projects / perso / Immae / Config / Nix.git / blame
| Commit | Line | Data |
|---|---|---|
| f8026b6e IB |
1 | { lib, pkgs, config, ... }: |
| 2 | let | |
| 3 | cfg = config.myServices.websites.leila.production; | |
| 4 | varDir = "/var/lib/ftp/leila"; | |
| 5 | in { | |
| 2a670f71 | 6 | options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's websites in production"; |
| f8026b6e IB |
7 | |
| 8 | config = lib.mkIf cfg.enable { | |
| f40f5b23 | 9 | services.phpfpm.poolConfigs.leila = '' |
| f8026b6e IB |
10 | listen = /run/phpfpm/leila.sock |
| 11 | user = wwwrun | |
| 12 | group = wwwrun | |
| 13 | listen.owner = wwwrun | |
| 14 | listen.group = wwwrun | |
| 15 | ||
| 16 | pm = ondemand | |
| 17 | pm.max_children = 5 | |
| 18 | pm.process_idle_timeout = 60 | |
| 19 | ||
| 20 | php_admin_value[open_basedir] = "${varDir}:/tmp" | |
| 21 | ''; | |
| 22 | ||
| 23 | services.webstats.sites = [ | |
| 24 | { name = "leila.bouya.org"; } | |
| 25 | { name = "chorale.leila.bouya.org"; } | |
| 2a670f71 | 26 | { name = "syrwennecreation.bouya.org"; } |
| f8026b6e IB |
27 | ]; |
| 28 | ||
| 29f8cb85 IB |
29 | services.websites.env.production.modules = [ "proxy_fcgi" ]; |
| 30 | services.websites.env.production.vhostConfs.leila_chorale = { | |
| f8026b6e IB |
31 | certName = "leila"; |
| 32 | addToCerts = true; | |
| 33 | hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ]; | |
| 34 | root = "${varDir}/Chorale"; | |
| 35 | extraConfig = [ | |
| 36 | '' | |
| 37 | Use Stats chorale.leila.bouya.org | |
| 38 | <Directory ${varDir}/Chorale> | |
| 39 | DirectoryIndex index.php index.htm index.html | |
| 40 | Options Indexes FollowSymLinks MultiViews Includes | |
| 41 | AllowOverride None | |
| 42 | ||
| 43 | Use LDAPConnect | |
| 44 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | |
| 45 | ||
| 2a670f71 IB |
46 | <FilesMatch "\.php$"> |
| 47 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | |
| 48 | </FilesMatch> | |
| 49 | </Directory> | |
| 50 | '' | |
| 51 | ]; | |
| 52 | }; | |
| 53 | services.websites.env.production.vhostConfs.leila_syrwenne = { | |
| 54 | certName = "leila"; | |
| 55 | addToCerts = true; | |
| 56 | hosts = [ "syrwennecreation.bouya.org" ]; | |
| 57 | root = "${varDir}/Syrwennecreation"; | |
| 58 | extraConfig = [ | |
| 59 | '' | |
| 60 | Use Stats syrwennecreation.bouya.org | |
| 61 | <Directory ${varDir}/Syrwennecreation> | |
| 62 | DirectoryIndex index.php index.htm index.html | |
| 63 | Options Indexes FollowSymLinks MultiViews Includes | |
| 64 | AllowOverride None | |
| 65 | ||
| f8026b6e IB |
66 | <FilesMatch "\.php$"> |
| 67 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | |
| 68 | </FilesMatch> | |
| 69 | </Directory> | |
| 70 | '' | |
| 71 | ]; | |
| 72 | }; | |
| 29f8cb85 | 73 | services.websites.env.production.vhostConfs.leila = { |
| f8026b6e IB |
74 | certName = "leila"; |
| 75 | certMainHost = "leila.bouya.org"; | |
| 76 | hosts = [ "leila.bouya.org" ]; | |
| 77 | root = varDir; | |
| 78 | extraConfig = [ | |
| 79 | '' | |
| 80 | Use Stats leila.bouya.org | |
| 81 | <Directory ${varDir}/Chorale> | |
| 82 | DirectoryIndex index.htm index.html | |
| 83 | Options Indexes FollowSymLinks MultiViews Includes | |
| 84 | AllowOverride None | |
| 85 | ||
| 86 | Use LDAPConnect | |
| 87 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | |
| 88 | ||
| 89 | <FilesMatch "\.php$"> | |
| 90 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | |
| 91 | </FilesMatch> | |
| 92 | </Directory> | |
| 93 | <Directory ${varDir}> | |
| 94 | DirectoryIndex index.htm index.html | |
| 95 | Options Indexes FollowSymLinks MultiViews Includes | |
| 96 | AllowOverride None | |
| 97 | Require all granted | |
| 98 | </Directory> | |
| 99 | '' | |
| 100 | ]; | |
| 101 | }; | |
| 102 | }; | |
| 103 | } |