{ lib, pkgs, config, ... }: let iridologie = pkgs.callPackage ./spip_builder.nix { inherit (pkgs.webapps) iridologie; config = config.myEnv.websites.isabelle.iridologie; apacheUser = config.services.httpd.Prod.user; apacheGroup = config.services.httpd.Prod.group; }; cfg = config.myServices.websites.isabelle.iridologie; in { options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website"; config = lib.mkIf cfg.enable { services.duplyBackup.profiles.iridologie_prod.rootDir = iridologie.app.varDir; secrets.keys = iridologie.keys; services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ]; systemd.services.phpfpm-iridologie.after = lib.mkAfter iridologie.phpFpm.serviceDeps; systemd.services.phpfpm-iridologie.wants = iridologie.phpFpm.serviceDeps; services.phpfpm.pools.iridologie = { user = config.services.httpd.Prod.user; group = config.services.httpd.Prod.group; settings = iridologie.phpFpm.pool; phpOptions = config.services.phpfpm.phpOptions + '' extension=${pkgs.php}/lib/php/extensions/mysqli.so ''; }; system.activationScripts.iridologie = iridologie.activationScript; myServices.websites.webappDirs."${iridologie.apache.webappName}" = iridologie.app.webRoot; services.websites.env.production.modules = iridologie.apache.modules; services.websites.env.production.vhostConfs.iridologie = { certName = "aten"; addToCerts = true; hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ]; root = iridologie.apache.root; extraConfig = [ '' RewriteEngine On RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC] RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L] '' (iridologie.apache.vhostConf config.services.phpfpm.pools.iridologie.socket) ]; }; services.websites.env.production.watchPaths = [ "/var/secrets/webapps/${iridologie.app.environment}-iridologie" ]; }; }