apacheUser = config.services.httpd.Prod.user;
apacheGroup = config.services.httpd.Prod.group;
- webappdir = config.services.websites.webappDirsPaths.isabelle_iridologie;
secretsPath = config.secrets.fullPaths."websites/isabelle/iridologie";
in {
options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website";
config = lib.mkIf cfg.enable {
- services.duplyBackup.profiles.isabelle_iridologie.rootDir = app.varDir;
- services.duplyBackup.profiles.isabelle_iridologie.remotes = ["eriomem" "ovh"];
secrets.keys."websites/isabelle/iridologie" = {
user = apacheUser;
group = apacheGroup;
install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- services.websites.webappDirs.isabelle_iridologie = app.webRoot;
services.websites.env.production.modules = [ "proxy_fcgi" ];
services.websites.env.production.vhostConfs.isabelle_iridologie = {
certName = "isabelle";
addToCerts = true;
hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
- root = webappdir;
+ root = app.webRoot;
extraConfig = [
''
RewriteEngine On
SetHandler "proxy:unix:${config.services.phpfpm.pools.isabelle_iridologie.socket}|fcgi://localhost"
</FilesMatch>
- <Directory ${webappdir}>
+ <Directory ${app.webRoot}>
DirectoryIndex index.php index.htm index.html
Options -Indexes +FollowSymLinks +MultiViews +Includes
- Include ${webappdir}/htaccess.txt
+ Include ${app.webRoot}/htaccess.txt
AllowOverride AuthConfig FileInfo Limit
Require all granted
</Directory>
- <DirectoryMatch "${webappdir}/squelettes">
+ <DirectoryMatch "${app.webRoot}/squelettes">
Require all denied
</DirectoryMatch>
projects / perso / Immae / Config / Nix.git / blobdiff