]>
Commit | Line | Data |
---|---|---|
5a412244 IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | cfg = config.myServices.websites.christophe_carpentier.agorakit; | |
4 | env = config.myEnv.websites.christophe_carpentier.agorakit; | |
5 | varDir = "/var/lib/christophe_carpentier_agorakit"; | |
6 | secretsPath = config.secrets.fullPaths."websites/christophe_carpentier/env"; | |
7 | app = pkgs.callPackage ./agorakit { inherit varDir secretsPath; }; | |
8 | apacheUser = config.services.httpd.Prod.user; | |
9 | apacheGroup = config.services.httpd.Prod.group; | |
10 | in { | |
11 | options.myServices.websites.christophe_carpentier.agorakit.enable = lib.mkEnableOption "enable Christophe Carpentier's Agorakit"; | |
12 | ||
13 | config = lib.mkIf cfg.enable { | |
14 | secrets.keys."websites/christophe_carpentier/env" = { | |
15 | user = config.services.httpd.Prod.user; | |
16 | group = config.services.httpd.Prod.group; | |
17 | permissions = "0400"; | |
18 | text = '' | |
19 | APP_ENV=production | |
20 | APP_DEBUG=false | |
21 | APP_KEY=${env.appkey} | |
22 | APP_NAME='Agorakit' | |
23 | APP_URL=https://agorakit.artisansdunous.fr | |
24 | APP_LOG=daily | |
25 | APP_DEFAULT_LOCALE=fr | |
26 | ||
27 | DB_HOST=${env.mysql.host} | |
28 | DB_DATABASE=${env.mysql.database} | |
29 | DB_USERNAME=${env.mysql.user} | |
30 | DB_PASSWORD=${env.mysql.password} | |
31 | ||
32 | CACHE_DRIVER=file | |
33 | SESSION_DRIVER=file | |
34 | QUEUE_DRIVER=sync | |
35 | ||
36 | MAIL_DRIVER=smtp | |
37 | MAIL_HOST=${env.smtp.host} | |
38 | MAIL_PORT=${env.smtp.port} | |
39 | MAIL_USERNAME=${env.smtp.email} | |
40 | MAIL_PASSWORD=${env.smtp.password} | |
41 | MAIL_ENCRYPTION=tls | |
42 | ||
43 | MAIL_FROM=${env.smtp.email} | |
44 | MAIL_FROM_NAME=Agorakit | |
45 | MAIL_NOREPLY=${env.smtp.email} | |
46 | ||
47 | # OVH doesn't allow it | |
48 | INBOX_DRIVER=null | |
49 | #INBOX_HOST=${env.smtp.host} | |
50 | INBOX_USERNAME=${env.smtp.email} | |
51 | INBOX_PASSWORD=${env.smtp.password} | |
52 | INBOX_PREFIX=${builtins.elemAt (builtins.split "@" env.smtp.email) 0}+ | |
53 | INBOX_SUFFIX=@${builtins.elemAt (builtins.split "@" env.smtp.email) 2} | |
54 | ||
55 | TWITTER_ID=null | |
56 | TWITTER_SECRET=null | |
57 | TWITTER_URL=null | |
58 | ||
59 | FACEBOOK_ID=null | |
60 | FACEBOOK_SECRET=null | |
61 | FACEBOOK_URL=null | |
62 | ||
63 | GOOGLE_ID=null | |
64 | GOOGLE_SECRET=null | |
65 | GOOGLE_URL=null | |
66 | ||
67 | GITHUB_ID=null | |
68 | GITHUB_SECRET=null | |
69 | GITHUB_URL=null | |
70 | ||
71 | MAX_FILE_SIZE=100000 | |
72 | ''; | |
73 | }; | |
74 | ||
75 | systemd.services.phpfpm-christophe_carpentier_agorakit.preStart = '' | |
76 | if [ ! -e ${varDir}/.filled ]; then | |
77 | cp -r ${app}/oldvars/* ${varDir} | |
78 | chmod -R u+w ${varDir} | |
79 | chown -R ${config.services.httpd.Prod.user}:${config.services.httpd.Prod.group} ${varDir} | |
80 | touch ${varDir}/.filled | |
81 | fi | |
82 | ''; | |
83 | services.phpApplication.apps.christophe_carpentier_agorakit = { | |
84 | websiteEnv = "production"; | |
85 | httpdUser = config.services.httpd.Prod.user; | |
86 | httpdGroup = config.services.httpd.Prod.group; | |
87 | inherit (app) webRoot varDir; | |
88 | inherit app; | |
89 | serviceDeps = [ "mysql.service" ]; | |
90 | phpOpenbasedir = [ "/tmp" secretsPath ]; | |
91 | phpPool = { | |
92 | "php_admin_value[upload_max_filesize]" = "100M"; | |
93 | "php_admin_value[post_max_size]" = "100M"; | |
94 | "pm" = "dynamic"; | |
95 | "pm.max_children" = "20"; | |
96 | "pm.start_servers" = "2"; | |
97 | "pm.min_spare_servers" = "1"; | |
98 | "pm.max_spare_servers" = "3"; | |
99 | }; | |
100 | ||
101 | }; | |
102 | ||
103 | services.cron = { | |
104 | systemCronJobs = [ | |
105 | '' | |
106 | */5 * * * * ${apacheUser} cd ${app} && ${pkgs.php74}/bin/php artisan schedule:run >/dev/null 2>/dev/null | |
107 | '' | |
108 | ]; | |
109 | }; | |
110 | ||
111 | services.websites.env.production.vhostConfs.christophe_agorakit = { | |
112 | certName = "christophe_carpentier"; | |
113 | certMainHost = "agorakit.artisansdunous.fr"; | |
114 | hosts = [ "agorakit.artisansdunous.fr" ]; | |
115 | root = "${app}/public"; | |
116 | extraConfig = [ | |
117 | '' | |
118 | <FilesMatch "\.php$"> | |
119 | SetHandler "proxy:unix:${config.services.phpfpm.pools.christophe_carpentier_agorakit.socket}|fcgi://localhost" | |
120 | </FilesMatch> | |
121 | ||
122 | <Directory ${app}/public> | |
123 | DirectoryIndex index.php index.htm index.html | |
124 | Options Indexes FollowSymLinks MultiViews Includes | |
125 | AllowOverride All | |
126 | Require all granted | |
127 | </Directory> | |
128 | '' | |
129 | ]; | |
130 | }; | |
131 | }; | |
132 | } | |
133 |