Move production websites to use stable web directories

diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix
index f986ec12e4a0a14a2b09a53339f7fa0c453a0d43..e27688d26c23014713b1adb1666ffb5e120c072e 100644 (file)
--- a/nixops/modules/websites/aten/aten.nix
+++ b/nixops/modules/websites/aten/aten.nix
@@ -66,7 +66,7 @@ let
       </Location>
       ''}
 
-      <Directory ${if environment == "dev" then root else webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted

diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix
index f586ed5a48bb7d66844679706cea46d0470dbabb..41c22cec46790e419273a7976061b511a1b3bfd6 100644 (file)
--- a/nixops/modules/websites/aten/default.nix
+++ b/nixops/modules/websites/aten/default.nix
@@ -51,7 +51,7 @@ in {
       services.myWebsites.production.vhostConfs.aten = {
         certName    = "aten";
         hosts       = [ "aten.pro" "www.aten.pro" ];
-        root        = aten_prod.webRoot;
+        root        = aten_prod.apache.root;
         extraConfig = [ aten_prod.apache.vhostConf ];
       };
     })

diff --git a/nixops/modules/websites/capitaines/default.nix b/nixops/modules/websites/capitaines/default.nix
index 7f8f4c6370874d34ee5b97d1691d26f20920cf25..80739556030568c07b9fb11e3d0e06cdfa7f6a4f 100644 (file)
--- a/nixops/modules/websites/capitaines/default.nix
+++ b/nixops/modules/websites/capitaines/default.nix
@@ -2,6 +2,8 @@
 let
     cfg = config.services.myWebsites.Capitaines;
     env = myconfig.env.websites.capitaines;
+    webappName = "capitaines_mastodon";
+    root = "/run/current-system/webapps/${webappName}";
     siteDir = ./mastodon_static;
 in {
   options.services.myWebsites.Capitaines = {
@@ -14,15 +16,19 @@ in {
     security.acme.certs."capitaines_mastodon" = config.services.myCertificates.certConfig // {
       domain = "mastodon.capitaines.fr";
     };
+    system.extraSystemBuilderCmds = ''
+      mkdir -p $out/webapps
+      ln -s ${siteDir} $out/webapps/${webappName}
+      '';
 
     services.myWebsites.production.vhostConfs.capitaines = {
       certName    = "capitaines_mastodon";
       hosts       = [ "mastodon.capitaines.fr" ];
-      root        = siteDir;
+      root        = root;
       extraConfig = [
         ''
         ErrorDocument 404 /index.html
-        <Directory ${siteDir}>
+        <Directory ${root}>
           DirectoryIndex index.html
           Options Indexes FollowSymLinks MultiViews Includes
           Require all granted

diff --git a/nixops/modules/websites/chloe/chloe.nix b/nixops/modules/websites/chloe/chloe.nix
index 3b92af33242f4bc8e8190b11bf5587145262b95f..80e555479600aaa36b909760a1fc3474c8b783b7 100644 (file)
--- a/nixops/modules/websites/chloe/chloe.nix
+++ b/nixops/modules/websites/chloe/chloe.nix
@@ -56,16 +56,16 @@ let
           SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
         </FilesMatch>
 
-        <Directory ${if environment == "dev" then root else webRoot}>
+        <Directory ${root}>
           DirectoryIndex index.php index.htm index.html
           Options -Indexes +FollowSymLinks +MultiViews +Includes
-          Include ${if environment == "dev" then root else webRoot}/htaccess.txt
+          Include ${root}/htaccess.txt
 
           AllowOverride AuthConfig FileInfo Limit
           Require all granted
         </Directory>
 
-        <DirectoryMatch "${if environment == "dev" then root else webRoot}/squelettes">
+        <DirectoryMatch "${root}/squelettes">
           Require all denied
         </DirectoryMatch>
 

diff --git a/nixops/modules/websites/chloe/default.nix b/nixops/modules/websites/chloe/default.nix
index d647eb915c7e789a26f754e7cf385e5644d15b2f..f561834e3fb102b3fc96816a7631c8e1b4ac5d65 100644 (file)
--- a/nixops/modules/websites/chloe/default.nix
+++ b/nixops/modules/websites/chloe/default.nix
@@ -53,7 +53,7 @@ in {
       services.myWebsites.production.vhostConfs.chloe = {
         certName    = "chloe";
         hosts       = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
-        root        = chloe_prod.webRoot;
+        root        = chloe_prod.apache.root;
         extraConfig = [ chloe_prod.apache.vhostConf ];
       };
     })

diff --git a/nixops/modules/websites/commons/adminer.nix b/nixops/modules/websites/commons/adminer.nix
index 891046f97719588a7343d355deec52429035b57d..9c4e13297e7ade65f5e7d61154415eb9658ff2d3 100644 (file)
--- a/nixops/modules/websites/commons/adminer.nix
+++ b/nixops/modules/websites/commons/adminer.nix
@@ -32,13 +32,15 @@ let
         php_admin_value[session.save_path] = "/var/lib/php/sessions/adminer"
         '';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "_adminer";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
-        Alias /adminer ${webRoot}
-        <Directory ${webRoot}>
+        Alias /adminer ${root}
+        <Directory ${root}>
           DirectoryIndex index.php
           Require all granted
           <FilesMatch "\.php$">

diff --git a/nixops/modules/websites/connexionswing/connexionswing.nix b/nixops/modules/websites/connexionswing/connexionswing.nix
index dff563f511a847b7f1683478aa954d12645ca45d..74a1ad0f81be9a9159f08d97770934aac936c064 100644 (file)
--- a/nixops/modules/websites/connexionswing/connexionswing.nix
+++ b/nixops/modules/websites/connexionswing/connexionswing.nix
@@ -129,7 +129,7 @@ let
       '' else ''
       Use Stats connexionswing.com
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted

diff --git a/nixops/modules/websites/connexionswing/default.nix b/nixops/modules/websites/connexionswing/default.nix
index f176762d3e308b751124d563fa376eb676c50f93..f98b3491397e15cb4bb04a8b780d718342e08b9a 100644 (file)
--- a/nixops/modules/websites/connexionswing/default.nix
+++ b/nixops/modules/websites/connexionswing/default.nix
@@ -53,7 +53,7 @@ in {
       services.myWebsites.production.vhostConfs.connexionswing = {
         certName    = "connexionswing";
         hosts       = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
-        root        = connexionswing_prod.webRoot;
+        root        = connexionswing_prod.apache.root;
         extraConfig = [ connexionswing_prod.apache.vhostConf ];
       };
     })

diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index 3db1cfac325dd2479b3075ec1b8c7ae53b704082..c8f7481935ba3cae48ab7b9b3385da06758b9da9 100644 (file)
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -1,6 +1,8 @@
 { lib, pkgs, config, mylibs, myconfig, ... }:
 let
   cfg = config.services.myWebsites;
+  www_root = "/run/current-system/webapps/_www";
+  theme_root = "/run/current-system/webapps/_theme";
   makeService = name: cfg: let
     toVhost = vhostConf: {
       enableSSL = true;
@@ -21,9 +23,9 @@ let
       hostName = "nossl.immae.eu";
       enableSSL = false;
       logFormat = "combinedVhost";
-      documentRoot = ../../www;
+      documentRoot = www_root;
       extraConfig = ''
-        <Directory ${../../www}>
+        <Directory ${www_root}>
           DirectoryIndex nossl.html
           AllowOverride None
           Require all granted
@@ -52,7 +54,7 @@ let
     fallbackVhost = toVhost { # Should go first, default choice
       certName    = "eldiron";
       hosts       = ["eldiron.immae.eu" ];
-      root        = ../../www;
+      root        = www_root;
       extraConfig = [ "DirectoryIndex index.htm" ];
     };
   in rec {
@@ -290,11 +292,11 @@ in
           ErrorDocument 502 /maintenance_immae.html
           ErrorDocument 503 /maintenance_immae.html
           ErrorDocument 504 /maintenance_immae.html
-          Alias /maintenance_immae.html ${../../www}/maintenance_immae.html
+          Alias /maintenance_immae.html ${www_root}/maintenance_immae.html
           ProxyPass /maintenance_immae.html !
 
-          AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${../../www}/googleb6d69446ff4ca3e5.html
-          <Directory ${../../www}>
+          AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${www_root}/googleb6d69446ff4ca3e5.html
+          <Directory ${www_root}>
             AllowOverride None
             Require all granted
           </Directory>
@@ -303,8 +305,8 @@ in
       apaxy = {
         extraConfig = ''
           <Macro Apaxy %{folder} %{ignored}>
-            Alias /theme ${./apache/theme}
-            <Directory ${./apache/theme}>
+            Alias /theme ${theme_root}
+            <Directory ${theme_root}>
               Options -Indexes
               AllowOverride None
               Require all granted
@@ -407,6 +409,15 @@ in
         '';
     };
 
+    system.extraSystemBuilderCmds = let
+      adminer = pkgs.callPackage ./commons/adminer.nix {};
+    in ''
+      mkdir -p $out/webapps
+      ln -s ${../../www} $out/webapps/_www
+      ln -s ${./apache/theme} $out/webapps/_theme
+      ln -s ${adminer.webRoot} $out/webapps/${adminer.apache.webappName}
+      '';
+
     services.myPhpfpm = {
       phpPackage = pkgs.php;
       phpOptions = ''

diff --git a/nixops/modules/websites/emilia/default.nix b/nixops/modules/websites/emilia/default.nix
index 5783ed0dafee7f26cecc6b5650bb15831cbd0214..4002caa17245d9f910905774c38e255eb07b345d 100644 (file)
--- a/nixops/modules/websites/emilia/default.nix
+++ b/nixops/modules/websites/emilia/default.nix
@@ -4,6 +4,8 @@ let
     env = myconfig.env.websites.emilia;
     varDir = "/var/lib/moodle";
     siteDir = ./moodle;
+    webappName = "emilia_moodle";
+    root = "/run/current-system/webapps/${webappName}";
     # php_admin_value[upload_max_filesize] = 50000000
     # php_admin_value[post_max_size] = 50000000
     configFile = ''
@@ -55,13 +57,17 @@ in {
     system.activationScripts.emilia = ''
       install -m 0755 -o wwwrun -g wwwrun -d ${varDir}
       '';
+    system.extraSystemBuilderCmds = ''
+      mkdir -p $out/webapps
+      ln -s ${siteDir} $out/webapps/${webappName}
+      '';
     services.myWebsites.production.vhostConfs.emilia = {
       certName    = "emilia";
       hosts       = [ "saison-photo.org" "www.saison-photo.org" ];
-      root        = siteDir;
+      root        = root;
       extraConfig = [
         ''
-        <Directory ${siteDir}>
+        <Directory ${root}>
           DirectoryIndex pause.html
           Options Indexes FollowSymLinks MultiViews Includes
           Require all granted

diff --git a/nixops/modules/websites/ftp/temp.nix b/nixops/modules/websites/ftp/temp.nix
index 10331217b9a828f4ee2d9b034b7de132bc925256..7f9f68160a6ca036378f5280ea2bf2ce7c4b20c8 100644 (file)
--- a/nixops/modules/websites/ftp/temp.nix
+++ b/nixops/modules/websites/ftp/temp.nix
@@ -20,7 +20,7 @@ in {
       root        = varDir;
       extraConfig = [
         ''
-        Use Apaxy "${varDir}" "title"
+        Use Apaxy "${varDir}" "title .duplicity-ignore"
         <FilesMatch ".+">
           Header set Content-Disposition attachment
         </FilesMatch>

diff --git a/nixops/modules/websites/ludivine/default.nix b/nixops/modules/websites/ludivine/default.nix
index bcbef51a818a99d795674f8d3e99c5351714416b..3dd0ee73f17b31201b5e6c72922e46dfc291b109 100644 (file)
--- a/nixops/modules/websites/ludivine/default.nix
+++ b/nixops/modules/websites/ludivine/default.nix
@@ -46,7 +46,7 @@ in {
       services.myWebsites.production.vhostConfs.ludivine = {
         certName    = "ludivinecassal";
         hosts       = ["ludivinecassal.com" "www.ludivinecassal.com" ];
-        root        = ludivinecassal_prod.webRoot;
+        root        = ludivinecassal_prod.apache.root;
         extraConfig = [ ludivinecassal_prod.apache.vhostConf ];
       };
     })

diff --git a/nixops/modules/websites/ludivine/ludivinecassal.nix b/nixops/modules/websites/ludivine/ludivinecassal.nix
index 02614a53016bf53fdea57c8297090255ec869b97..3ffd335bace4875afd82c1d1c973f1d2b8b1c481 100644 (file)
--- a/nixops/modules/websites/ludivine/ludivinecassal.nix
+++ b/nixops/modules/websites/ludivine/ludivinecassal.nix
@@ -121,7 +121,7 @@ let
       '' else ''
       Use Stats ludivinecassal.com
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted

diff --git a/nixops/modules/websites/piedsjaloux/default.nix b/nixops/modules/websites/piedsjaloux/default.nix
index 584e936fc9de43298f3c9eb37909f67cf5d7001b..54e063db07e7b680d9bb5addc50b8fb8e7ffccbc 100644 (file)
--- a/nixops/modules/websites/piedsjaloux/default.nix
+++ b/nixops/modules/websites/piedsjaloux/default.nix
@@ -50,7 +50,7 @@ in {
       services.myWebsites.production.vhostConfs.piedsjaloux = {
         certName    = "piedsjaloux";
         hosts       = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
-        root        = piedsjaloux_prod.webRoot;
+        root        = piedsjaloux_prod.apache.root;
         extraConfig = [ piedsjaloux_prod.apache.vhostConf ];
       };
     })

diff --git a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
index a2d9a12d62e93214b1fffa7b7c4acd7d4678e3a8..4caf48a701ba5dff1de1d46a9f1025c85c368ab4 100644 (file)
--- a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
+++ b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
@@ -110,7 +110,7 @@ let
       '' else ''
       Use Stats piedsjaloux.fr
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted