connexionswing = { config }: rec {
environment = config.environment;
varDir = "/var/lib/connexionswing_${environment}";
- keys."${environment}-connexionswing" = {
- destDir = "/run/keys/webapps";
+ keys = [{
+ dest = "webapps/${environment}-connexionswing";
user = apache.user;
group = apache.group;
permissions = "0400";
arguments: ['/run/wrappers/bin/sendmail -bs']
'' else ""}
'';
- };
+ }];
phpFpm = rec {
- serviceDeps = [ "mysql.service" "${environment}-connexionswing-key.service" ];
+ preStart = ''
+ if [ ! -f "${varDir}/currentWebappDir" -o \
+ ! -f "${varDir}/currentKey" -o \
+ "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \
+ || ! sha512sum -c --status ${varDir}/currentKey; then
+ pushd ${webappDir} > /dev/null
+ /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup
+ popd > /dev/null
+ echo -n "${webappDir}" > ${varDir}/currentWebappDir
+ sha512sum /var/secrets/webapps/${environment}-connexionswing > ${varDir}/currentKey
+ fi
+ '';
+ serviceDeps = [ "mysql.service" ];
socket = "/var/run/phpfpm/connexionswing-${environment}.sock";
phpConfig = ''
extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/run/keys/webapps/${environment}-connexionswing:${webappDir}:${varDir}:/tmp"
+ php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/secrets/webapps/${environment}-connexionswing:${webappDir}:${varDir}:/tmp"
php_admin_value[session.save_path] = "${varDir}/phpSessions"
${if environment == "dev" then ''
pm = ondemand
${varDir}/uploads \
${varDir}/var
install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
- if [ ! -f "${varDir}/currentWebappDir" -o \
- "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
- pushd ${webappDir} > /dev/null
- $wrapperDir/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup
- popd > /dev/null
- echo -n "${webappDir}" > ${varDir}/currentWebappDir
- fi
'';
};
webappDir = composerEnv.buildPackage (
cd $out
${if environment == "prod" then "php ./bin/console assetic:dump --env=prod --no-debug" else ""}
rm app/config/parameters.yml
- ln -sf /run/keys/webapps/${environment}-connexionswing app/config/parameters.yml
+ ln -sf /var/secrets/webapps/${environment}-connexionswing app/config/parameters.yml
rm -rf var/{logs,cache}
ln -sf ${varDir}/var/{logs,cache} var/
ln -sf ${varDir}/{medias,uploads} web/images/