]>
Commit | Line | Data |
---|---|---|
1 | { lib, pkgs, config, ... }: | |
2 | let | |
3 | cfg = config.myServices.websites.emilia.atelierfringant; | |
4 | varDir = "/var/lib/ftp/emilia/atelierfringant"; | |
5 | apacheUser = config.services.httpd.Prod.user; | |
6 | apacheGroup = config.services.httpd.Prod.group; | |
7 | in { | |
8 | options.myServices.websites.emilia.atelierfringant.enable = lib.mkEnableOption "enable Émilia's website"; | |
9 | ||
10 | config = lib.mkIf cfg.enable { | |
11 | system.activationScripts.emilia_atelierfringant = { | |
12 | deps = [ "httpd" ]; | |
13 | text = '' | |
14 | install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/ftp/emilia/atelierfringant | |
15 | ''; | |
16 | }; | |
17 | systemd.services.phpfpm-emilia_atelierfringant.after = lib.mkAfter [ "mysql.service" ]; | |
18 | systemd.services.phpfpm-emilia_atelierfringant.wants = [ "mysql.service" ]; | |
19 | services.phpfpm.pools.emilia_atelierfringant = { | |
20 | user = apacheUser; | |
21 | group = apacheGroup; | |
22 | settings = { | |
23 | "listen.owner" = apacheUser; | |
24 | "listen.group" = apacheGroup; | |
25 | ||
26 | "pm" = "dynamic"; | |
27 | "pm.max_children" = "20"; | |
28 | "pm.start_servers" = "2"; | |
29 | "pm.min_spare_servers" = "1"; | |
30 | "pm.max_spare_servers" = "3"; | |
31 | ||
32 | "php_admin_value[open_basedir]" = "${varDir}:/tmp"; | |
33 | "php_admin_value[session.save_handler]" = "redis"; | |
34 | "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Emilia:AtelierFringant:'"; | |
35 | }; | |
36 | phpOptions = config.services.phpfpm.phpOptions + '' | |
37 | disable_functions = "mail" | |
38 | ''; | |
39 | phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]); | |
40 | }; | |
41 | services.websites.env.production.modules = [ "proxy_fcgi" ]; | |
42 | services.websites.env.production.vhostConfs.emilia_atelierfringant = { | |
43 | certName = "emilia"; | |
44 | certMainHost = "atelierfringant.org"; | |
45 | hosts = ["atelierfringant.org" "www.atelierfringant.org" ]; | |
46 | root = varDir; | |
47 | extraConfig = [ | |
48 | '' | |
49 | <FilesMatch "\.php$"> | |
50 | SetHandler "proxy:unix:${config.services.phpfpm.pools.emilia_atelierfringant.socket}|fcgi://localhost" | |
51 | </FilesMatch> | |
52 | ||
53 | <Location /xmlrpc.php> | |
54 | AllowOverride None | |
55 | Require all denied | |
56 | </Location> | |
57 | <Directory ${varDir}> | |
58 | DirectoryIndex index.php index.htm index.html | |
59 | Options Indexes FollowSymLinks MultiViews Includes | |
60 | AllowOverride all | |
61 | Require all granted | |
62 | </Directory> | |
63 | '' | |
64 | ]; | |
65 | }; | |
66 | }; | |
67 | } |