{ lib, pkgs, config, ... }:
let
cfg = config.myServices.websites.papa.maison_bbc;
varDir = "/var/lib/ftp/papa/site";
in {
options.myServices.websites.papa.maison_bbc.enable = lib.mkEnableOption "enable Papa Maison bbc website";
config = lib.mkIf cfg.enable {
services.duplyBackup.profiles.papa_maison_bbc.rootDir = varDir;
services.webstats.sites = [ { name = "maison.bbc.bouya.org"; } ];
services.phpfpm.pools.papa_maison_bbc = {
listen = "/run/phpfpm/papa_maison_bbc.sock";
extraConfig = ''
user = wwwrun
group = wwwrun
listen.owner = wwwrun
listen.group = wwwrun
pm = ondemand
pm.max_children = 5
pm.process_idle_timeout = 60
php_admin_value[open_basedir] = "${varDir}"
'';
phpOptions = config.services.phpfpm.phpOptions + ''
date.timezone = 'Europe/Paris'
extension=${pkgs.php}/lib/php/extensions/mysqli.so
'';
};
services.websites.env.production.modules = [ "proxy_fcgi" ];
services.websites.env.production.vhostNoSSLConfs.papa_maison_bbc = {
hosts = [ "maison.bbc.bouya.org" ];
root = varDir;
extraConfig = [
''
Alias /.well-known/acme-challenge ${config.security.acme2.certs.papa.webroot}/.well-known/acme-challenge
RedirectMatch 301 ^/((?!(\.well-known|add.php).*$).*)$ https://maison.bbc.bouya.org/$1
DirectoryIndex index.php index.htm index.html
AllowOverride None
Require all granted
SetHandler "proxy:unix:/run/phpfpm/papa_maison_bbc.sock|fcgi://localhost"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
''
];
};
services.websites.env.production.vhostConfs.papa_maison_bbc = {
certName = "papa";
addToCerts = true;
hosts = [ "maison.bbc.bouya.org" ];
root = varDir;
extraConfig = [
''
DirectoryIndex index.php index.htm index.html
AllowOverride None
Require all granted
SetHandler "proxy:unix:/run/phpfpm/papa_maison_bbc.sock|fcgi://localhost"
''
];
};
};
}