Upgrade nixos

[perso/Immae/Config/Nix.git] / modules / private / websites / isabelle / iridologie.nix

diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix
index 35ffa972d5129636bc51848a4bd849f13d8c2617..ffbf2591f2bd107fe2c090a0d4d4222445bc6da1 100644 (file)
--- a/modules/private/websites/isabelle/iridologie.nix
+++ b/modules/private/websites/isabelle/iridologie.nix
@@ -1,31 +1,50 @@
-{ lib, config,  ... }:
+{ lib, pkgs, config,  ... }:
 let
+  iridologie = pkgs.callPackage ./spip_builder.nix {
+    inherit (pkgs.webapps) iridologie;
+    config = config.myEnv.websites.isabelle.iridologie;
+    apacheUser = config.services.httpd.Prod.user;
+    apacheGroup = config.services.httpd.Prod.group;
+  };
+
   cfg = config.myServices.websites.isabelle.iridologie;
-  varDir = "/var/lib/ftp/isabelle";
 in {
   options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website";
 
   config = lib.mkIf cfg.enable {
+    services.duplyBackup.profiles.iridologie_prod.rootDir = iridologie.app.varDir;
+    secrets.keys = iridologie.keys;
     services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ];
+
+    systemd.services.phpfpm-iridologie.after = lib.mkAfter iridologie.phpFpm.serviceDeps;
+    systemd.services.phpfpm-iridologie.wants = iridologie.phpFpm.serviceDeps;
+    services.phpfpm.pools.iridologie = {
+      user = config.services.httpd.Prod.user;
+      group = config.services.httpd.Prod.group;
+      settings = iridologie.phpFpm.pool;
+      phpOptions = config.services.phpfpm.phpOptions + ''
+        extension=${pkgs.php}/lib/php/extensions/mysqli.so
+      '';
+    };
+    system.activationScripts.iridologie = iridologie.activationScript;
+    myServices.websites.webappDirs."${iridologie.apache.webappName}" = iridologie.app.webRoot;
+    services.websites.env.production.modules = iridologie.apache.modules;
     services.websites.env.production.vhostConfs.iridologie = {
-      certName    = "aten";
-      hosts       = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
-      root        = varDir;
-      extraConfig = [
+      certName     = "aten";
+      addToCerts   = true;
+      hosts        = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
+      root         = iridologie.apache.root;
+      extraConfig  = [
         ''
-        Use Stats iridologie.icommandeur.org
-        RewriteEngine On
-        RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
-        RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
-
-        <Directory ${varDir}>
-          DirectoryIndex index.html
-          AllowOverride None
-          Require all granted
-        </Directory>
+          RewriteEngine On
+          RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
+          RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
           ''
+        (iridologie.apache.vhostConf config.services.phpfpm.pools.iridologie.socket)
       ];
     };
+    services.websites.env.production.watchPaths = [
+      "/var/secrets/webapps/${iridologie.app.environment}-iridologie"
+    ];
   };
 }
-