--- /dev/null
+{ lib, pkgs, config, ... }:
+let
+ cfg = config.myServices.websites.papa.maison_bbc;
+ varDir = "/var/lib/ftp/papa/site";
+in {
+ options.myServices.websites.papa.maison_bbc.enable = lib.mkEnableOption "enable Papa Maison bbc website";
+
+ config = lib.mkIf cfg.enable {
+ services.duplyBackup.profiles.papa_maison_bbc.rootDir = varDir;
+ services.webstats.sites = [ { name = "maison.bbc.bouya.org"; } ];
+ services.phpfpm.pools.papa_maison_bbc = {
+ listen = "/run/phpfpm/papa_maison_bbc.sock";
+ extraConfig = ''
+ user = wwwrun
+ group = wwwrun
+ listen.owner = wwwrun
+ listen.group = wwwrun
+
+ pm = ondemand
+ pm.max_children = 5
+ pm.process_idle_timeout = 60
+
+ php_admin_value[open_basedir] = "${varDir}"
+ '';
+ phpOptions = config.services.phpfpm.phpOptions + ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ '';
+ };
+
+ services.websites.env.production.modules = [ "proxy_fcgi" ];
+ services.websites.env.production.vhostNoSSLConfs.papa_maison_bbc = {
+ hosts = [ "maison.bbc.bouya.org" ];
+ root = varDir;
+ extraConfig = [
+ ''
+ RedirectMatch 301 ^/((?!(\.well-known|add.php).*$).*)$ https://maison.bbc.bouya.org/$1
+ <Directory ${varDir}>
+ DirectoryIndex index.php index.htm index.html
+ AllowOverride None
+ Require all granted
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:/run/phpfpm/papa_maison_bbc.sock|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ ''
+ ];
+ };
+ services.websites.env.production.vhostConfs.papa_maison_bbc = {
+ certName = "papa";
+ addToCerts = true;
+ hosts = [ "maison.bbc.bouya.org" ];
+ root = varDir;
+ extraConfig = [
+ ''
+ <Directory ${varDir}>
+ DirectoryIndex index.php index.htm index.html
+ AllowOverride None
+ Require all granted
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:/run/phpfpm/papa_maison_bbc.sock|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ ''
+ ];
+ };
+ };
+}
+
projects / perso / Immae / Config / Nix.git / blobdiff