-{ aten, lib, config }: rec {
+{ apacheUser, apacheGroup, aten, lib, config }: rec {
app = aten.override { inherit (config) environment; };
phpFpm = rec {
preStart = ''
"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
|| ! sha512sum -c --status ${app.varDir}/currentKey; then
pushd ${app} > /dev/null
- /run/wrappers/bin/sudo -u wwwrun APP_ENV=${app.environment} ./bin/console --env=${app.environment} cache:clear --no-warmup
+ /run/wrappers/bin/sudo -u ${apacheUser} APP_ENV=${app.environment} ./bin/console --env=${app.environment} cache:clear --no-warmup
popd > /dev/null
echo -n "${app}" > ${app.varDir}/currentWebappDir
sha512sum /var/secrets/webapps/${app.environment}-aten > ${app.varDir}/currentKey
socket = "/var/run/phpfpm/aten-${app.environment}.sock";
pool = ''
listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
+ user = ${apacheUser}
+ group = ${apacheGroup}
+ listen.owner = ${apacheUser}
+ listen.group = ${apacheGroup}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
};
keys = [{
dest = "webapps/${app.environment}-aten";
- user = apache.user;
- group = apache.group;
+ user = apacheUser;
+ group = apacheGroup;
permissions = "0400";
text = ''
SetEnv APP_ENV "${app.environment}"
'';
}];
apache = rec {
- user = "wwwrun";
- group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "aten_${app.environment}";
root = "/run/current-system/webapps/${webappName}";
activationScript = {
deps = [ "wrappers" ];
text = ''
- install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir}
- install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
+ install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}
+ install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
}
projects / perso / Immae / Config / Nix.git / blobdiff