X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fwallabag.nix;h=2d152b2c25ece9a00deb043367f358d987e2f2dc;hb=0f71cd76014c2c4eb6756d8c04eb51b3e4452958;hp=ba755e4d514fbc3636960f0f0e906f138a528e8c;hpb=4360f70d7a9966593d9e04043fa0a75defc094e0;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index ba755e4..2d152b2 100644
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -1,5 +1,8 @@
 { env, wallabag, mylibs }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/wallabag";
   keys = [{
     dest = "webapps/tools-wallabag";
@@ -45,16 +48,16 @@ rec {
           redis_password: null
           sites_credentials: {  }
           ldap_enabled: true
-          ldap_host: ldap.immae.eu
+          ldap_host: ${env.ldap.host}
           ldap_port: 636
           ldap_tls: false
           ldap_ssl: true
           ldap_bind_requires_dn: true
-          ldap_base: 'dc=immae,dc=eu'
-          ldap_manager_dn: 'cn=wallabag,ou=services,dc=immae,dc=eu'
+          ldap_base: '${env.ldap.base}'
+          ldap_manager_dn: '${env.ldap.dn}'
           ldap_manager_pw: ${env.ldap.password}
-          ldap_filter: '(&(memberOf=cn=users,cn=wallabag,ou=services,dc=immae,dc=eu))'
-          ldap_admin_filter: '(&(memberOf=cn=admins,cn=wallabag,ou=services,dc=immae,dc=eu)(uid=%s))'
+          ldap_filter: '${env.ldap.filter}'
+          ldap_admin_filter: '${env.ldap.admin_filter}'
           ldap_username_attribute: uid
           ldap_email_attribute: mail
           ldap_name_attribute: cn
@@ -110,18 +113,20 @@ rec {
       '';
   };
   phpFpm = rec {
-    preStart = mylibs.phpFpmPreStart {
-      app = webappDir;
-      inherit varDir;
-      keyFiles = [
-        "/var/secrets/webapps/tools-wallabag"
-      ];
-      actions = [
-        "/run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod cache:clear"
-        "rm -rf /var/lib/wallabag/var/cache/pro_"
-        "/run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction"
-      ];
-    };
+    preStart = ''
+      if [ ! -f "${varDir}/currentWebappDir" -o \
+          ! -f "${varDir}/currentKey" -o \
+          "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \
+          || ! sha512sum -c --status ${varDir}/currentKey; then
+        pushd ${webappDir} > /dev/null
+        /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod cache:clear
+        rm -rf /var/lib/wallabag/var/cache/pro_
+        /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction
+        popd > /dev/null
+        echo -n "${webappDir}" > ${varDir}/currentWebappDir
+        sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey
+      fi
+    '';
     serviceDeps = [ "postgresql.service" "openldap.service" ];
     basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
     socket = "/var/run/phpfpm/wallabag.sock";