Move personal websites to modules

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tellesflorian / tellesflorian.nix
diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.nix b/nixops/modules/websites/tellesflorian/tellesflorian.nix

deleted file mode 100644 (file)

index 5955431..0000000
--- a/nixops/modules/websites/tellesflorian/tellesflorian.nix
+++ /dev/null
@@ -1,154 +0,0 @@
-{ tellesflorian, config }:
-rec {
-  app = tellesflorian.override { inherit (config) environment; };
-  keys = [
-    {
-      dest = "webapps/${app.environment}-tellesflorian-passwords";
-      user = apache.user;
-      group = apache.group;
-      permissions = "0400";
-      text = ''
-        invite:${config.invite_passwords}
-      '';
-    }
-    {
-      dest = "webapps/${app.environment}-tellesflorian";
-      user = apache.user;
-      group = apache.group;
-      permissions = "0400";
-      text = ''
-        # This file is auto-generated during the composer install
-        parameters:
-          database_host: ${config.mysql.host}
-          database_port: ${config.mysql.port}
-          database_name: ${config.mysql.name}
-          database_user: ${config.mysql.user}
-          database_password: ${config.mysql.password}
-          mailer_transport: smtp
-          mailer_host: 127.0.0.1
-          mailer_user: null
-          mailer_password: null
-          secret: ${config.secret}
-      '';
-    }
-  ];
-  phpFpm = rec {
-    preStart = ''
-      if [ ! -f "${app.varDir}/currentWebappDir" -o \
-          ! -f "${app.varDir}/currentKey" -o \
-          "${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
-          || ! sha512sum -c --status ${app.varDir}/currentKey; then
-        pushd ${app} > /dev/null
-        /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
-        popd > /dev/null
-        echo -n "${app}" > ${app.varDir}/currentWebappDir
-        sha512sum /var/secrets/webapps/${app.environment}-tellesflorian > ${app.varDir}/currentKey
-      fi
-      '';
-    serviceDeps = [ "mysql.service" ];
-    socket = "/var/run/phpfpm/floriantelles-${app.environment}.sock";
-    pool = ''
-      listen = ${socket}
-      user = ${apache.user}
-      group = ${apache.group}
-      listen.owner = ${apache.user}
-      listen.group = ${apache.group}
-      php_admin_value[upload_max_filesize] = 20M
-      php_admin_value[post_max_size] = 20M
-      ;php_admin_flag[log_errors] = on
-      php_admin_value[open_basedir] = "/var/secrets/webapps/${app.environment}-tellesflorian:${app}:${app.varDir}:/tmp"
-      php_admin_value[session.save_path] = "${app.varDir}/phpSessions"
-      ${if app.environment == "dev" then ''
-      pm = ondemand
-      pm.max_children = 5
-      pm.process_idle_timeout = 60
-      env[SYMFONY_DEBUG_MODE] = "yes"
-      '' else ''
-      pm = dynamic
-      pm.max_children = 20
-      pm.start_servers = 2
-      pm.min_spare_servers = 1
-      pm.max_spare_servers = 3
-      ''}'';
-  };
-  apache = rec {
-    user = "wwwrun";
-    group = "wwwrun";
-    modules = [ "proxy_fcgi" ];
-    webappName = "florian_${app.environment}";
-    root = "/run/current-system/webapps/${webappName}";
-    vhostConf = ''
-    <FilesMatch "\.php$">
-      SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-    </FilesMatch>
-
-    ${if app.environment == "dev" then ''
-    <Location />
-      AuthBasicProvider file ldap
-      Use LDAPConnect
-      Require ldap-group   cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu
-
-      AuthUserFile "/var/secrets/webapps/${app.environment}-tellesflorian-passwords"
-      Require user "invite"
-
-      ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
-    </Location>
-
-    <Directory ${root}>
-      Options Indexes FollowSymLinks MultiViews Includes
-      AllowOverride None
-      Require all granted
-
-      DirectoryIndex app_dev.php
-
-      <IfModule mod_negotiation.c>
-      Options -MultiViews
-      </IfModule>
-
-      <IfModule mod_rewrite.c>
-        RewriteEngine On
-
-        RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
-        RewriteRule ^(.*) - [E=BASE:%1]
-
-        # Maintenance script
-        RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f
-        RewriteCond %{SCRIPT_FILENAME} !maintenance.php
-        RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L]
-        ErrorDocument 503 /maintenance.php
-
-        # Sets the HTTP_AUTHORIZATION header removed by Apache
-        RewriteCond %{HTTP:Authorization} .
-        RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
-        RewriteCond %{ENV:REDIRECT_STATUS} ^$
-        RewriteRule ^app_dev\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
-
-        # If the requested filename exists, simply serve it.
-        # We only want to let Apache serve files and not directories.
-        RewriteCond %{REQUEST_FILENAME} -f
-        RewriteRule ^ - [L]
-
-        # Rewrite all other queries to the front controller.
-        RewriteRule ^ %{ENV:BASE}/app_dev.php [L]
-      </IfModule>
-
-    </Directory>
-    '' else ''
-    <Directory ${root}>
-      Options Indexes FollowSymLinks MultiViews Includes
-      AllowOverride All
-      Require all granted
-    </Directory>
-    ''}
-    '';
-  };
-  activationScript = {
-    deps = [ "wrappers" ];
-    text = ''
-    install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
-      ${app.varDir}/var
-    install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
-    '';
-  };
-}