piedsjaloux = { config }: rec {
environment = config.environment;
varDir = "/var/lib/piedsjaloux_${environment}";
- configRoot =
- writeText "parameters.yml" ''
+ keys."${environment}-piedsjaloux" = {
+ destDir = "/run/keys/webapps";
+ user = apache.user;
+ group = apache.group;
+ permissions = "0400";
+ text = ''
# This file is auto-generated during the composer install
parameters:
database_host: ${config.mysql.host}
leapt_im:
binary_path: ${imagemagick}/bin
'';
+ };
phpFpm = rec {
+ serviceDeps = [ "mysql.service" "${environment}-piedsjaloux-key.service" ];
socket = "/var/run/phpfpm/piedsjaloux-${environment}.sock";
pool = ''
listen = ${socket}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
- php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp"
+ php_admin_value[open_basedir] = "/run/keys/webapps/${environment}-piedsjaloux:${webappDir}:${varDir}:/tmp"
php_admin_value[session.save_path] = "${varDir}/phpSessions"
env[PATH] = ${lib.makeBinPath [ pkgs.apg pkgs.unzip ]}
${if environment == "dev" then ''
pm.max_spare_servers = 3
''}'';
};
- apache = {
+ apache = rec {
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
+ webappName = "piedsjaloux_${environment}";
+ root = "/run/current-system/webapps/${webappName}";
vhostConf = ''
<FilesMatch "\.php$">
SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://piedsjaloux.fr\"></html>"
</Location>
- <Directory ${webRoot}>
+ <Directory ${root}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
Require all granted
'' else ''
Use Stats piedsjaloux.fr
- <Directory ${webRoot}>
+ <Directory ${root}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
postInstall = ''
cd $out
rm app/config/parameters.yml
- ln -sf ${configRoot} app/config/parameters.yml
+ ln -sf /run/keys/webapps/${environment}-piedsjaloux app/config/parameters.yml
rm -rf var/{logs,cache,data,miniatures,tmp}
- ln -sf ../../../../../../../${varDir}/{logs,cache,data,miniatures,tmp} var/
+ ln -sf ${varDir}/{logs,cache,data,miniatures,tmp} var/
'';
});
webRoot = "${webappDir}/web";