1 { lib, pkgs, config, ... }:
3 cfg = config.myServices.websites.christophe_carpentier.agorakit;
4 env = config.myEnv.websites.christophe_carpentier.agorakit;
5 varDir = "/var/lib/christophe_carpentier_agorakit";
6 secretsPath = config.secrets.fullPaths."websites/christophe_carpentier/env";
7 app = pkgs.callPackage ./agorakit { inherit varDir secretsPath; };
8 apacheUser = config.services.httpd.Prod.user;
9 apacheGroup = config.services.httpd.Prod.group;
11 options.myServices.websites.christophe_carpentier.agorakit.enable = lib.mkEnableOption "enable Christophe Carpentier's Agorakit";
13 config = lib.mkIf cfg.enable {
14 secrets.keys."websites/christophe_carpentier/env" = {
15 user = config.services.httpd.Prod.user;
16 group = config.services.httpd.Prod.group;
23 APP_URL=https://agorakit.artisansdunous.fr
27 DB_HOST=${env.mysql.host}
28 DB_DATABASE=${env.mysql.database}
29 DB_USERNAME=${env.mysql.user}
30 DB_PASSWORD=${env.mysql.password}
37 MAIL_HOST=${env.smtp.host}
38 MAIL_PORT=${env.smtp.port}
39 MAIL_USERNAME=${env.smtp.email}
40 MAIL_PASSWORD=${env.smtp.password}
43 MAIL_FROM=${env.smtp.email}
44 MAIL_FROM_NAME=Agorakit
45 MAIL_NOREPLY=${env.smtp.email}
47 # OVH doesn't allow it
49 #INBOX_HOST=${env.smtp.host}
50 INBOX_USERNAME=${env.smtp.email}
51 INBOX_PASSWORD=${env.smtp.password}
52 INBOX_PREFIX=${builtins.elemAt (builtins.split "@" env.smtp.email) 0}+
53 INBOX_SUFFIX=@${builtins.elemAt (builtins.split "@" env.smtp.email) 2}
75 systemd.services.phpfpm-christophe_carpentier_agorakit.preStart = ''
76 if [ ! -e ${varDir}/.filled ]; then
77 cp -r ${app}/oldvars/* ${varDir}
78 chmod -R u+w ${varDir}
79 chown -R ${config.services.httpd.Prod.user}:${config.services.httpd.Prod.group} ${varDir}
80 touch ${varDir}/.filled
83 services.phpApplication.apps.christophe_carpentier_agorakit = {
84 websiteEnv = "production";
85 httpdUser = config.services.httpd.Prod.user;
86 httpdGroup = config.services.httpd.Prod.group;
87 inherit (app) webRoot varDir;
89 serviceDeps = [ "mysql.service" ];
90 phpOpenbasedir = [ "/tmp" secretsPath ];
92 "php_admin_value[upload_max_filesize]" = "100M";
93 "php_admin_value[post_max_size]" = "100M";
95 "pm.max_children" = "20";
96 "pm.start_servers" = "2";
97 "pm.min_spare_servers" = "1";
98 "pm.max_spare_servers" = "3";
106 */5 * * * * ${apacheUser} cd ${app} && ${pkgs.php74}/bin/php artisan schedule:run >/dev/null 2>/dev/null
111 services.websites.env.production.vhostConfs.christophe_agorakit = {
112 certName = "christophe_carpentier";
113 certMainHost = "agorakit.artisansdunous.fr";
114 hosts = [ "agorakit.artisansdunous.fr" ];
115 root = "${app}/public";
118 <FilesMatch "\.php$">
119 SetHandler "proxy:unix:${config.services.phpfpm.pools.christophe_carpentier_agorakit.socket}|fcgi://localhost"
122 <Directory ${app}/public>
123 DirectoryIndex index.php index.htm index.html
124 Options Indexes FollowSymLinks MultiViews Includes