X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fwallabag.nix;h=b6ad15136447823333b73e42bbc70555adcc588a;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=2d152b2c25ece9a00deb043367f358d987e2f2dc;hpb=ab8f306d7c2c49b8116e1af7b355ed2384617ed9;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix index 2d152b2..b6ad151 100644 --- a/modules/private/websites/tools/tools/wallabag.nix +++ b/modules/private/websites/tools/tools/wallabag.nix @@ -1,11 +1,11 @@ -{ env, wallabag, mylibs }: +{ env, wallabag, mylibs, config }: rec { backups = { rootDir = varDir; + remotes = [ "eriomem" "ovh" ]; }; varDir = "/var/lib/wallabag"; - keys = [{ - dest = "webapps/tools-wallabag"; + keys."webapps/tools-wallabag" = { user = apache.user; group = apache.group; permissions = "0400"; @@ -67,8 +67,8 @@ rec { class: Swift_SendmailTransport arguments: ['/run/wrappers/bin/sendmail -bs'] ''; - }]; - webappDir = wallabag.override { ldap = true; wallabag_config = "/var/secrets/webapps/tools-wallabag"; }; + }; + webappDir = wallabag.override { ldap = true; wallabag_config = config.secrets.fullPaths."webapps/tools-wallabag"; }; activationScript = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/var ${varDir}/data/db ${varDir}/assets/images @@ -82,7 +82,7 @@ rec { modules = [ "proxy_fcgi" ]; webappName = "tools_wallabag"; root = "/run/current-system/webapps/${webappName}"; - vhostConf = '' + vhostConf = socket: '' Alias /wallabag "${root}" AllowOverride None @@ -91,7 +91,7 @@ rec { CGIPassAuth On - SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" + SetHandler "proxy:unix:${socket}|fcgi://localhost" @@ -124,28 +124,24 @@ rec { /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction popd > /dev/null echo -n "${webappDir}" > ${varDir}/currentWebappDir - sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey + sha512sum ${config.secrets.fullPaths."webapps/tools-wallabag"} > ${varDir}/currentKey fi ''; serviceDeps = [ "postgresql.service" "openldap.service" ]; - basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ]; - socket = "/var/run/phpfpm/wallabag.sock"; - pool = '' - listen = ${socket} - user = ${apache.user} - group = ${apache.group} - listen.owner = ${apache.user} - listen.group = ${apache.group} - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 + basedir = builtins.concatStringsSep ":" [ webappDir config.secrets.fullPaths."webapps/tools-wallabag" varDir ]; + pool = { + "listen.owner" = apache.user; + "listen.group" = apache.group; + "pm" = "dynamic"; + "pm.max_children" = "60"; + "pm.start_servers" = "2"; + "pm.min_spare_servers" = "1"; + "pm.max_spare_servers" = "10"; - ; Needed to avoid clashes in browser cookies (same domain) - php_value[session.name] = WallabagPHPSESSID - php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp" - php_value[max_execution_time] = 300 - ''; + # Needed to avoid clashes in browser cookies (same domain) + "php_value[session.name]" = "WallabagPHPSESSID"; + "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp"; + "php_value[max_execution_time]" = "300"; + }; }; }