chloe = { config }: rec {
environment = config.environment;
phpFpm = rec {
- serviceDeps = [ "mysql.service" "${environment}-chloe-key.service" ];
+ serviceDeps = [ "mysql.service" ];
socket = "/var/run/phpfpm/chloe-${environment}.sock";
pool = ''
listen = ${socket}
pm.max_spare_servers = 3
''}'';
};
- keys."${environment}-chloe" = {
- destDir = "/run/keys/webapps";
+ keys = [{
+ dest = "webapps/${environment}-chloe";
user = apache.user;
group = apache.group;
permissions = "0400";
SetEnv SPIP_MYSQL_USER "${config.mysql.user}"
SetEnv SPIP_MYSQL_PASSWORD "${config.mysql.password}"
'';
- };
+ }];
apache = rec {
user = "wwwrun";
group = "wwwrun";
webappName = "chloe_${environment}";
root = "/run/current-system/webapps/${webappName}";
vhostConf = ''
- Include /run/keys/webapps/${environment}-chloe
+ Include /var/secrets/webapps/${environment}-chloe
RewriteEngine On
${if environment == "prod" then ''