X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=virtual%2Feldiron.nix;h=e5839483810b0bf6f17f69d6bb036adabae841ca;hb=e273ef92ae582984e0896a8c16fab73747c3ab2b;hp=2d1c50e4cfd67b1944032cc72de038a0f649bd52;hpb=5dd28b43ebe7086d52d17d494091fec36508e380;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 2d1c50e..e583948 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -36,7 +36,6 @@
       };
     };
 
-    # FIXME: how to run it? currently set as timer
     security.acme.certs = {
       "eldiron" = {
         webroot = "/var/lib/acme/acme-challenge";
@@ -44,7 +43,7 @@
         domain = "eldiron.immae.eu";
         plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
         postRun = ''
-          "systemctl reload httpd.service"
+          systemctl reload httpd.service
         '';
         extraDomains = {
           "db-1.immae.eu" = null;
@@ -53,11 +52,24 @@
           "sandetludo.immae.eu" = null;
         };
       };
+      # "connexionswing" = {
+      #   webroot = "/var/lib/acme/acme-challenge";
+      #   email = "ismael@bouya.org";
+      #   domain = "connexionswing.com";
+      #   plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
+      #   postRun = ''
+      #     systemctl reload httpd.service
+      #   '';
+      #   extraDomains = {
+      #     "www.connexionswing.com" = null;
+      #     "sandetludo.com" = null;
+      #     "www.sandetludo.com" = null;
+      #   };
+      # };
     };
 
     services.ympd = mypkgs.ympd.config // { enable = true; };
 
-    # FIXME: open_basedir
     services.phpfpm = {
       extraConfig = ''
         log_level = notice
@@ -65,6 +77,7 @@
       poolConfigs = {
         adminer = mypkgs.adminer.phpFpm.pool;
         connexionswing_dev = mypkgs.connexionswing_dev.phpFpm.pool;
+        connexionswing_prod = mypkgs.connexionswing_prod.phpFpm.pool;
         www = ''
           listen = /var/run/phpfpm/www.sock
           user = wwwrun
@@ -82,6 +95,7 @@
 
     system.activationScripts = {
       connexionswing_dev  = mypkgs.connexionswing_dev.activationScript;
+      connexionswing_prod = mypkgs.connexionswing_prod.activationScript;
       httpd = ''
         install -d -m 0755 /var/lib/acme/acme-challenge
         install -d -m 0755 /var/www
@@ -104,6 +118,7 @@
       extraModules = pkgs.lib.lists.unique (
         mypkgs.adminer.apache.modules ++
         mypkgs.connexionswing_dev.apache.modules ++
+        mypkgs.connexionswing_prod.apache.modules ++
         [
           "macro"
           "ldap"
@@ -167,7 +182,6 @@
           hostName = "redirectSSL";
           serverAliases = [ "*" ];
           enableSSL = false;
-          # FIXME: directory needs to exist
           documentRoot = "/var/lib/acme/acme-challenge";
           extraConfig = ''
             RewriteEngine on