X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Faten%2Faten.nix;h=c35af6f098ee3dc1ea936ee397c7f8549486a1ee;hb=167b81657d696e91545cedde172e7859643bba06;hp=897b3ba4146d385b3d4de4987f0a1cb483c937af;hpb=a754e9dbf5d6c35398f3c4ec52c3daf5f8ed2dd3;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix index 897b3ba..c35af6f 100644 --- a/nixops/modules/websites/aten/aten.nix +++ b/nixops/modules/websites/aten/aten.nix @@ -4,6 +4,19 @@ let environment = config.environment; varDir = "/var/lib/aten_${environment}"; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /var/secrets/webapps/${environment}-aten > ${varDir}/currentKey + fi + ''; + serviceDeps = [ "postgresql.service" ]; socket = "/var/run/phpfpm/aten-${environment}.sock"; pool = '' listen = ${socket} @@ -29,17 +42,17 @@ let pm.max_spare_servers = 3 ''}''; }; - keys."${environment}-aten" = { - destDir = "/run/keys/webapps"; + keys = [{ + dest = "webapps/${environment}-aten"; user = apache.user; group = apache.group; - permissions = "0700"; + permissions = "0400"; text = '' SetEnv APP_ENV "${environment}" SetEnv APP_SECRET "${config.secret}" SetEnv DATABASE_URL "${config.psql_url}" ''; - }; + }]; apache = rec { user = "wwwrun"; group = "wwwrun"; @@ -51,7 +64,7 @@ let SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" - Include /run/keys/webapps/${environment}-aten + Include /var/secrets/webapps/${environment}-aten ${if environment == "dev" then '' @@ -89,13 +102,6 @@ let text = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; yarnModules = let @@ -111,6 +117,9 @@ let packageJSON = packagejson; yarnLock = "${info.src}/yarn.lock"; pkgConfig = { + all = { + buildInputs = [ yarn2nixPackage.src ]; + }; node-sass = { buildInputs = [ libsass python ]; postInstall = let