ludivinecassal = { config }: rec {
environment = config.environment;
varDir = "/var/lib/ludivinecassal_${environment}";
- configRoot =
- writeText "parameters.yml" ''
+ keys."${environment}-ludivinecassal" = {
+ destDir = "/run/keys/webapps";
+ user = apache.user;
+ group = apache.group;
+ permissions = "0400";
+ text = ''
# This file is auto-generated during the composer install
parameters:
database_host: ${config.mysql.host}
sass: ${sass}/bin/sass
ruby: ${ruby}/bin/ruby
'';
+ };
phpFpm = rec {
+ serviceDeps = [ "mysql.service" "${environment}-ludivinecassal-key.service" ];
socket = "/var/run/phpfpm/ludivinecassal-${environment}.sock";
pool = ''
listen = ${socket}
php_admin_value[upload_max_filesize] = 20M
php_admin_value[post_max_size] = 20M
;php_admin_flag[log_errors] = on
- php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp"
+ php_admin_value[open_basedir] = "/run/keys/webapps/${environment}-ludivinecassal:${webappDir}:${varDir}:/tmp"
php_admin_value[session.save_path] = "${varDir}/phpSessions"
${if environment == "dev" then ''
pm = ondemand
noDev = (environment == "prod");
preInstall = ''
export SYMFONY_ENV="${environment}"
- ln -sf ${configRoot} app/config/parameters.yml
+ cp app/config/parameters.yml.dist app/config/parameters.yml
+ cat >> app/config/parameters.yml <<EOF
+ leapt_im:
+ binary_path: ${imagemagick}/bin
+ assetic:
+ sass: ${sass}/bin/sass
+ ruby: ${ruby}/bin/ruby
+ EOF
sed -i -e "/Incenteev..ParameterHandler..ScriptHandler::buildParameters/d" composer.json
'';
# /!\ miniatures and data need to be in the same physical dir due to a
# bug in leapt.im (searches for data/../miniatures)
postInstall = ''
rm -rf var/{logs,cache,data,miniatures,tmp}
- ln -sf ../../../../../../../${varDir}/{logs,cache,data,miniatures,tmp} var/
+ ln -sf ${varDir}/{logs,cache,data,miniatures,tmp} var/
+ ln -sf /run/keys/webapps/${environment}-ludivinecassal app/config/parameters.yml
'';
buildInputs = [ sass ];
});
projects / perso / Immae / Config / Nix.git / blobdiff