-{ lib, checkEnv, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, yarn }:
+{ lib, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, yarn }:
let
- aten = { environment ? "dev" }: rec {
- varPrefix = "ATEN";
+ aten = { config }: rec {
+ environment = config.environment;
varDir = "/var/lib/aten_${environment}";
- envName= lib.strings.toUpper environment;
phpFpm = rec {
socket = "/var/run/phpfpm/aten-${environment}.sock";
pool = ''
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- vhostConf =
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_SECRET";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL";
- ''
+ vhostConf = ''
<FilesMatch "\.php$">
SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
</FilesMatch>
SetEnv APP_ENV "${environment}"
- SetEnv APP_SECRET "${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}
- SetEnv DATABASE_URL "${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL"}
+ SetEnv APP_SECRET "${config.secret}"
+ SetEnv DATABASE_URL "${config.psql_url}"
${if environment == "dev" then ''
<Location />
export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
export APP_ENV="${environment}"
- export DATABASE_URL="${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL"}"
- export APP_SECRET="${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}"
+ export DATABASE_URL="${config.psql_url}"
+ export APP_SECRET="${config.secret}"
${if environment == "dev" then ''
composer install