X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Fludivine%2Fintegration.nix;fp=modules%2Fprivate%2Fwebsites%2Fludivine%2Fintegration.nix;h=0000000000000000000000000000000000000000;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=49aa11350625f6023dde7bde40d8fa3aa4f8a530;hpb=fa25ffd4583cc362075cd5e1b4130f33306103f0;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/ludivine/integration.nix b/modules/private/websites/ludivine/integration.nix deleted file mode 100644 index 49aa113..0000000 --- a/modules/private/websites/ludivine/integration.nix +++ /dev/null @@ -1,145 +0,0 @@ -{ lib, pkgs, config, ... }: -let - secrets = config.myEnv.websites.ludivine.integration; - cfg = config.myServices.websites.ludivine.integration; - pcfg = config.services.phpApplication; - webRoot = "/var/lib/ftp/immae/ludivine/web"; -in { - options.myServices.websites.ludivine.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration"; - - config = lib.mkIf cfg.enable { - services.phpApplication.apps.ludivine_integration = { - websiteEnv = "integration"; - httpdUser = config.services.httpd.Inte.user; - httpdGroup = config.services.httpd.Inte.group; - inherit webRoot; - varDir = "/var/lib/ftp/immae/ludivine_var"; - app = "/var/lib/ftp/immae/ludivine"; - varDirPaths = { - "tmp" = "0700"; - }; - serviceDeps = [ "mysql.service" ]; - preStartActions = [ - "./bin/console --env=dev cache:clear --no-warmup" - ]; - phpOpenbasedir = [ "/tmp" ]; - phpPool = { - "php_admin_value[upload_max_filesize]" = "20M"; - "php_admin_value[post_max_size]" = "20M"; - #"php_admin_flag[log_errors]" = "on"; - "pm" = "ondemand"; - "pm.max_children" = "5"; - "pm.process_idle_timeout" = "60"; - }; - phpEnv = { - PATH = lib.makeBinPath [ - # below ones don't need to be in the PATH but they’re used in - # secrets - pkgs.imagemagick pkgs.sass pkgs.ruby - ]; - SYMFONY_DEBUG_MODE = "\"yes\""; - }; - phpWatchFiles = [ - config.secrets.fullPaths."websites/ludivine/integration" - ]; - phpPackage = pkgs.php72; - }; - - secrets.keys."websites/ludivine/integration" = { - user = config.services.httpd.Inte.user; - group = config.services.httpd.Inte.group; - permissions = "0400"; - text = '' - # This file is auto-generated during the composer install - parameters: - database_host: ${secrets.mysql.host} - database_port: ${secrets.mysql.port} - database_name: ${secrets.mysql.database} - database_user: ${secrets.mysql.user} - database_password: ${secrets.mysql.password} - database_server_version: ${pkgs.mariadb.mysqlVersion} - mailer_transport: smtp - mailer_host: 127.0.0.1 - mailer_user: null - mailer_password: null - secret: ${secrets.secret} - ldap_host: ldap.immae.eu - ldap_port: 636 - ldap_version: 3 - ldap_ssl: true - ldap_tls: false - ldap_user_bind: 'uid={username},ou=users,dc=immae,dc=eu' - ldap_base_dn: 'dc=immae,dc=eu' - ldap_search_dn: '${secrets.ldap.dn}' - ldap_search_password: '${secrets.ldap.password}' - ldap_search_filter: '${secrets.ldap.filter}' - leapt_im: - binary_path: ${pkgs.imagemagick}/bin - assetic: - sass: ${pkgs.sass}/bin/sass - ruby: ${pkgs.ruby}/bin/ruby - ''; - }; - - services.websites.env.integration.vhostConfs.ludivine_integration = { - certName = "integration"; - addToCerts = true; - hosts = [ "test.lc.immae.dev" ]; - root = webRoot; - extraConfig = [ - '' - - SetHandler "proxy:unix:${pcfg.phpListenPaths.ludivine_integration}|fcgi://localhost" - - - - Use LDAPConnect - Require ldap-group cn=lc.immae.dev,cn=httpd,ou=services,dc=immae,dc=eu - ErrorDocument 401 "" - - - - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride None - Require all granted - - DirectoryIndex app_dev.php - - - Options -MultiViews - - - - RewriteEngine On - - RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$ - RewriteRule ^(.*) - [E=BASE:%1] - - # Maintenance script - RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f - RewriteCond %{SCRIPT_FILENAME} !maintenance.php - RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L] - ErrorDocument 503 /maintenance.php - - # Sets the HTTP_AUTHORIZATION header removed by Apache - RewriteCond %{HTTP:Authorization} . - RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] - - RewriteCond %{ENV:REDIRECT_STATUS} ^$ - RewriteRule ^app_dev\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L] - - # If the requested filename exists, simply serve it. - # We only want to let Apache serve files and not directories. - RewriteCond %{REQUEST_FILENAME} -f - RewriteRule ^ - [L] - - # Rewrite all other queries to the front controller. - RewriteRule ^ %{ENV:BASE}/app_dev.php [L] - - - - '' - ]; - }; - }; -}