-{ lib, checkEnv, writeText, fetchedGitPrivate, stdenv, php, git, cacert, phpPackages, ruby, sass, imagemagick }:
+{ pkgs, lib, writeText, fetchedGitPrivate, stdenv, composerEnv, fetchurl, fetchgit, ruby, sass, imagemagick }:
let
- ludivinecassal = { environment ? "dev" }: rec {
- varPrefix = "LUDIVINECASSAL";
+ ludivinecassal = { config }: rec {
+ environment = config.environment;
varDir = "/var/lib/ludivinecassal_${environment}";
- envName= lib.strings.toUpper environment;
configRoot =
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_PASSWORD";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_USER";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_NAME";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_SECRET";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_PASSWORD";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_DN";
- assert checkEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_FILTER";
writeText "parameters.yml" ''
# This file is auto-generated during the composer install
parameters:
database_host: db-1.immae.eu
database_port: null
- database_name: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_NAME"}
- database_user: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_USER"}
- database_password: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_MYSQL_PASSWORD"}
+ database_name: ${config.mysql.name}
+ database_user: ${config.mysql.user}
+ database_password: ${config.mysql.password}
+ database_server_version: ${pkgs.mariadb.mysqlVersion}
mailer_transport: smtp
mailer_host: mail.immae.eu
mailer_user: null
mailer_password: null
- secret: ${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_SECRET"}
+ secret: ${config.secret}
ldap_host: ldap.immae.eu
ldap_port: 636
ldap_version: 3
ldap_tls: false
ldap_user_bind: 'uid={username},ou=users,dc=immae,dc=eu'
ldap_base_dn: 'dc=immae,dc=eu'
- ldap_search_dn: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_DN"}'
- ldap_search_password: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_PASSWORD"}'
- ldap_search_filter: '${builtins.getEnv "NIXOPS_${varPrefix}_${envName}_LDAP_SEARCH_FILTER"}'
+ ldap_search_dn: '${config.ldap.dn}'
+ ldap_search_password: '${config.ldap.password}'
+ ldap_search_filter: '${config.ldap.search}'
leapt_im:
binary_path: ${imagemagick}/bin
assetic:
fi
'';
};
- webappDir = stdenv.mkDerivation (fetchedGitPrivate ./ludivinecassal.json // rec {
- # FIXME: can we do better than symlink?
- # FIXME: initial sync
- # FIXME: backup
- # FIXME: miniatures and data need to be in the same dir due to a
- # bug in leapt.im (searches for data/../miniatures)
- buildPhase = ''
- export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
- export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
-
- ln -sf ${configRoot} app/config/parameters.yml
- sed -i -e "/Incenteev..ParameterHandler..ScriptHandler::buildParameters/d" composer.json
- ${if environment == "dev" then ''
- composer install
- '' else ''
- SYMFONY_ENV=prod composer install --no-dev
- ''}
- rm -rf var
- ln -sf ../../../../../${varDir} var
- '';
- installPhase = ''
- cp -a . $out
- '';
- buildInputs = [
- php git cacert phpPackages.composer sass
- ];
- });
+ webappDir = composerEnv.buildPackage (
+ import ./php-packages.nix { inherit composerEnv fetchurl fetchgit; } //
+ fetchedGitPrivate ./ludivinecassal.json //
+ rec {
+ noDev = (environment == "prod");
+ preInstall = ''
+ export SYMFONY_ENV="${environment}"
+ ln -sf ${configRoot} app/config/parameters.yml
+ sed -i -e "/Incenteev..ParameterHandler..ScriptHandler::buildParameters/d" composer.json
+ '';
+ # /!\ miniatures and data need to be in the same physical dir due to a
+ # bug in leapt.im (searches for data/../miniatures)
+ postInstall = ''
+ rm -rf var/{logs,cache,data,miniatures,tmp}
+ ln -sf ../../../../../../../${varDir}/{logs,cache,data,miniatures,tmp} var/
+ '';
+ buildInputs = [ sass ];
+ });
webRoot = "${webappDir}/web";
};
in
projects / perso / Immae / Config / Nix.git / blobdiff