varDir = "/var/lib/chloe_production";
};
cfg = config.myServices.websites.chloe.production;
- webappdir = config.services.websites.webappDirsPaths.chloe_production;
in {
options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";
config = lib.mkIf cfg.enable {
- services.duplyBackup.profiles.chloe_production.rootDir = app.varDir;
- services.duplyBackup.profiles.chloe_production.remotes = ["eriomem" "ovh"];
secrets.keys."websites/chloe/production" = {
user = apacheUser;
group = apacheGroup;
"php_admin_value[post_max_size]" = "20M";
# "php_admin_flag[log_errors]" = "on";
"php_admin_value[open_basedir]" = "${app.spipConfig}:${./config}:${app}:${app.varDir}:/tmp";
- "php_admin_value[session.save_path]" = "${app.varDir}/phpSessions";
+ "php_admin_value[session.save_handler]" = "redis";
+ "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Chloe:Production:'";
"pm" = "dynamic";
"pm.max_children" = "20";
"pm.start_servers" = "2";
"pm.min_spare_servers" = "1";
"pm.max_spare_servers" = "3";
};
- phpPackage = pkgs.php72;
+ phpPackage = pkgs.php72.withExtensions ({ enabled, all }: enabled ++ [all.redis]);
};
system.activationScripts.chloe_production = {
deps = [ "wrappers" ];
text = ''
install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} ${app.varDir}/IMG ${app.varDir}/tmp ${app.varDir}/local
- install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- services.websites.webappDirs.chloe_production = app.webRoot;
services.websites.env.production.modules = [ "proxy_fcgi" ];
services.websites.env.production.vhostConfs.chloe = {
certName = "chloe";
certMainHost = "osteopathe-cc.fr";
hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
- root = webappdir;
+ root = app.webRoot;
extraConfig = [
''
Use Stats osteopathe-cc.fr
SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_production.socket}|fcgi://localhost"
</FilesMatch>
- <Directory ${webappdir}>
+ <Directory ${app.webRoot}>
DirectoryIndex index.php index.htm index.html
Options -Indexes +FollowSymLinks +MultiViews +Includes
- Include ${webappdir}/htaccess.txt
+ Include ${app.webRoot}/htaccess.txt
AllowOverride AuthConfig FileInfo Limit
Require all granted
</Directory>
- <DirectoryMatch "${webappdir}/squelettes">
+ <DirectoryMatch "${app.webRoot}/squelettes">
Require all denied
</DirectoryMatch>