]>
Commit | Line | Data |
---|---|---|
f759f52e IB |
1 | { lib, pkgs, config, myconfig, mylibs, ... }: |
2 | let | |
3 | cfg = config.services.myWebsites.Immae; | |
4 | varDir = "/var/lib/ftp/immae"; | |
5 | env = myconfig.env.websites.immae; | |
6 | in { | |
7 | options.services.myWebsites.Immae = { | |
8 | production = { | |
9 | enable = lib.mkEnableOption "enable Immae's website"; | |
10 | }; | |
11 | }; | |
12 | ||
13 | imports = [ | |
14 | ../commons/stats.nix | |
15 | ]; | |
16 | ||
17 | config = lib.mkIf cfg.production.enable { | |
18 | services.myWebsites.commons.stats.enable = true; | |
19 | services.myWebsites.commons.stats.sites = [ | |
b7ee93fc | 20 | { name = "www.immae.eu"; } |
f759f52e IB |
21 | ]; |
22 | ||
23 | security.acme.certs."eldiron".extraDomains."www.immae.eu" = null; | |
24 | ||
25 | services.myPhpfpm.poolConfigs.immae = '' | |
26 | listen = /run/phpfpm/immae.sock | |
27 | user = wwwrun | |
28 | group = wwwrun | |
29 | listen.owner = wwwrun | |
30 | listen.group = wwwrun | |
31 | ||
32 | pm = ondemand | |
33 | pm.max_children = 5 | |
34 | pm.process_idle_timeout = 60 | |
35 | ||
36 | php_admin_value[open_basedir] = "${varDir}:/tmp" | |
37 | ''; | |
38 | services.myWebsites.production.modules = [ "proxy_fcgi" ]; | |
39 | services.myWebsites.production.vhostConfs.immae = { | |
40 | certName = "eldiron"; | |
41 | hosts = [ "www.immae.eu" ]; | |
42 | root = varDir; | |
43 | extraConfig = [ | |
44 | '' | |
45 | Use Stats www.immae.eu | |
46 | ||
47 | <FilesMatch "\.php$"> | |
48 | SetHandler "proxy:unix:/run/phpfpm/immae.sock|fcgi://localhost" | |
49 | </FilesMatch> | |
50 | ||
51 | <Directory ${varDir}> | |
52 | DirectoryIndex index.php index.htm index.html | |
53 | Options Indexes FollowSymLinks MultiViews Includes | |
54 | AllowOverride All | |
55 | Require all granted | |
56 | </Directory> | |
57 | ||
58 | <Location /blog_old/> | |
59 | Use LDAPConnect | |
60 | Require ldap-group cn=blog,cn=immae.eu,ou=services,dc=immae,dc=eu | |
61 | </Location> | |
62 | '' | |
63 | ]; | |
64 | }; | |
70606070 IB |
65 | |
66 | security.acme.certs."eldiron".extraDomains."bouya.org" = null; | |
67 | security.acme.certs."eldiron".extraDomains."www.bouya.org" = null; | |
68 | services.myWebsites.production.vhostConfs.bouya = { | |
69 | certName = "eldiron"; | |
70 | hosts = [ "bouya.org" "www.bouya.org" ]; | |
71 | root = null; | |
72 | extraConfig = [ '' | |
73 | RedirectMatch 301 ^/((?!\.well-known.*$).*)$ https://www.normalesup.org/~bouya/ | |
74 | '' ]; | |
75 | }; | |
f759f52e IB |
76 | }; |
77 | } |