; | |
13 | group = config.services.httpd.Inte.group; | |
14 | settings = { | |
15 | "listen.owner" = config.services.httpd.Inte.user; | |
16 | "listen.group" = config.services.httpd.Inte.group; | |
17 | "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [ | |
a8001be4 | 18 | webRoot |
2ff9258e IB |
19 | "/tmp" |
20 | ]; | |
bbea22c0 IB |
21 | "php_admin_value[session.save_handler]" = "redis"; |
22 | "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Chloe:NewIntegration:'"; | |
2ff9258e IB |
23 | "php_admin_value[upload_max_filesize]" = "20M"; |
24 | "php_admin_value[post_max_size]" = "20M"; | |
25 | #"php_admin_flag[log_errors]" = "on"; | |
26 | "pm" = "ondemand"; | |
27 | "pm.max_children" = "5"; | |
28 | "pm.process_idle_timeout" = "60"; | |
29 | }; | |
bbea22c0 | 30 | phpPackage = pkgs.php74.withExtensions({ enabled, all }: enabled ++ [all.redis]); |
2ff9258e IB |
31 | }; |
32 | ||
33 | system.activationScripts.chloe_new_integration = { | |
34 | deps = ["users"]; | |
35 | text = '' | |
bbea22c0 | 36 | install -m 0700 -o ${config.services.httpd.Inte.user} -g ${config.services.httpd.Inte.group} -d ${ftpRoot} |
2ff9258e IB |
37 | ''; |
38 | }; | |
39 | ||
2ff9258e IB |
40 | services.websites.env.integration.vhostConfs.chloe_new_integration = { |
41 | certName = "integration"; | |
42 | addToCerts = true; | |
43 | hosts = [ "new.chc.immae.dev" ]; | |
44 | root = webRoot; | |
a8001be4 | 45 | extraConfig = [ |
2ff9258e IB |
46 | '' |
47 | <FilesMatch "\.php$"> | |
48 | SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_new_integration.socket}|fcgi://localhost" | |
49 | </FilesMatch> | |
50 | ||
51 | <Location /> | |
52 | Use LDAPConnect | |
53 | Require ldap-group cn=chc.immae.dev,cn=httpd,ou=services,dc=immae,dc=eu | |
54 | </Location> | |
55 | ||
a8001be4 IB |
56 | <Location /xmlrpc.php> |
57 | AllowOverride None | |
58 | Require all denied | |
59 | </Location> | |
2ff9258e | 60 | <Directory ${webRoot}> |
a8001be4 | 61 | DirectoryIndex index.php index.htm index.html |
2ff9258e | 62 | Options Indexes FollowSymLinks MultiViews Includes |
a8001be4 | 63 | AllowOverride all |
2ff9258e | 64 | Require all granted |
2ff9258e | 65 | </Directory> |
a8001be4 | 66 | '' |
2ff9258e IB |
67 | ]; |
68 | }; | |
69 | }; | |
70 | } |