-{
+let
+set = {
# adatped from nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
httpdInte = import ../websites/httpd-service-builder.nix { httpdName = "Inte"; withUsers = false; };
httpdProd = import ../websites/httpd-service-builder.nix { httpdName = "Prod"; withUsers = false; };
postgresql = ./databases/postgresql.nix;
redis = ./databases/redis.nix;
+ websites = ./websites;
+ atenInte = ./websites/aten/integration.nix;
+ atenProd = ./websites/aten/production.nix;
+ capitainesProd = ./websites/capitaines/production.nix;
+ chloeInte = ./websites/chloe/integration.nix;
+ chloeProd = ./websites/chloe/production.nix;
+ connexionswingInte = ./websites/connexionswing/integration.nix;
+ connexionswingProd = ./websites/connexionswing/production.nix;
+ denisejeromeProd = ./websites/denisejerome/production.nix;
+ emiliaProd = ./websites/emilia/production.nix;
+ florianApp = ./websites/florian/app.nix;
+ florianInte = ./websites/florian/integration.nix;
+ florianProd = ./websites/florian/production.nix;
+ immaeProd = ./websites/immae/production.nix;
+ immaeRelease = ./websites/immae/release.nix;
+ immaeTemp = ./websites/immae/temp.nix;
+ leilaProd = ./websites/leila/production.nix;
+ ludivinecassalInte = ./websites/ludivinecassal/integration.nix;
+ ludivinecassalProd = ./websites/ludivinecassal/production.nix;
+ nassimeProd = ./websites/nassime/production.nix;
+ naturaloutilProd = ./websites/naturaloutil/production.nix;
+ papaSurveillance = ./websites/papa/surveillance.nix;
+ piedsjalouxInte = ./websites/piedsjaloux/integration.nix;
+ piedsjalouxProd = ./websites/piedsjaloux/production.nix;
+
irc = ./irc.nix;
-}
+};
+in
+builtins.listToAttrs (map (attr: { name = "priv${attr}"; value = set.${attr}; }) (builtins.attrNames set))
-{ aten, lib, config }: rec {
+{ apacheUser, apacheGroup, aten, lib, config }: rec {
app = aten.override { inherit (config) environment; };
phpFpm = rec {
preStart = ''
"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
|| ! sha512sum -c --status ${app.varDir}/currentKey; then
pushd ${app} > /dev/null
- /run/wrappers/bin/sudo -u wwwrun APP_ENV=${app.environment} ./bin/console --env=${app.environment} cache:clear --no-warmup
+ /run/wrappers/bin/sudo -u ${apacheUser} APP_ENV=${app.environment} ./bin/console --env=${app.environment} cache:clear --no-warmup
popd > /dev/null
echo -n "${app}" > ${app.varDir}/currentWebappDir
sha512sum /var/secrets/webapps/${app.environment}-aten > ${app.varDir}/currentKey
socket = "/var/run/phpfpm/aten-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
};
keys = [{
dest = "webapps/${app.environment}-aten";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
SetEnv APP_ENV "${app.environment}"
'';
}];
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "aten_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir}
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ aten = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) aten;
+ config = myconfig.env.websites.aten.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
+ };
+
+ cfg = config.myServices.websites.aten.integration;
+in {
+ options.myServices.websites.aten.integration.enable = lib.mkEnableOption "enable Aten's website in integration";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = aten.keys;
+ services.myPhpfpm.preStart.aten_dev = aten.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.aten_dev = aten.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.aten_dev = aten.phpFpm.pool;
+ system.activationScripts.aten_dev = aten.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${aten.app.webRoot} $out/webapps/${aten.apache.webappName}
+ '';
+ services.websites.integration.modules = aten.apache.modules;
+ services.websites.integration.vhostConfs.aten = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "dev.aten.pro" ];
+ root = aten.apache.root;
+ extraConfig = [ aten.apache.vhostConf ];
+ };
+ };
+}
+
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ aten = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) aten;
+ config = myconfig.env.websites.aten.production;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
+ cfg = config.myServices.websites.aten.production;
+in {
+ options.myServices.websites.aten.production.enable = lib.mkEnableOption "enable Aten's website in production";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = aten.keys;
+ services.webstats.sites = [ { name = "aten.pro"; } ];
+
+ services.myPhpfpm.preStart.aten_prod = aten.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.aten_prod = aten.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.aten_prod = aten.phpFpm.pool;
+ system.activationScripts.aten_prod = aten.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${aten.app.webRoot} $out/webapps/${aten.apache.webappName}
+ '';
+ services.websites.production.modules = aten.apache.modules;
+ services.websites.production.vhostConfs.aten = {
+ certName = "aten";
+ certMainHost = "aten.pro";
+ hosts = [ "aten.pro" "www.aten.pro" ];
+ root = aten.apache.root;
+ extraConfig = [ aten.apache.vhostConf ];
+ };
+ };
+}
+
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Capitaines;
+ cfg = config.myServices.websites.capitaines.production;
env = myconfig.env.websites.capitaines;
webappName = "capitaines_mastodon";
root = "/run/current-system/webapps/${webappName}";
siteDir = ./mastodon_static;
in {
- options.services.myWebsites.Capitaines = {
- production = {
- enable = lib.mkEnableOption "enable Capitaines's website";
- };
- };
+ options.myServices.websites.capitaines.production.enable = lib.mkEnableOption "enable Capitaines's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
ln -s ${siteDir} $out/webapps/${webappName}
-{ chloe, config }:
+{ apacheUser, apacheGroup, chloe, config }:
rec {
app = chloe.override { inherit (config) environment; };
phpFpm = rec {
socket = "/var/run/phpfpm/chloe-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
};
keys = [{
dest = "webapps/${app.environment}-chloe";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
SetEnv SPIP_CONFIG_DIR "${configDir}"
'';
}];
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "chloe_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} ${app.varDir}/IMG ${app.varDir}/tmp ${app.varDir}/local
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} ${app.varDir}/IMG ${app.varDir}/tmp ${app.varDir}/local
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- configDir = ./chloe_config_ + app.environment;
+ configDir = ./config;
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ chloe = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) chloe;
+ config = myconfig.env.websites.chloe.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
+ };
+
+ cfg = config.myServices.websites.chloe.integration;
+in {
+ options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = chloe.keys;
+ services.myPhpfpm.serviceDependencies.chloe_dev = chloe.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.chloe_dev = chloe.phpFpm.pool;
+ services.myPhpfpm.poolPhpConfigs.chloe_dev = ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ '';
+ system.activationScripts.chloe_dev = chloe.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${chloe.app.webRoot} $out/webapps/${chloe.apache.webappName}
+ '';
+ services.websites.integration.modules = chloe.apache.modules;
+ services.websites.integration.vhostConfs.chloe = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = ["chloe.immae.eu" ];
+ root = chloe.apache.root;
+ extraConfig = [ chloe.apache.vhostConf ];
+ };
+ };
+}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ chloe = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) chloe;
+ config = myconfig.env.websites.chloe.production;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
+ cfg = config.myServices.websites.chloe.production;
+in {
+ options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = chloe.keys;
+ services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
+
+ services.myPhpfpm.serviceDependencies.chloe_prod = chloe.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.chloe_prod = chloe.phpFpm.pool;
+ services.myPhpfpm.poolPhpConfigs.chloe_prod = ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ '';
+ system.activationScripts.chloe_prod = chloe.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${chloe.app.webRoot} $out/webapps/${chloe.apache.webappName}
+ '';
+ services.websites.production.modules = chloe.apache.modules;
+ services.websites.production.vhostConfs.chloe = {
+ certName = "chloe";
+ certMainHost = "osteopathe-cc.fr";
+ hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
+ root = chloe.apache.root;
+ extraConfig = [ chloe.apache.vhostConf ];
+ };
+ };
+}
--- /dev/null
+{}:
+rec {
+ phpFpm = {
+ socket = "/var/run/phpfpm/adminer.sock";
+ };
+ apache = rec {
+ modules = [ "proxy_fcgi" ];
+ webappName = "_adminer";
+ root = "/run/current-system/webapps/${webappName}";
+ vhostConf = ''
+ Alias /adminer ${root}
+ <Directory ${root}>
+ DirectoryIndex index.php
+ Require all granted
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ '';
+ };
+}
-{ connexionswing, pkgs, phpPackages, config }:
+{ apacheUser, apacheGroup, connexionswing, pkgs, phpPackages, config }:
rec {
app = connexionswing.override { inherit (config) environment; };
keys = [{
dest = "webapps/${app.environment}-connexionswing";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
# This file is auto-generated during the composer install
"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
|| ! sha512sum -c --status ${app.varDir}/currentKey; then
pushd ${app} > /dev/null
- /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
+ /run/wrappers/bin/sudo -u ${apacheUser} ./bin/console --env=${app.environment} cache:clear --no-warmup
popd > /dev/null
echo -n "${app}" > ${app.varDir}/currentWebappDir
sha512sum /var/secrets/webapps/${app.environment}-connexionswing > ${app.varDir}/currentKey
'';
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
''}'';
};
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "connexionswing_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} \
${app.varDir}/medias \
${app.varDir}/uploads \
${app.varDir}/var
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ connexionswing = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) connexionswing;
+ config = myconfig.env.websites.connexionswing.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
+ };
+
+ cfg = config.myServices.websites.connexionswing.integration;
+in {
+ options.myServices.websites.connexionswing.integration.enable = lib.mkEnableOption "enable Connexionswing's website in integration";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = connexionswing.keys;
+ services.myPhpfpm.preStart.connexionswing_dev = connexionswing.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing.phpFpm.pool;
+ services.myPhpfpm.poolPhpConfigs.connexionswing_dev = connexionswing.phpFpm.phpConfig;
+ system.activationScripts.connexionswing_dev = connexionswing.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${connexionswing.app.webRoot} $out/webapps/${connexionswing.apache.webappName}
+ '';
+ services.websites.integration.modules = connexionswing.apache.modules;
+ services.websites.integration.vhostConfs.connexionswing = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
+ root = connexionswing.apache.root;
+ extraConfig = [ connexionswing.apache.vhostConf ];
+ };
+ };
+}
+
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ connexionswing = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) connexionswing;
+ config = myconfig.env.websites.connexionswing.production;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
+ cfg = config.myServices.websites.connexionswing.production;
+in {
+ options.myServices.websites.connexionswing.production.enable = lib.mkEnableOption "enable Connexionswing's website in production";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = connexionswing.keys;
+ services.webstats.sites = [ { name = "connexionswing.com"; } ];
+
+ services.myPhpfpm.preStart.connexionswing_prod = connexionswing.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing.phpFpm.pool;
+ services.myPhpfpm.poolPhpConfigs.connexionswing_prod = connexionswing.phpFpm.phpConfig;
+ system.activationScripts.connexionswing_prod = connexionswing.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${connexionswing.app.webRoot} $out/webapps/${connexionswing.apache.webappName}
+ '';
+ services.websites.production.modules = connexionswing.apache.modules;
+ services.websites.production.vhostConfs.connexionswing = {
+ certName = "connexionswing";
+ certMainHost = "connexionswing.com";
+ hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
+ root = connexionswing.apache.root;
+ extraConfig = [ connexionswing.apache.vhostConf ];
+ };
+ };
+}
+
--- /dev/null
+{ ... }:
+{
+ config.myServices.websites.aten.integration.enable = true;
+ config.myServices.websites.aten.production.enable = true;
+
+ config.myServices.websites.capitaines.production.enable = true;
+
+ config.myServices.websites.chloe.integration.enable = true;
+ config.myServices.websites.chloe.production.enable = true;
+
+ config.myServices.websites.connexionswing.integration.enable = true;
+ config.myServices.websites.connexionswing.production.enable = true;
+
+ config.myServices.websites.denisejerome.production.enable = true;
+
+ config.myServices.websites.emilia.production.enable = true;
+
+ config.myServices.websites.florian.app.enable = true;
+ config.myServices.websites.florian.integration.enable = true;
+ config.myServices.websites.florian.production.enable = true;
+
+ config.myServices.websites.immae.production.enable = true;
+ config.myServices.websites.immae.release.enable = true;
+ config.myServices.websites.immae.temp.enable = true;
+
+ config.myServices.websites.leila.production.enable = true;
+
+ config.myServices.websites.ludivinecassal.integration.enable = true;
+ config.myServices.websites.ludivinecassal.production.enable = true;
+
+ config.myServices.websites.nassime.production.enable = true;
+
+ config.myServices.websites.naturaloutil.production.enable = true;
+
+ config.myServices.websites.papa.surveillance.enable = true;
+
+ config.myServices.websites.piedsjaloux.integration.enable = true;
+ config.myServices.websites.piedsjaloux.production.enable = true;
+}
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.DeniseJerome;
- varDir = "/var/lib/ftp/denisejerome";
- env = myconfig.env.websites.denisejerome;
+ cfg = config.myServices.websites.denisejerome.production;
+ varDir = "/var/lib/ftp/denisejerome";
+ env = myconfig.env.websites.denisejerome;
in {
- options.services.myWebsites.DeniseJerome = {
- production = {
- enable = lib.mkEnableOption "enable Denise Jerome's website";
- };
- };
+ options.myServices.websites.denisejerome.production.enable = lib.mkEnableOption "enable Denise Jerome's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "denisejerome.piedsjaloux.fr"; } ];
services.websites.production.vhostConfs.denisejerome = {
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Emilia;
+ cfg = config.myServices.websites.emilia.production;
env = myconfig.env.websites.emilia;
varDir = "/var/lib/moodle";
siteDir = ./moodle;
// it is intentional because it prevents trailing whitespace problems!
'';
in {
- options.services.myWebsites.Emilia = {
- production = {
- enable = lib.mkEnableOption "enable Emilia's website";
- };
- };
+ options.myServices.websites.emilia.production.enable = lib.mkEnableOption "enable Emilia's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
system.activationScripts.emilia = ''
install -m 0755 -o wwwrun -g wwwrun -d ${varDir}
'';
let
adminer = pkgs.callPackage ../commons/adminer.nix {};
- tellesflorian_dev = pkgs.callPackage ./tellesflorian.nix {
+ tellesflorian = pkgs.callPackage ./builder_app.nix {
inherit (pkgs.webapps) tellesflorian;
config = myconfig.env.websites.tellesflorian.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
};
- cfg = config.services.myWebsites.TellesFlorian;
+ cfg = config.myServices.websites.florian.app;
in {
- options.services.myWebsites.TellesFlorian = {
- integration = {
- enable = lib.mkEnableOption "enable Florian Telles's website in integration";
- };
- };
+ options.myServices.websites.florian.app.enable = lib.mkEnableOption "enable Florian's app in integration";
- config = lib.mkIf cfg.integration.enable {
- secrets.keys = tellesflorian_dev.keys;
- services.myPhpfpm.preStart.tellesflorian_dev = tellesflorian_dev.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.tellesflorian_dev = tellesflorian_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.tellesflorian_dev = tellesflorian_dev.phpFpm.pool;
- system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript;
+ config = lib.mkIf cfg.enable {
+ secrets.keys = tellesflorian.keys;
+ services.myPhpfpm.preStart.tellesflorian_dev = tellesflorian.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.tellesflorian_dev = tellesflorian.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool;
+ system.activationScripts.tellesflorian_dev = tellesflorian.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
- ln -s ${tellesflorian_dev.app.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}
+ ln -s ${tellesflorian.app.webRoot} $out/webapps/${tellesflorian.apache.webappName}
'';
- services.websites.integration.modules = adminer.apache.modules ++ tellesflorian_dev.apache.modules;
+ services.websites.integration.modules = adminer.apache.modules ++ tellesflorian.apache.modules;
services.websites.integration.vhostConfs.tellesflorian = {
certName = "eldiron";
addToCerts = true;
hosts = ["app.tellesflorian.com" ];
- root = tellesflorian_dev.apache.root;
+ root = tellesflorian.apache.root;
extraConfig = [
- tellesflorian_dev.apache.vhostConf
+ tellesflorian.apache.vhostConf
adminer.apache.vhostConf
];
};
-{ tellesflorian, config }:
+{ apacheUser, apacheGroup, tellesflorian, config }:
rec {
app = tellesflorian.override { inherit (config) environment; };
keys = [
{
dest = "webapps/${app.environment}-tellesflorian-passwords";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
invite:${config.invite_passwords}
}
{
dest = "webapps/${app.environment}-tellesflorian";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
# This file is auto-generated during the composer install
socket = "/var/run/phpfpm/floriantelles-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
''}'';
};
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "florian_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} \
${app.varDir}/var
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ adminer = pkgs.callPackage ../commons/adminer.nix {};
+ cfg = config.myServices.websites.florian.integration;
+ varDir = "/var/lib/ftp/florian";
+ env = myconfig.env.websites.florian;
+in {
+ options.myServices.websites.florian.integration.enable = lib.mkEnableOption "enable Florian's website integration";
+
+ config = lib.mkIf cfg.enable {
+ security.acme.certs."ftp".extraDomains."florian.immae.eu" = null;
+
+ services.websites.integration.modules = adminer.apache.modules;
+ services.websites.integration.vhostConfs.florian = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "florian.immae.eu" ];
+ root = "${varDir}/florian.immae.eu";
+ extraConfig = [
+ adminer.apache.vhostConf
+ ''
+ ServerAdmin ${env.server_admin}
+
+ <Directory ${varDir}/florian.immae.eu>
+ DirectoryIndex index.php index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride None
+ Require all granted
+ </Directory>
+ ''
+ ];
+ };
+ };
+}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ adminer = pkgs.callPackage ../commons/adminer.nix {};
+ cfg = config.myServices.websites.florian.production;
+ varDir = "/var/lib/ftp/florian";
+ env = myconfig.env.websites.florian;
+in {
+ options.myServices.websites.florian.production.enable = lib.mkEnableOption "enable Florian's website production";
+
+ config = lib.mkIf cfg.enable {
+ security.acme.certs."ftp".extraDomains."tellesflorian.com" = null;
+
+ services.websites.production.modules = adminer.apache.modules;
+ services.websites.production.vhostConfs.florian = {
+ certName = "florian";
+ certMainHost = "tellesflorian.com";
+ hosts = [ "tellesflorian.com" "www.tellesflorian.com" ];
+ root = "${varDir}/tellesflorian.com";
+ extraConfig = [
+ adminer.apache.vhostConf
+ ''
+ ServerAdmin ${env.server_admin}
+
+ <Directory ${varDir}/tellesflorian.com>
+ DirectoryIndex index.php index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride None
+ Require all granted
+ </Directory>
+ ''
+ ];
+ };
+ };
+}
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Immae;
- varDir = "/var/lib/ftp/immae";
- env = myconfig.env.websites.immae;
+ cfg = config.myServices.websites.immae.production;
+ varDir = "/var/lib/ftp/immae";
+ env = myconfig.env.websites.immae;
in {
- options.services.myWebsites.Immae = {
- production = {
- enable = lib.mkEnableOption "enable Immae's website";
- };
- };
+ options.myServices.websites.immae.production.enable = lib.mkEnableOption "enable Immae's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "www.immae.eu"; } ];
services.myPhpfpm.poolConfigs.immae = ''
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Release;
- varDir = "/var/lib/ftp/release.immae.eu";
- env = myconfig.env.websites.release;
+ cfg = config.myServices.websites.immae.release;
+ varDir = "/var/lib/ftp/release.immae.eu";
+ env = myconfig.env.websites.release;
in {
- options.services.myWebsites.Release = {
- production = {
- enable = lib.mkEnableOption "enable Release' website";
- };
- };
+ options.myServices.websites.immae.release.enable = lib.mkEnableOption "enable Release' website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "release.immae.eu"; } ];
services.websites.production.vhostConfs.release = {
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Temp;
- varDir = "/var/lib/ftp/temp.immae.eu";
- env = myconfig.env.websites.temp;
+ cfg = config.myServices.websites.immae.temp;
+ varDir = "/var/lib/ftp/temp.immae.eu";
+ env = myconfig.env.websites.temp;
in {
- options.services.myWebsites.Temp = {
- production = {
- enable = lib.mkEnableOption "enable Temp' website";
- };
- };
+ options.myServices.websites.immae.temp.enable = lib.mkEnableOption "enable Temp' website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.websites.production.modules = [ "headers" ];
services.websites.production.vhostConfs.temp = {
certName = "eldiron";
--- /dev/null
+{ lib, pkgs, config, ... }:
+let
+ cfg = config.myServices.websites.leila.production;
+ varDir = "/var/lib/ftp/leila";
+in {
+ options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's website in production";
+
+ config = lib.mkIf cfg.enable {
+ services.myPhpfpm.poolConfigs.leila = ''
+ listen = /run/phpfpm/leila.sock
+ user = wwwrun
+ group = wwwrun
+ listen.owner = wwwrun
+ listen.group = wwwrun
+
+ pm = ondemand
+ pm.max_children = 5
+ pm.process_idle_timeout = 60
+
+ php_admin_value[open_basedir] = "${varDir}:/tmp"
+ '';
+
+ services.webstats.sites = [
+ { name = "leila.bouya.org"; }
+ { name = "chorale.leila.bouya.org"; }
+ ];
+
+ services.websites.production.modules = [ "proxy_fcgi" ];
+ services.websites.production.vhostConfs.leila_chorale = {
+ certName = "leila";
+ addToCerts = true;
+ hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ];
+ root = "${varDir}/Chorale";
+ extraConfig = [
+ ''
+ Use Stats chorale.leila.bouya.org
+ <Directory ${varDir}/Chorale>
+ DirectoryIndex index.php index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride None
+
+ Use LDAPConnect
+ Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
+
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ ''
+ ];
+ };
+ services.websites.production.vhostConfs.leila = {
+ certName = "leila";
+ certMainHost = "leila.bouya.org";
+ hosts = [ "leila.bouya.org" ];
+ root = varDir;
+ extraConfig = [
+ ''
+ Use Stats leila.bouya.org
+ <Directory ${varDir}/Chorale>
+ DirectoryIndex index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride None
+
+ Use LDAPConnect
+ Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
+
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ <Directory ${varDir}>
+ DirectoryIndex index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride None
+ Require all granted
+ </Directory>
+ ''
+ ];
+ };
+ };
+}
-{ config, ludivinecassal, pkgs, ruby, sass, imagemagick }:
+{ apacheUser, apacheGroup, config, ludivinecassal, pkgs, ruby, sass, imagemagick }:
rec {
app = ludivinecassal.override { inherit (config) environment; };
varDir = "/var/lib/ludivinecassal_${app.environment}";
keys = [{
dest = "webapps/${app.environment}-ludivinecassal";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
# This file is auto-generated during the composer install
"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
|| ! sha512sum -c --status ${app.varDir}/currentKey; then
pushd ${app} > /dev/null
- /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
+ /run/wrappers/bin/sudo -u ${apacheUser} ./bin/console --env=${app.environment} cache:clear --no-warmup
popd > /dev/null
echo -n "${app}" > ${app.varDir}/currentWebappDir
sha512sum /var/secrets/webapps/${app.environment}-ludivinecassal > ${app.varDir}/currentKey
socket = "/var/run/phpfpm/ludivinecassal-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
''}'';
};
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "ludivine_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir}
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/tmp
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/tmp
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ ludivinecassal = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) ludivinecassal;
+ config = myconfig.env.websites.ludivinecassal.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
+ };
+
+ cfg = config.myServices.websites.ludivinecassal.integration;
+in {
+ options.myServices.websites.ludivinecassal.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = ludivinecassal.keys;
+
+ services.myPhpfpm.preStart.ludivinecassal_dev = ludivinecassal.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.ludivinecassal_dev = ludivinecassal.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool;
+ system.activationScripts.ludivinecassal_dev = ludivinecassal.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${ludivinecassal.app.webRoot} $out/webapps/${ludivinecassal.apache.webappName}
+ '';
+ services.websites.integration.modules = ludivinecassal.apache.modules;
+ services.websites.integration.vhostConfs.ludivine = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "ludivine.immae.eu" ];
+ root = ludivinecassal.apache.root;
+ extraConfig = [ ludivinecassal.apache.vhostConf ];
+ };
+ };
+}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ ludivinecassal = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) ludivinecassal;
+ config = myconfig.env.websites.ludivinecassal.production;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
+ cfg = config.myServices.websites.ludivinecassal.production;
+in {
+ options.myServices.websites.ludivinecassal.production.enable = lib.mkEnableOption "enable Ludivine's website in production";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = ludivinecassal.keys;
+ services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
+
+ services.myPhpfpm.preStart.ludivinecassal_prod = ludivinecassal.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.ludivinecassal_prod = ludivinecassal.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool;
+ system.activationScripts.ludivinecassal_prod = ludivinecassal.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${ludivinecassal.app.webRoot} $out/webapps/${ludivinecassal.apache.webappName}
+ '';
+ services.websites.production.modules = ludivinecassal.apache.modules;
+ services.websites.production.vhostConfs.ludivine = {
+ certName = "ludivinecassal";
+ certMainHost = "ludivinecassal.com";
+ hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ];
+ root = ludivinecassal.apache.root;
+ extraConfig = [ ludivinecassal.apache.vhostConf ];
+ };
+ };
+}
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Nassime;
- varDir = "/var/lib/ftp/nassime";
- env = myconfig.env.websites.nassime;
+ cfg = config.myServices.websites.nassime.production;
+ varDir = "/var/lib/ftp/nassime";
+ env = myconfig.env.websites.nassime;
in {
- options.services.myWebsites.Nassime = {
- production = {
- enable = lib.mkEnableOption "enable Nassime's website";
- };
- };
+ options.myServices.websites.nassime.production.enable = lib.mkEnableOption "enable Nassime's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "nassime.bouya.org"; } ];
security.acme.certs."ftp".extraDomains."nassime.bouya.org" = null;
{ lib, pkgs, config, myconfig, ... }:
let
- adminer = pkgs.callPackage ../commons/adminer.nix {};
- cfg = config.services.myWebsites.Jerome;
- varDir = "/var/lib/ftp/jerome";
- env = myconfig.env.websites.jerome;
+ adminer = pkgs.callPackage ../commons/adminer.nix {};
+ cfg = config.myServices.websites.naturaloutil.production;
+ varDir = "/var/lib/ftp/jerome";
+ env = myconfig.env.websites.jerome;
in {
- options.services.myWebsites.Jerome = {
- production = {
- enable = lib.mkEnableOption "enable Jerome's website";
- };
- };
+ options.myServices.websites.naturaloutil.production.enable = lib.mkEnableOption "enable Naturaloutil's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "naturaloutil.immae.eu"; } ];
security.acme.certs."ftp".extraDomains."naturaloutil.immae.eu" = null;
{ lib, pkgs, config, myconfig, ... }:
let
- cfg = config.services.myWebsites.Papa;
- varDir = "/var/lib/ftp/papa";
+ cfg = config.myServices.websites.papa.surveillance;
+ varDir = "/var/lib/ftp/papa";
in {
- options.services.myWebsites.Papa = {
- production = {
- enable = lib.mkEnableOption "enable Papa's website";
- };
- };
+ options.myServices.websites.papa.surveillance.enable = lib.mkEnableOption "enable Papa surveillance's website";
- config = lib.mkIf cfg.production.enable {
+ config = lib.mkIf cfg.enable {
security.acme.certs."ftp".extraDomains."surveillance.maison.bbc.bouya.org" = null;
services.cron = {
-{ piedsjaloux, config, pkgs, lib, texlive, imagemagick }:
+{ apacheUser, apacheGroup, piedsjaloux, config, pkgs, lib, texlive, imagemagick }:
rec {
app = piedsjaloux.override { inherit (config) environment; };
varDir = "/var/lib/piedsjaloux_${app.environment}";
keys = [{
dest = "webapps/${app.environment}-piedsjaloux";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
# This file is auto-generated during the composer install
"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
|| ! sha512sum -c --status ${app.varDir}/currentKey; then
pushd ${app} > /dev/null
- /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
+ /run/wrappers/bin/sudo -u ${apacheUser} ./bin/console --env=${app.environment} cache:clear --no-warmup
popd > /dev/null
echo -n "${app}" > ${app.varDir}/currentWebappDir
sha512sum /var/secrets/webapps/${app.environment}-piedsjaloux > ${app.varDir}/currentKey
socket = "/var/run/phpfpm/piedsjaloux-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
''}'';
};
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "piedsjaloux_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} \
${app.varDir}/tmp
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ piedsjaloux = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) piedsjaloux;
+ config = myconfig.env.websites.piedsjaloux.integration;
+ apacheUser = config.services.httpd.Inte.user;
+ apacheGroup = config.services.httpd.Inte.group;
+ };
+
+ cfg = config.myServices.websites.piedsjaloux.integration;
+in {
+ options.myServices.websites.piedsjaloux.integration.enable = lib.mkEnableOption "enable PiedsJaloux's website in integration";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = piedsjaloux.keys;
+ services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool;
+ system.activationScripts.piedsjaloux_dev = piedsjaloux.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${piedsjaloux.app.webRoot} $out/webapps/${piedsjaloux.apache.webappName}
+ '';
+ services.websites.integration.modules = piedsjaloux.apache.modules;
+ services.websites.integration.vhostConfs.piedsjaloux = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "piedsjaloux.immae.eu" ];
+ root = piedsjaloux.apache.root;
+ extraConfig = [ piedsjaloux.apache.vhostConf ];
+ };
+ };
+}
+
--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ piedsjaloux = pkgs.callPackage ./builder.nix {
+ inherit (pkgs.webapps) piedsjaloux;
+ config = myconfig.env.websites.piedsjaloux.production;
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
+ };
+
+ cfg = config.myServices.websites.piedsjaloux.production;
+in {
+ options.myServices.websites.piedsjaloux.production.enable = lib.mkEnableOption "enable PiedsJaloux's website in production";
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = piedsjaloux.keys;
+ services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
+
+ services.myPhpfpm.preStart.piedsjaloux_prod = piedsjaloux.phpFpm.preStart;
+ services.myPhpfpm.serviceDependencies.piedsjaloux_prod = piedsjaloux.phpFpm.serviceDeps;
+ services.myPhpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool;
+ system.activationScripts.piedsjaloux_prod = piedsjaloux.activationScript;
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${piedsjaloux.app.webRoot} $out/webapps/${piedsjaloux.apache.webappName}
+ '';
+ services.websites.production.modules = piedsjaloux.apache.modules;
+ services.websites.production.vhostConfs.piedsjaloux = {
+ certName = "piedsjaloux";
+ certMainHost = "piedsjaloux.fr";
+ hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
+ root = piedsjaloux.apache.root;
+ extraConfig = [ piedsjaloux.apache.vhostConf ];
+ };
+ };
+}
+
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- aten_dev = pkgs.callPackage ./aten.nix {
- inherit (pkgs.webapps) aten;
- config = myconfig.env.websites.aten.integration;
- };
- aten_prod = pkgs.callPackage ./aten.nix {
- inherit (pkgs.webapps) aten;
- config = myconfig.env.websites.aten.production;
- };
-
- cfg = config.services.myWebsites.Aten;
-in {
- options.services.myWebsites.Aten = {
- production = {
- enable = lib.mkEnableOption "enable Aten's website in production";
- };
- integration = {
- enable = lib.mkEnableOption "enable Aten's website in integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- secrets.keys = aten_prod.keys;
- services.webstats.sites = [ { name = "aten.pro"; } ];
-
- services.myPhpfpm.preStart.aten_prod = aten_prod.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.aten_prod = aten_prod.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool;
- system.activationScripts.aten_prod = aten_prod.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${aten_prod.app.webRoot} $out/webapps/${aten_prod.apache.webappName}
- '';
- services.websites.production.modules = aten_prod.apache.modules;
- services.websites.production.vhostConfs.aten = {
- certName = "aten";
- certMainHost = "aten.pro";
- hosts = [ "aten.pro" "www.aten.pro" ];
- root = aten_prod.apache.root;
- extraConfig = [ aten_prod.apache.vhostConf ];
- };
- })
- (lib.mkIf cfg.integration.enable {
- secrets.keys = aten_dev.keys;
- services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool;
- system.activationScripts.aten_dev = aten_dev.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${aten_dev.app.webRoot} $out/webapps/${aten_dev.apache.webappName}
- '';
- services.websites.integration.modules = aten_dev.apache.modules;
- services.websites.integration.vhostConfs.aten = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "dev.aten.pro" ];
- root = aten_dev.apache.root;
- extraConfig = [ aten_dev.apache.vhostConf ];
- };
- })
- ];
-}
-
+++ /dev/null
-<?php
-if (!defined("_ECRIRE_INC_VERSION")) return;
-if (!defined('_SPIP_CHMOD')) define('_SPIP_CHMOD', 0777);
-?>
\ No newline at end of file
+++ /dev/null
-<?php
-if (!defined("_ECRIRE_INC_VERSION")) return;
-define('_MYSQL_SET_SQL_MODE',true);
-$GLOBALS['spip_connect_version'] = 0.7;
-spip_connect_db(
- getenv("SPIP_MYSQL_HOST"),
- getenv("SPIP_MYSQL_PORT"),
- getenv("SPIP_MYSQL_USER"),
- getenv("SPIP_MYSQL_PASSWORD"),
- getenv("SPIP_MYSQL_DB"),
- 'mysql',
- 'spip',
- 'ldap.php'
-);
-?>
+++ /dev/null
-<?php
-if (!defined("_ECRIRE_INC_VERSION")) return;
-$GLOBALS['ldap_base'] = getenv("SPIP_LDAP_BASE");
-$GLOBALS['ldap_link'] = @ldap_connect(getenv("SPIP_LDAP_HOST"));
-@ldap_set_option($GLOBALS['ldap_link'],LDAP_OPT_PROTOCOL_VERSION,'3');
-@ldap_bind($GLOBALS['ldap_link'],getenv("SPIP_LDAP_SEARCH_DN"), getenv("SPIP_LDAP_SEARCH_PW"));
-$GLOBALS['ldap_champs'] = array('login' => array('sAMAccountName','uid','login','userid','cn','sn'),'nom' => 'cn','email' => 'mail','bio' => 'description',);
-$GLOBALS['ldap_search'] = getenv("SPIP_LDAP_SEARCH");
-?>
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- chloe_dev = pkgs.callPackage ./chloe.nix {
- inherit (pkgs.webapps) chloe;
- config = myconfig.env.websites.chloe.integration;
- };
- chloe_prod = pkgs.callPackage ./chloe.nix {
- inherit (pkgs.webapps) chloe;
- config = myconfig.env.websites.chloe.production;
- };
-
- cfg = config.services.myWebsites.Chloe;
-in {
- options.services.myWebsites.Chloe = {
- production = {
- enable = lib.mkEnableOption "enable Chloe's website in production";
- };
- integration = {
- enable = lib.mkEnableOption "enable Chloe's website in integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- secrets.keys = chloe_prod.keys;
- services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
-
- services.myPhpfpm.serviceDependencies.chloe_prod = chloe_prod.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.chloe_prod = chloe_prod.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.chloe_prod = ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
- '';
- system.activationScripts.chloe_prod = chloe_prod.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${chloe_prod.app.webRoot} $out/webapps/${chloe_prod.apache.webappName}
- '';
- services.websites.production.modules = chloe_prod.apache.modules;
- services.websites.production.vhostConfs.chloe = {
- certName = "chloe";
- certMainHost = "osteopathe-cc.fr";
- hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
- root = chloe_prod.apache.root;
- extraConfig = [ chloe_prod.apache.vhostConf ];
- };
- })
- (lib.mkIf cfg.integration.enable {
- secrets.keys = chloe_dev.keys;
- services.myPhpfpm.serviceDependencies.chloe_dev = chloe_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.chloe_dev = chloe_dev.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.chloe_dev = ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
- '';
- system.activationScripts.chloe_dev = chloe_dev.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${chloe_dev.app.webRoot} $out/webapps/${chloe_dev.apache.webappName}
- '';
- services.websites.integration.modules = chloe_dev.apache.modules;
- services.websites.integration.vhostConfs.chloe = {
- certName = "eldiron";
- addToCerts = true;
- hosts = ["chloe.immae.eu" ];
- root = chloe_dev.apache.root;
- extraConfig = [ chloe_dev.apache.vhostConf ];
- };
- })
- ];
-}
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- connexionswing_dev = pkgs.callPackage ./connexionswing.nix {
- inherit (pkgs.webapps) connexionswing;
- config = myconfig.env.websites.connexionswing.integration;
- };
- connexionswing_prod = pkgs.callPackage ./connexionswing.nix {
- inherit (pkgs.webapps) connexionswing;
- config = myconfig.env.websites.connexionswing.production;
- };
-
- cfg = config.services.myWebsites.Connexionswing;
-in {
- options.services.myWebsites.Connexionswing = {
- production = {
- enable = lib.mkEnableOption "enable Connexionswing's website in production";
- };
- integration = {
- enable = lib.mkEnableOption "enable Connexionswing's website in integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- secrets.keys = connexionswing_prod.keys;
- services.webstats.sites = [ { name = "connexionswing.com"; } ];
-
- services.myPhpfpm.preStart.connexionswing_prod = connexionswing_prod.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing_prod.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing_prod.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.connexionswing_prod = connexionswing_prod.phpFpm.phpConfig;
- system.activationScripts.connexionswing_prod = connexionswing_prod.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${connexionswing_prod.app.webRoot} $out/webapps/${connexionswing_prod.apache.webappName}
- '';
- services.websites.production.modules = connexionswing_prod.apache.modules;
- services.websites.production.vhostConfs.connexionswing = {
- certName = "connexionswing";
- certMainHost = "connexionswing.com";
- hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
- root = connexionswing_prod.apache.root;
- extraConfig = [ connexionswing_prod.apache.vhostConf ];
- };
- })
- (lib.mkIf cfg.integration.enable {
- secrets.keys = connexionswing_dev.keys;
- services.myPhpfpm.preStart.connexionswing_dev = connexionswing_dev.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing_dev.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.connexionswing_dev = connexionswing_dev.phpFpm.phpConfig;
- system.activationScripts.connexionswing_dev = connexionswing_dev.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${connexionswing_dev.app.webRoot} $out/webapps/${connexionswing_dev.apache.webappName}
- '';
- services.websites.integration.modules = connexionswing_dev.apache.modules;
- services.websites.integration.vhostConfs.connexionswing = {
- certName = "eldiron";
- addToCerts = true;
- hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
- root = connexionswing_dev.apache.root;
- extraConfig = [ connexionswing_dev.apache.vhostConf ];
- };
- })
- ];
-}
-
in
{
imports = [
- ./chloe
- ./ludivine
- ./aten
- ./piedsjaloux
- ./connexionswing
- ./tellesflorian
- ./emilia
- ./capitaines
- ./ftp/jerome.nix
- ./ftp/nassime.nix
- ./ftp/florian.nix
- ./ftp/denisejerome.nix
- ./ftp/leila.nix
- ./ftp/papa.nix
- ./ftp/immae.nix
- ./ftp/release.nix
- ./ftp/temp.nix
./tools/db.nix
./tools/tools
./tools/dav
services.myWebsites.tools.etherpad-lite.enable = true;
services.myWebsites.tools.peertube.enable = true;
- services.myWebsites.Chloe.production.enable = true;
- services.myWebsites.Ludivine.production.enable = true;
- services.myWebsites.Aten.production.enable = true;
- services.myWebsites.PiedsJaloux.production.enable = true;
- services.myWebsites.Connexionswing.production.enable = true;
- services.myWebsites.Jerome.production.enable = true;
- services.myWebsites.Nassime.production.enable = true;
- services.myWebsites.Florian.production.enable = true;
- services.myWebsites.Leila.production.enable = true;
- services.myWebsites.Papa.production.enable = true;
- services.myWebsites.DeniseJerome.production.enable = true;
- services.myWebsites.Emilia.production.enable = true;
- services.myWebsites.Capitaines.production.enable = true;
- services.myWebsites.Immae.production.enable = true;
- services.myWebsites.Release.production.enable = true;
- services.myWebsites.Temp.production.enable = true;
-
- services.myWebsites.Chloe.integration.enable = true;
- services.myWebsites.Ludivine.integration.enable = true;
- services.myWebsites.Aten.integration.enable = true;
- services.myWebsites.PiedsJaloux.integration.enable = true;
- services.myWebsites.Connexionswing.integration.enable = true;
- services.myWebsites.TellesFlorian.integration.enable = true;
- services.myWebsites.Florian.integration.enable = true;
-
secrets.keys = [{
dest = "apache-ldap";
user = "wwwrun";
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- adminer = pkgs.callPackage ../commons/adminer.nix {};
- cfg = config.services.myWebsites.Florian;
- varDir = "/var/lib/ftp/florian";
- env = myconfig.env.websites.florian;
-in {
- options.services.myWebsites.Florian = {
- production = {
- enable = lib.mkEnableOption "enable Florian's website production";
- };
- integration = {
- enable = lib.mkEnableOption "enable Florian's website integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- security.acme.certs."ftp".extraDomains."tellesflorian.com" = null;
-
- services.websites.production.modules = adminer.apache.modules;
- services.websites.production.vhostConfs.florian = {
- certName = "florian";
- certMainHost = "tellesflorian.com";
- hosts = [ "tellesflorian.com" "www.tellesflorian.com" ];
- root = "${varDir}/tellesflorian.com";
- extraConfig = [
- adminer.apache.vhostConf
- ''
- ServerAdmin ${env.server_admin}
-
- <Directory ${varDir}/tellesflorian.com>
- DirectoryIndex index.php index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride None
- Require all granted
- </Directory>
- ''
- ];
- };
- })
-
- (lib.mkIf cfg.integration.enable {
- security.acme.certs."ftp".extraDomains."florian.immae.eu" = null;
-
- services.websites.integration.modules = adminer.apache.modules;
- services.websites.integration.vhostConfs.florian = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "florian.immae.eu" ];
- root = "${varDir}/florian.immae.eu";
- extraConfig = [
- adminer.apache.vhostConf
- ''
- ServerAdmin ${env.server_admin}
-
- <Directory ${varDir}/florian.immae.eu>
- DirectoryIndex index.php index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride None
- Require all granted
- </Directory>
- ''
- ];
- };
- })
- ];
-}
+++ /dev/null
-{ lib, pkgs, config, ... }:
-let
- cfg = config.services.myWebsites.Leila;
- varDir = "/var/lib/ftp/leila";
-in {
- options.services.myWebsites.Leila = {
- production = {
- enable = lib.mkEnableOption "enable Leila's website in production";
- };
- };
-
- config = (lib.mkIf cfg.production.enable {
- services.myPhpfpm.poolConfigs.leila = ''
- listen = /run/phpfpm/leila.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
-
- pm = ondemand
- pm.max_children = 5
- pm.process_idle_timeout = 60
-
- php_admin_value[open_basedir] = "${varDir}:/tmp"
- '';
-
- services.webstats.sites = [
- { name = "leila.bouya.org"; }
- { name = "chorale.leila.bouya.org"; }
- ];
-
- services.websites.production.modules = [ "proxy_fcgi" ];
- services.websites.production.vhostConfs.leila_chorale = {
- certName = "leila";
- addToCerts = true;
- hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ];
- root = "${varDir}/Chorale";
- extraConfig = [
- ''
- Use Stats chorale.leila.bouya.org
- <Directory ${varDir}/Chorale>
- DirectoryIndex index.php index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride None
-
- Use LDAPConnect
- Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
-
- <FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
- </FilesMatch>
- </Directory>
- ''
- ];
- };
- services.websites.production.vhostConfs.leila = {
- certName = "leila";
- certMainHost = "leila.bouya.org";
- hosts = [ "leila.bouya.org" ];
- root = varDir;
- extraConfig = [
- ''
- Use Stats leila.bouya.org
- <Directory ${varDir}/Chorale>
- DirectoryIndex index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride None
-
- Use LDAPConnect
- Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
-
- <FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
- </FilesMatch>
- </Directory>
- <Directory ${varDir}>
- DirectoryIndex index.htm index.html
- Options Indexes FollowSymLinks MultiViews Includes
- AllowOverride None
- Require all granted
- </Directory>
- ''
- ];
- };
- });
-}
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- ludivinecassal_dev = pkgs.callPackage ./ludivinecassal.nix {
- inherit (pkgs.webapps) ludivinecassal;
- config = myconfig.env.websites.ludivinecassal.integration;
- };
- ludivinecassal_prod = pkgs.callPackage ./ludivinecassal.nix {
- inherit (pkgs.webapps) ludivinecassal;
- config = myconfig.env.websites.ludivinecassal.production;
- };
-
- cfg = config.services.myWebsites.Ludivine;
-in {
- options.services.myWebsites.Ludivine = {
- production = {
- enable = lib.mkEnableOption "enable Ludivine's website in production";
- };
- integration = {
- enable = lib.mkEnableOption "enable Ludivine's website in integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- secrets.keys = ludivinecassal_prod.keys;
- services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
-
- services.myPhpfpm.preStart.ludivinecassal_prod = ludivinecassal_prod.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.ludivinecassal_prod = ludivinecassal_prod.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal_prod.phpFpm.pool;
- system.activationScripts.ludivinecassal_prod = ludivinecassal_prod.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${ludivinecassal_prod.app.webRoot} $out/webapps/${ludivinecassal_prod.apache.webappName}
- '';
- services.websites.production.modules = ludivinecassal_prod.apache.modules;
- services.websites.production.vhostConfs.ludivine = {
- certName = "ludivinecassal";
- certMainHost = "ludivinecassal.com";
- hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ];
- root = ludivinecassal_prod.apache.root;
- extraConfig = [ ludivinecassal_prod.apache.vhostConf ];
- };
- })
- (lib.mkIf cfg.integration.enable {
- secrets.keys = ludivinecassal_dev.keys;
-
- services.myPhpfpm.preStart.ludivinecassal_dev = ludivinecassal_dev.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.ludivinecassal_dev = ludivinecassal_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal_dev.phpFpm.pool;
- system.activationScripts.ludivinecassal_dev = ludivinecassal_dev.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${ludivinecassal_dev.app.webRoot} $out/webapps/${ludivinecassal_dev.apache.webappName}
- '';
- services.websites.integration.modules = ludivinecassal_dev.apache.modules;
- services.websites.integration.vhostConfs.ludivine = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "ludivine.immae.eu" ];
- root = ludivinecassal_dev.apache.root;
- extraConfig = [ ludivinecassal_dev.apache.vhostConf ];
- };
- })
- ];
-}
+++ /dev/null
-{ lib, pkgs, config, myconfig, ... }:
-let
- piedsjaloux_dev = pkgs.callPackage ./piedsjaloux.nix {
- inherit (pkgs.webapps) piedsjaloux;
- config = myconfig.env.websites.piedsjaloux.integration;
- };
- piedsjaloux_prod = pkgs.callPackage ./piedsjaloux.nix {
- inherit (pkgs.webapps) piedsjaloux;
- config = myconfig.env.websites.piedsjaloux.production;
- };
-
- cfg = config.services.myWebsites.PiedsJaloux;
-in {
- options.services.myWebsites.PiedsJaloux = {
- production = {
- enable = lib.mkEnableOption "enable PiedsJaloux's website in production";
- };
- integration = {
- enable = lib.mkEnableOption "enable PiedsJaloux's website in integration";
- };
- };
-
- config = lib.mkMerge [
- (lib.mkIf cfg.production.enable {
- secrets.keys = piedsjaloux_prod.keys;
- services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
-
- services.myPhpfpm.preStart.piedsjaloux_prod = piedsjaloux_prod.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.piedsjaloux_prod = piedsjaloux_prod.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux_prod.phpFpm.pool;
- system.activationScripts.piedsjaloux_prod = piedsjaloux_prod.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${piedsjaloux_prod.app.webRoot} $out/webapps/${piedsjaloux_prod.apache.webappName}
- '';
- services.websites.production.modules = piedsjaloux_prod.apache.modules;
- services.websites.production.vhostConfs.piedsjaloux = {
- certName = "piedsjaloux";
- certMainHost = "piedsjaloux.fr";
- hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
- root = piedsjaloux_prod.apache.root;
- extraConfig = [ piedsjaloux_prod.apache.vhostConf ];
- };
- })
- (lib.mkIf cfg.integration.enable {
- secrets.keys = piedsjaloux_dev.keys;
- services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux_dev.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux_dev.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux_dev.phpFpm.pool;
- system.activationScripts.piedsjaloux_dev = piedsjaloux_dev.activationScript;
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${piedsjaloux_dev.app.webRoot} $out/webapps/${piedsjaloux_dev.apache.webappName}
- '';
- services.websites.integration.modules = piedsjaloux_dev.apache.modules;
- services.websites.integration.vhostConfs.piedsjaloux = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "piedsjaloux.immae.eu" ];
- root = piedsjaloux_dev.apache.root;
- extraConfig = [ piedsjaloux_dev.apache.vhostConf ];
- };
- })
- ];
-}
-
projects / perso / Immae / Config / Nix.git / commitdiff
