]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - virtual/modules/websites/aten/aten.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add rompr
[perso/Immae/Config/Nix.git] / virtual / modules / websites / aten / aten.nix
diff --git a/virtual/modules/websites/aten/aten.nix b/virtual/modules/websites/aten/aten.nix
index d67f7b7c8587eb64b657641eb0a23ef3dcc5f43d..69e1d4c37409cee35bf0ee9cf415da9e53666aea 100644 (file)
--- a/virtual/modules/websites/aten/aten.nix
+++ b/virtual/modules/websites/aten/aten.nix
@@ -1,9 +1,8 @@
-{ lib, checkEnv, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, yarn }:
+{ lib, writeText, fetchedGitPrivate, stdenv, composerEnv, fetchurl, fetchgit, binutils, python, nodejs, libsass, yarn2nix }:
 let
-  aten = { environment ? "dev" }: rec {
-    varPrefix = "ATEN";
+  aten = { config }: rec {
+    environment = config.environment;
     varDir = "/var/lib/aten_${environment}";
-    envName= lib.strings.toUpper environment;
     phpFpm = rec {
       socket = "/var/run/phpfpm/aten-${environment}.sock";
       pool = ''
@@ -34,17 +33,14 @@ let
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
-      vhostConf =
-        assert checkEnv "NIXOPS_${varPrefix}_${envName}_SECRET";
-        assert checkEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL";
-      ''
+      vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
       </FilesMatch>
 
       SetEnv APP_ENV      "${environment}"
-      SetEnv APP_SECRET   "${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}
-      SetEnv DATABASE_URL "${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL"}
+      SetEnv APP_SECRET   "${config.secret}"
+      SetEnv DATABASE_URL "${config.psql_url}"
 
       ${if environment == "dev" then ''
       <Location />
@@ -91,35 +87,49 @@ let
       fi
       '';
     };
-    webappDir = stdenv.mkDerivation (fetchedGitPrivate ./aten.json // rec {
-      # FIXME: can we do better than symlink?
-      # FIXME: initial sync
-      # FIXME: backup
-      # FIXME: usage statistics
-      buildPhase = ''
-        export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
-        export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
-        export APP_ENV="${environment}"
-        export DATABASE_URL="${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_PSQL_URL"}"
-        export APP_SECRET="${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}"
-
-        ${if environment == "dev" then ''
-          composer install
-        '' else ''
-          SYMFONY_ENV=prod composer install --no-dev
-        ''}
-        yarn install
-        yarn run encore production
-        rm -rf var
-        ln -sf ../../../../../${varDir} var
-        '';
-      installPhase = ''
-        cp -a . $out
-        '';
-      buildInputs = [
-        php git cacert phpPackages.composer yarn
-      ];
-    });
+    yarnModules = let
+        info = fetchedGitPrivate ./aten.json;
+      in
+        yarn2nix.mkYarnModules {
+          name = "aten-yarn-modules";
+          packageJSON = "${info.src}/package.json";
+          yarnLock = "${info.src}/yarn.lock";
+          pkgConfig = {
+            node-sass = {
+              buildInputs = [ binutils libsass python ];
+              postInstall = let
+                nodeHeaders = fetchurl {
+                  url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz";
+                  sha256 = "12zzsf8my43b8qnlacp871ih5vqafl2vlpqp51xp6h3gckn2frwy";
+                };
+              in
+                ''
+                  export AR=${binutils.bintools}/bin/ar
+                  node scripts/build.js --tarball=${nodeHeaders}
+                '';
+            };
+          };
+        };
+    webappDir = composerEnv.buildPackage (
+      import ./php-packages.nix { inherit composerEnv fetchurl fetchgit; } //
+      fetchedGitPrivate ./aten.json //
+      rec {
+        noDev = (environment == "prod");
+        preInstall = ''
+          export SYMFONY_ENV="${environment}"
+          export APP_ENV="${environment}"
+          export DATABASE_URL="${config.psql_url}"
+          export APP_SECRET="${config.secret}"
+          '';
+        postInstall = ''
+          cd $out
+          ln -sf ${yarnModules}/node_modules .
+          yarn run --offline encore production
+          rm -rf var/{log,cache}
+          ln -sf ../../../../../../../${varDir}/{log,cache} var/
+          '';
+        buildInputs = [ yarn2nix.yarn ];
+      });
     webRoot = "${webappDir}/public";
   };
 in
My infrastructure configuration