-{ lib, checkEnv, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, ruby, sass, imagemagick }:
+{ lib, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, ruby, sass, imagemagick }:
let
- ludivinecassal = { environment ? "dev" }: rec {
- varPrefix = "LUDIVINECASSAL";
+ ludivinecassal = { config }: rec {
+ environment = config.environment;
varDir = "/var/lib/ludivinecassal_${environment}";
- envName= lib.strings.toUpper environment;
configRoot =
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_PASSWORD";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_USER";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_NAME";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_SECRET";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_PASSWORD";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_DN";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_FILTER";
writeText "parameters.yml" ''
# This file is auto-generated during the composer install
parameters:
database_host: db-1.immae.eu
database_port: null
- database_name: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_NAME"}
- database_user: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_USER"}
- database_password: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_PASSWORD"}
+ database_name: ${config.mysql.name}
+ database_user: ${config.mysql.user}
+ database_password: ${config.mysql.password}
mailer_transport: smtp
mailer_host: mail.immae.eu
mailer_user: null
mailer_password: null
- secret: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}
+ secret: ${config.secret}
ldap_host: ldap.immae.eu
ldap_port: 636
ldap_version: 3
ldap_tls: false
ldap_user_bind: 'uid={username},ou=users,dc=immae,dc=eu'
ldap_base_dn: 'dc=immae,dc=eu'
- ldap_search_dn: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_DN"}'
- ldap_search_password: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_PASSWORD"}'
- ldap_search_filter: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_FILTER"}'
+ ldap_search_dn: '${config.ldap.dn}'
+ ldap_search_password: '${config.ldap.password}'
+ ldap_search_filter: '${config.ldap.search}'
leapt_im:
binary_path: ${imagemagick}/bin
assetic:
'';
};
webappDir = stdenv.mkDerivation (fetchedGitPrivate ./ludivinecassal.json // rec {
- # FIXME: can we do better than symlink?
- # FIXME: initial sync
- # FIXME: backup
- # FIXME: miniatures and data need to be in the same dir due to a
- # bug in leapt.im (searches for data/../miniatures)
+ # /!\ miniatures and data need to be in the same dir due to a
+ # bug in leapt.im (searches for data/../miniatures)
buildPhase = ''
export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt