modules/private/websites/teliotortay/production.nix

   1 { lib, pkgs, config,  ... }:
   2 let
   3   adminer = pkgs.callPackage ../commons/adminer.nix {};
   4   cfg = config.myServices.websites.telioTortay.production;
   5   varDir = "/var/lib/ftp/telio_tortay";
   6   env = config.myEnv.websites.telioTortay;
   7 in {
   8   options.myServices.websites.telioTortay.production.enable = lib.mkEnableOption "enable Telio Tortay's website";
   9
  10   config = lib.mkIf cfg.enable {
  11     services.webstats.sites = [ { name = "telio-tortay.immae.eu"; } ];
  12
  13     security.acme.certs."ftp".extraDomains."telio-tortay.immae.eu" = null;
  14
  15     system.activationScripts.telio-tortay = {
  16       deps = [ "httpd" ];
  17       text = ''
  18         install -m 0755 -o wwwrun -g wwwrun -d /var/lib/ftp/telio_tortay/logs
  19         install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/telio-tortay
  20         '';
  21     };
  22     systemd.services.phpfpm-telio-tortay.after = lib.mkAfter [ "mysql.service" ];
  23     systemd.services.phpfpm-telio-tortay.wants = [ "mysql.service" ];
  24     services.phpfpm.pools.telio-tortay = {
  25       listen = "/run/phpfpm/telio-tortay.sock";
  26       extraConfig = ''
  27         user = wwwrun
  28         group = wwwrun
  29         listen.owner = wwwrun
  30         listen.group = wwwrun
  31
  32         pm = ondemand
  33         pm.max_children = 5
  34         pm.process_idle_timeout = 60
  35
  36         php_admin_value[open_basedir] = "/var/lib/php/sessions/telio-tortay:${varDir}:/tmp"
  37         php_admin_value[session.save_path] = "/var/lib/php/sessions/telio-tortay"
  38         '';
  39       phpOptions = config.services.phpfpm.phpOptions + ''
  40         disable_functions = "mail"
  41         extension=${pkgs.php}/lib/php/extensions/mysqli.so
  42         '';
  43     };
  44     services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
  45     services.websites.env.production.vhostConfs.telio-tortay = {
  46       certName     = "telio-tortay";
  47       certMainHost = "telio-tortay.immae.eu";
  48       hosts        = ["telio-tortay.immae.eu" "realistesmedia.fr" "www.realistesmedia.fr" ];
  49       root         = varDir;
  50       extraConfig  = [
  51         adminer.apache.vhostConf
  52         ''
  53         Use Stats telio-tortay.immae.eu
  54         ServerAdmin ${env.server_admin}
  55         ErrorLog "${varDir}/logs/error_log"
  56         CustomLog "${varDir}/logs/access_log" combined
  57
  58         <FilesMatch "\.php$">
  59           SetHandler "proxy:unix:/run/phpfpm/telio-tortay.sock|fcgi://localhost"
  60         </FilesMatch>
  61
  62         <Directory ${varDir}/logs>
  63           AllowOverride None
  64           Require all denied
  65         </Directory>
  66         <Directory ${varDir}>
  67           DirectoryIndex index.php index.htm index.html
  68           Options Indexes FollowSymLinks MultiViews Includes
  69           AllowOverride all
  70           Require all granted
  71         </Directory>
  72           ''
  73       ];
  74     };
  75   };
  76 }