-{ env, wallabag, mylibs }:
+{ env, wallabag, mylibs, config }:
rec {
backups = {
rootDir = varDir;
+ remotes = [ "eriomem" "ovh" ];
};
varDir = "/var/lib/wallabag";
- keys = [{
- dest = "webapps/tools-wallabag";
+ keys."webapps/tools-wallabag" = {
user = apache.user;
group = apache.group;
permissions = "0400";
class: Swift_SendmailTransport
arguments: ['/run/wrappers/bin/sendmail -bs']
'';
- }];
- webappDir = wallabag.override { ldap = true; wallabag_config = "/var/secrets/webapps/tools-wallabag"; };
+ };
+ webappDir = wallabag.override { ldap = true; wallabag_config = config.secrets.fullPaths."webapps/tools-wallabag"; };
activationScript = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
${varDir}/var ${varDir}/data/db ${varDir}/assets/images
modules = [ "proxy_fcgi" ];
webappName = "tools_wallabag";
root = "/run/current-system/webapps/${webappName}";
- vhostConf = ''
+ vhostConf = socket: ''
Alias /wallabag "${root}"
<Directory "${root}">
AllowOverride None
CGIPassAuth On
<FilesMatch "\.php$">
- SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ SetHandler "proxy:unix:${socket}|fcgi://localhost"
</FilesMatch>
<IfModule mod_rewrite.c>
/run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction
popd > /dev/null
echo -n "${webappDir}" > ${varDir}/currentWebappDir
- sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey
+ sha512sum ${config.secrets.fullPaths."webapps/tools-wallabag"} > ${varDir}/currentKey
fi
'';
serviceDeps = [ "postgresql.service" "openldap.service" ];
- basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
- socket = "/var/run/phpfpm/wallabag.sock";
- pool = ''
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
+ basedir = builtins.concatStringsSep ":" [ webappDir config.secrets.fullPaths."webapps/tools-wallabag" varDir ];
+ pool = {
+ "listen.owner" = apache.user;
+ "listen.group" = apache.group;
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
- ; Needed to avoid clashes in browser cookies (same domain)
- php_value[session.name] = WallabagPHPSESSID
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp"
- php_value[max_execution_time] = 300
- '';
+ # Needed to avoid clashes in browser cookies (same domain)
+ "php_value[session.name]" = "WallabagPHPSESSID";
+ "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp";
+ "php_value[max_execution_time]" = "300";
+ };
};
}
projects / perso / Immae / Config / Nix.git / blobdiff