]>
Commit | Line | Data |
---|---|---|
c0c7c8b5 IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | cfg = config.myServices.websites.emilia.atelierfringant; | |
4 | varDir = "/var/lib/ftp/emilia/atelierfringant"; | |
5 | apacheUser = config.services.httpd.Prod.user; | |
6 | apacheGroup = config.services.httpd.Prod.group; | |
7 | in { | |
8 | options.myServices.websites.emilia.atelierfringant.enable = lib.mkEnableOption "enable Émilia's website"; | |
9 | ||
10 | config = lib.mkIf cfg.enable { | |
11 | system.activationScripts.emilia_atelierfringant = { | |
12 | deps = [ "httpd" ]; | |
13 | text = '' | |
14 | install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/ftp/emilia/atelierfringant | |
15 | install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/php/sessions/emilia | |
16 | ''; | |
17 | }; | |
18 | systemd.services.phpfpm-emilia_atelierfringant.after = lib.mkAfter [ "mysql.service" ]; | |
19 | systemd.services.phpfpm-emilia_atelierfringant.wants = [ "mysql.service" ]; | |
20 | services.phpfpm.pools.emilia_atelierfringant = { | |
21 | user = apacheUser; | |
22 | group = apacheGroup; | |
23 | settings = { | |
24 | "listen.owner" = apacheUser; | |
25 | "listen.group" = apacheGroup; | |
26 | ||
27 | "pm" = "ondemand"; | |
28 | "pm.max_children" = "5"; | |
29 | "pm.process_idle_timeout" = "60"; | |
30 | ||
31 | "php_admin_value[open_basedir]" = "/var/lib/php/sessions/emilia:${varDir}:/tmp"; | |
32 | "php_admin_value[session.save_path]" = "/var/lib/php/sessions/emilia"; | |
33 | }; | |
34 | phpOptions = config.services.phpfpm.phpOptions + '' | |
35 | disable_functions = "mail" | |
36 | ''; | |
37 | phpPackage = pkgs.php72; | |
38 | }; | |
39 | services.websites.env.production.modules = [ "proxy_fcgi" ]; | |
40 | services.websites.env.production.vhostConfs.emilia_atelierfringant = { | |
41 | certName = "emilia"; | |
42 | certMainHost = "atelierfringant.org"; | |
43 | hosts = ["atelierfringant.org" "www.atelierfringant.org" ]; | |
44 | root = varDir; | |
45 | extraConfig = [ | |
46 | '' | |
47 | <FilesMatch "\.php$"> | |
48 | SetHandler "proxy:unix:${config.services.phpfpm.pools.emilia_atelierfringant.socket}|fcgi://localhost" | |
49 | </FilesMatch> | |
50 | ||
51 | <Location /xmlrpc.php> | |
52 | AllowOverride None | |
53 | Require all denied | |
54 | </Location> | |
55 | <Directory ${varDir}> | |
56 | DirectoryIndex index.php index.htm index.html | |
57 | Options Indexes FollowSymLinks MultiViews Includes | |
58 | AllowOverride all | |
59 | Require all granted | |
60 | </Directory> | |
61 | '' | |
62 | ]; | |
63 | }; | |
64 | }; | |
65 | } |