X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Fisabelle%2Firidologie.nix;h=ffbf2591f2bd107fe2c090a0d4d4222445bc6da1;hb=5400b9b6f65451d41a9106fae6fc00f97d83f4ef;hp=cb4e3005350600f2f62716e748e2703d1f9b7688;hpb=fd2af8fa50dc1a60d40a1aa3c4252d8eb3abf5b0;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix
index cb4e300..ffbf259 100644
--- a/modules/private/websites/isabelle/iridologie.nix
+++ b/modules/private/websites/isabelle/iridologie.nix
@@ -1,59 +1,50 @@
-{ lib, config, ... }:
+{ lib, pkgs, config, ... }:
let
+ iridologie = pkgs.callPackage ./spip_builder.nix {
+ inherit (pkgs.webapps) iridologie;
+ config = config.myEnv.websites.isabelle.iridologie;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
cfg = config.myServices.websites.isabelle.iridologie;
- varDir = "/var/lib/ftp/isabelle";
in {
options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website";
config = lib.mkIf cfg.enable {
+ services.duplyBackup.profiles.iridologie_prod.rootDir = iridologie.app.varDir;
+ secrets.keys = iridologie.keys;
services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ];
- system.activationScripts.iridologie = {
- deps = [ "httpd" ];
- text = ''
- install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/iridologie
- '';
- };
- services.phpfpm.pools.iridologie = {
- listen = "/run/phpfpm/iridologie.sock";
- extraConfig = ''
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
-
- pm = ondemand
- pm.max_children = 5
- pm.process_idle_timeout = 60
- php_admin_value[open_basedir] = "/var/lib/php/sessions/iridologie:${varDir}:/tmp"
- php_admin_value[session.save_path] = "/var/lib/php/sessions/iridologie"
- '';
+ systemd.services.phpfpm-iridologie.after = lib.mkAfter iridologie.phpFpm.serviceDeps;
+ systemd.services.phpfpm-iridologie.wants = iridologie.phpFpm.serviceDeps;
+ services.phpfpm.pools.iridologie = {
+ user = config.services.httpd.Prod.user;
+ group = config.services.httpd.Prod.group;
+ settings = iridologie.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ '';
};
- services.websites.env.production.modules = [ "proxy_fcgi" ];
+ system.activationScripts.iridologie = iridologie.activationScript;
+ myServices.websites.webappDirs."${iridologie.apache.webappName}" = iridologie.app.webRoot;
+ services.websites.env.production.modules = iridologie.apache.modules;
services.websites.env.production.vhostConfs.iridologie = {
- certName = "aten";
- addToCerts = true;
- hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
- root = varDir;
- extraConfig = [
+ certName = "aten";
+ addToCerts = true;
+ hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
+ root = iridologie.apache.root;
+ extraConfig = [
''
- Use Stats iridologie.icommandeur.org
- RewriteEngine On
- RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
- RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
-
-
- SetHandler "proxy:unix:/run/phpfpm/iridologie.sock|fcgi://localhost"
-
-
-
- DirectoryIndex index.php index.htm index.html
- AllowOverride All
- Require all granted
-
+ RewriteEngine On
+ RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
+ RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
''
+ (iridologie.apache.vhostConf config.services.phpfpm.pools.iridologie.socket)
];
};
+ services.websites.env.production.watchPaths = [
+ "/var/secrets/webapps/${iridologie.app.environment}-iridologie"
+ ];
};
}
-