From e5073addbe397afd596613af469f3308a07c1801 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 16 Feb 2019 14:09:27 +0100
Subject: [PATCH] Move integration websites to use stable web directory

This permits to avoir having to restart httpd at each application
deployment
---
 nixops/modules/websites/aten/aten.nix                  |  6 ++++--
 nixops/modules/websites/aten/default.nix               | 10 +++++++++-
 nixops/modules/websites/chloe/chloe.nix                | 10 ++++++----
 nixops/modules/websites/chloe/default.nix              | 10 +++++++++-
 .../modules/websites/connexionswing/connexionswing.nix |  6 ++++--
 nixops/modules/websites/connexionswing/default.nix     | 10 +++++++++-
 nixops/modules/websites/ludivine/default.nix           | 10 +++++++++-
 nixops/modules/websites/ludivine/ludivinecassal.nix    |  6 ++++--
 nixops/modules/websites/piedsjaloux/default.nix        | 10 +++++++++-
 nixops/modules/websites/piedsjaloux/piedsjaloux.nix    |  6 ++++--
 nixops/modules/websites/tellesflorian/default.nix      |  6 +++++-
 .../modules/websites/tellesflorian/tellesflorian.nix   |  8 +++++---
 12 files changed, 77 insertions(+), 21 deletions(-)

diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix
index 1910a67..f986ec1 100644
--- a/nixops/modules/websites/aten/aten.nix
+++ b/nixops/modules/websites/aten/aten.nix
@@ -29,10 +29,12 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "aten_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
@@ -64,7 +66,7 @@ let
       </Location>
       ''}
 
-      <Directory ${webRoot}>
+      <Directory ${if environment == "dev" then root else webRoot}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted
diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix
index db2ab49..f586ed5 100644
--- a/nixops/modules/websites/aten/default.nix
+++ b/nixops/modules/websites/aten/default.nix
@@ -42,6 +42,10 @@ in {
 
       services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool;
       system.activationScripts.aten_prod = aten_prod.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${aten_prod.webRoot} $out/webapps/${aten_prod.apache.webappName}
+        '';
       services.myWebsites.apacheConfig.aten_prod.modules = aten_prod.apache.modules;
       services.myWebsites.production.modules = aten_prod.apache.modules;
       services.myWebsites.production.vhostConfs.aten = {
@@ -55,11 +59,15 @@ in {
       security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null;
       services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool;
       system.activationScripts.aten_dev = aten_dev.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${aten_dev.webRoot} $out/webapps/${aten_dev.apache.webappName}
+        '';
       services.myWebsites.integration.modules = aten_dev.apache.modules;
       services.myWebsites.integration.vhostConfs.aten = {
         certName    = "eldiron";
         hosts       = [ "dev.aten.pro" ];
-        root        = aten_dev.webRoot;
+        root        = aten_dev.apache.root;
         extraConfig = [ aten_dev.apache.vhostConf ];
       };
     })
diff --git a/nixops/modules/websites/chloe/chloe.nix b/nixops/modules/websites/chloe/chloe.nix
index 9752db6..3b92af3 100644
--- a/nixops/modules/websites/chloe/chloe.nix
+++ b/nixops/modules/websites/chloe/chloe.nix
@@ -40,10 +40,12 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "chloe_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
         RewriteEngine On
         ${if environment == "prod" then ''
@@ -54,16 +56,16 @@ let
           SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
         </FilesMatch>
 
-        <Directory ${webRoot}>
+        <Directory ${if environment == "dev" then root else webRoot}>
           DirectoryIndex index.php index.htm index.html
           Options -Indexes +FollowSymLinks +MultiViews +Includes
-          Include ${webRoot}/htaccess.txt
+          Include ${if environment == "dev" then root else webRoot}/htaccess.txt
 
           AllowOverride AuthConfig FileInfo Limit
           Require all granted
         </Directory>
 
-        <DirectoryMatch "${webRoot}/squelettes">
+        <DirectoryMatch "${if environment == "dev" then root else webRoot}/squelettes">
           Require all denied
         </DirectoryMatch>
 
diff --git a/nixops/modules/websites/chloe/default.nix b/nixops/modules/websites/chloe/default.nix
index 94cd4be..d647eb9 100644
--- a/nixops/modules/websites/chloe/default.nix
+++ b/nixops/modules/websites/chloe/default.nix
@@ -45,6 +45,10 @@ in {
         extension=${pkgs.php}/lib/php/extensions/mysqli.so
         '';
       system.activationScripts.chloe_prod = chloe_prod.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${chloe_prod.webRoot} $out/webapps/${chloe_prod.apache.webappName}
+        '';
       services.myWebsites.production.modules = chloe_prod.apache.modules;
       services.myWebsites.production.vhostConfs.chloe = {
         certName    = "chloe";
@@ -60,11 +64,15 @@ in {
         extension=${pkgs.php}/lib/php/extensions/mysqli.so
         '';
       system.activationScripts.chloe_dev = chloe_dev.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${chloe_dev.webRoot} $out/webapps/${chloe_dev.apache.webappName}
+        '';
       services.myWebsites.integration.modules = chloe_dev.apache.modules;
       services.myWebsites.integration.vhostConfs.chloe = {
         certName    = "eldiron";
         hosts       = ["chloe.immae.eu" ];
-        root        = chloe_dev.webRoot;
+        root        = chloe_dev.apache.root;
         extraConfig = [ chloe_dev.apache.vhostConf ];
       };
     })
diff --git a/nixops/modules/websites/connexionswing/connexionswing.nix b/nixops/modules/websites/connexionswing/connexionswing.nix
index 307def0..dff563f 100644
--- a/nixops/modules/websites/connexionswing/connexionswing.nix
+++ b/nixops/modules/websites/connexionswing/connexionswing.nix
@@ -56,10 +56,12 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "connexionswing_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
@@ -84,7 +86,7 @@ let
         ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://connexionswing.com\"></html>"
       </Location>
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride None
         Require all granted
diff --git a/nixops/modules/websites/connexionswing/default.nix b/nixops/modules/websites/connexionswing/default.nix
index 5ce3525..f176762 100644
--- a/nixops/modules/websites/connexionswing/default.nix
+++ b/nixops/modules/websites/connexionswing/default.nix
@@ -45,6 +45,10 @@ in {
       services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing_prod.phpFpm.pool;
       services.myPhpfpm.poolPhpConfigs.connexionswing_prod = connexionswing_prod.phpFpm.phpConfig;
       system.activationScripts.connexionswing_prod = connexionswing_prod.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${connexionswing_prod.webRoot} $out/webapps/${connexionswing_prod.apache.webappName}
+        '';
       services.myWebsites.production.modules = connexionswing_prod.apache.modules;
       services.myWebsites.production.vhostConfs.connexionswing = {
         certName    = "connexionswing";
@@ -59,11 +63,15 @@ in {
       services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing_dev.phpFpm.pool;
       services.myPhpfpm.poolPhpConfigs.connexionswing_dev = connexionswing_dev.phpFpm.phpConfig;
       system.activationScripts.connexionswing_dev = connexionswing_dev.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${connexionswing_dev.webRoot} $out/webapps/${connexionswing_dev.apache.webappName}
+        '';
       services.myWebsites.integration.modules = connexionswing_dev.apache.modules;
       services.myWebsites.integration.vhostConfs.connexionswing = {
         certName    = "eldiron";
         hosts       = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
-        root        = connexionswing_dev.webRoot;
+        root        = connexionswing_dev.apache.root;
         extraConfig = [ connexionswing_dev.apache.vhostConf ];
       };
     })
diff --git a/nixops/modules/websites/ludivine/default.nix b/nixops/modules/websites/ludivine/default.nix
index d13d700..bcbef51 100644
--- a/nixops/modules/websites/ludivine/default.nix
+++ b/nixops/modules/websites/ludivine/default.nix
@@ -38,6 +38,10 @@ in {
 
       services.myPhpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal_prod.phpFpm.pool;
       system.activationScripts.ludivinecassal_prod = ludivinecassal_prod.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${ludivinecassal_prod.webRoot} $out/webapps/${ludivinecassal_prod.apache.webappName}
+        '';
       services.myWebsites.production.modules = ludivinecassal_prod.apache.modules;
       services.myWebsites.production.vhostConfs.ludivine = {
         certName    = "ludivinecassal";
@@ -51,12 +55,16 @@ in {
 
       services.myPhpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal_dev.phpFpm.pool;
       system.activationScripts.ludivinecassal_dev = ludivinecassal_dev.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${ludivinecassal_dev.webRoot} $out/webapps/${ludivinecassal_dev.apache.webappName}
+        '';
       services.myWebsites.apacheConfig.ludivinecassal_dev.modules = ludivinecassal_dev.apache.modules;
       services.myWebsites.integration.modules = ludivinecassal_dev.apache.modules;
       services.myWebsites.integration.vhostConfs.ludivine = {
         certName    = "eldiron";
         hosts       = [ "ludivine.immae.eu" ];
-        root        = ludivinecassal_dev.webRoot;
+        root        = ludivinecassal_dev.apache.root;
         extraConfig = [ ludivinecassal_dev.apache.vhostConf ];
       };
     })
diff --git a/nixops/modules/websites/ludivine/ludivinecassal.nix b/nixops/modules/websites/ludivine/ludivinecassal.nix
index 4ce06b2..02614a5 100644
--- a/nixops/modules/websites/ludivine/ludivinecassal.nix
+++ b/nixops/modules/websites/ludivine/ludivinecassal.nix
@@ -60,10 +60,12 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "ludivine_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
@@ -76,7 +78,7 @@ let
         ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://ludivinecassal.com\"></html>"
       </Location>
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride None
         Require all granted
diff --git a/nixops/modules/websites/piedsjaloux/default.nix b/nixops/modules/websites/piedsjaloux/default.nix
index f1bb760..584e936 100644
--- a/nixops/modules/websites/piedsjaloux/default.nix
+++ b/nixops/modules/websites/piedsjaloux/default.nix
@@ -42,6 +42,10 @@ in {
 
       services.myPhpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux_prod.phpFpm.pool;
       system.activationScripts.piedsjaloux_prod = piedsjaloux_prod.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${piedsjaloux_prod.webRoot} $out/webapps/${piedsjaloux_prod.apache.webappName}
+        '';
       services.myWebsites.production.modules = piedsjaloux_prod.apache.modules;
       services.myWebsites.production.vhostConfs.piedsjaloux = {
         certName    = "piedsjaloux";
@@ -54,11 +58,15 @@ in {
       security.acme.certs."eldiron".extraDomains."piedsjaloux.immae.eu" = null;
       services.myPhpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux_dev.phpFpm.pool;
       system.activationScripts.piedsjaloux_dev = piedsjaloux_dev.activationScript;
+      system.extraSystemBuilderCmds = ''
+        mkdir -p $out/webapps
+        ln -s ${piedsjaloux_dev.webRoot} $out/webapps/${piedsjaloux_dev.apache.webappName}
+        '';
       services.myWebsites.integration.modules = piedsjaloux_dev.apache.modules;
       services.myWebsites.integration.vhostConfs.piedsjaloux = {
         certName    = "eldiron";
         hosts       = [ "piedsjaloux.immae.eu" ];
-        root        = piedsjaloux_dev.webRoot;
+        root        = piedsjaloux_dev.apache.root;
         extraConfig = [ piedsjaloux_dev.apache.vhostConf ];
       };
     })
diff --git a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
index 2871b0f..a2d9a12 100644
--- a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
+++ b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix
@@ -49,10 +49,12 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "piedsjaloux_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
@@ -65,7 +67,7 @@ let
         ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://piedsjaloux.fr\"></html>"
       </Location>
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride None
         Require all granted
diff --git a/nixops/modules/websites/tellesflorian/default.nix b/nixops/modules/websites/tellesflorian/default.nix
index f347169..389c491 100644
--- a/nixops/modules/websites/tellesflorian/default.nix
+++ b/nixops/modules/websites/tellesflorian/default.nix
@@ -19,11 +19,15 @@ in {
     security.acme.certs."eldiron".extraDomains."app.tellesflorian.com" = null;
     services.myPhpfpm.poolConfigs.tellesflorian_dev = tellesflorian_dev.phpFpm.pool;
     system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript;
+    system.extraSystemBuilderCmds = ''
+      mkdir -p $out/webapps
+      ln -s ${tellesflorian_dev.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}
+      '';
     services.myWebsites.integration.modules = adminer.apache.modules ++ tellesflorian_dev.apache.modules;
     services.myWebsites.integration.vhostConfs.tellesflorian = {
       certName    = "eldiron";
       hosts       = ["app.tellesflorian.com" ];
-      root        = tellesflorian_dev.webRoot;
+      root        = tellesflorian_dev.apache.root;
       extraConfig = [
         tellesflorian_dev.apache.vhostConf
         adminer.apache.vhostConf
diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.nix b/nixops/modules/websites/tellesflorian/tellesflorian.nix
index 028a235..47142c8 100644
--- a/nixops/modules/websites/tellesflorian/tellesflorian.nix
+++ b/nixops/modules/websites/tellesflorian/tellesflorian.nix
@@ -47,10 +47,12 @@ let
     passwords = writeText "tellesflorian_passwords" ''
       invite:${config.invite_passwords}
       '';
-    apache = {
+    apache = rec {
       user = "wwwrun";
       group = "wwwrun";
       modules = [ "proxy_fcgi" ];
+      webappName = "florian_${environment}";
+      root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
       <FilesMatch "\.php$">
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
@@ -68,7 +70,7 @@ let
         ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
       </Location>
 
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride None
         Require all granted
@@ -109,7 +111,7 @@ let
 
       </Directory>
       '' else ''
-      <Directory ${webRoot}>
+      <Directory ${root}>
         Options Indexes FollowSymLinks MultiViews Includes
         AllowOverride All
         Require all granted
-- 
2.41.0