+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- cfg = config.services.myWebsites.Immae;
- varDir = "/var/lib/ftp/immae";
- env = myconfig.env.websites.immae;
-in {
- options.services.myWebsites.Immae = {
- production = {
- enable = lib.mkEnableOption "enable Immae's website";
- };
- };
-
- config = lib.mkIf cfg.production.enable {
- services.webstats.sites = [ { name = "www.immae.eu"; } ];
-
- services.myPhpfpm.poolConfigs.immae = ''
- listen = /run/phpfpm/immae.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
-
- pm = ondemand
- pm.max_children = 5
- pm.process_idle_timeout = 60
-
- php_admin_value[open_basedir] = "${varDir}:/tmp"
- '';
- services.websites.production.modules = [ "proxy_fcgi" ];
- services.websites.production.vhostConfs.immae = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "www.immae.eu" ];
- root = varDir;
- extraConfig = [
- ''
- Use Stats www.immae.eu
-
- <FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/immae.sock|fcgi://localhost"
- </FilesMatch>
-
- <Directory ${varDir}>
- DirectoryIndex index.php index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride All
- Require all granted
- </Directory>
-
- <Location /blog_old/>
- Use LDAPConnect
- Require ldap-group cn=blog,cn=immae.eu,ou=services,dc=immae,dc=eu
- </Location>
- ''
- ];
- };
-
- services.websites.production.vhostConfs.bouya = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "bouya.org" "www.bouya.org" ];
- root = null;
- extraConfig = [ ''
- RedirectMatch 301 ^/((?!\.well-known.*$).*)$ https://www.normalesup.org/~bouya/
- '' ];
- };
- };
-}