X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fwallabag.nix;h=0ebdb0ba3aea5bec0eaab98743397209df6d9530;hb=5315b439af1f72c3282549508ae58d86d66e38ec;hp=014d8a1acb67da65a753d3dd1d3318a07f4155e1;hpb=441da8aac378f401625e82caf281fa0e26128310;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix index 014d8a1..0ebdb0b 100644 --- a/modules/private/websites/tools/tools/wallabag.nix +++ b/modules/private/websites/tools/tools/wallabag.nix @@ -1,11 +1,7 @@ -{ env, wallabag, mylibs }: +{ env, wallabag, mylibs, config }: rec { - backups = { - rootDir = varDir; - }; varDir = "/var/lib/wallabag"; - keys = [{ - dest = "webapps/tools-wallabag"; + keys."webapps/tools-wallabag" = { user = apache.user; group = apache.group; permissions = "0400"; @@ -67,8 +63,8 @@ rec { class: Swift_SendmailTransport arguments: ['/run/wrappers/bin/sendmail -bs'] ''; - }]; - webappDir = wallabag.override { ldap = true; wallabag_config = "/var/secrets/webapps/tools-wallabag"; }; + }; + webappDir = wallabag.override { ldap = true; wallabag_config = config.secrets.fullPaths."webapps/tools-wallabag"; }; activationScript = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/var ${varDir}/data/db ${varDir}/assets/images @@ -80,9 +76,8 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_wallabag"; - root = "/run/current-system/webapps/${webappName}"; - vhostConf = '' + root = webRoot; + vhostConf = socket: '' Alias /wallabag "${root}" AllowOverride None @@ -91,7 +86,7 @@ rec { CGIPassAuth On - SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" + SetHandler "proxy:unix:${socket}|fcgi://localhost" @@ -124,27 +119,24 @@ rec { /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction popd > /dev/null echo -n "${webappDir}" > ${varDir}/currentWebappDir - sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey + sha512sum ${config.secrets.fullPaths."webapps/tools-wallabag"} > ${varDir}/currentKey fi ''; serviceDeps = [ "postgresql.service" "openldap.service" ]; - basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ]; - socket = "/var/run/phpfpm/wallabag.sock"; - pool = '' - user = ${apache.user} - group = ${apache.group} - listen.owner = ${apache.user} - listen.group = ${apache.group} - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 + basedir = builtins.concatStringsSep ":" [ webappDir config.secrets.fullPaths."webapps/tools-wallabag" varDir ]; + pool = { + "listen.owner" = apache.user; + "listen.group" = apache.group; + "pm" = "dynamic"; + "pm.max_children" = "60"; + "pm.start_servers" = "2"; + "pm.min_spare_servers" = "1"; + "pm.max_spare_servers" = "10"; - ; Needed to avoid clashes in browser cookies (same domain) - php_value[session.name] = WallabagPHPSESSID - php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp" - php_value[max_execution_time] = 300 - ''; + # Needed to avoid clashes in browser cookies (same domain) + "php_value[session.name]" = "WallabagPHPSESSID"; + "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp"; + "php_value[max_execution_time]" = "300"; + }; }; }