aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2021-10-22 20:10:54 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2021-10-23 01:44:51 +0200
commit41cce84a02652e22ad967c9f31669092eb3e7f0e (patch)
treeb546e5a7524a00cd353b0d0e82e4dff038166dc1
parent750fe5a43b957b91a26069cf8a4fe19fc7b2633c (diff)
downloadNix-41cce84a02652e22ad967c9f31669092eb3e7f0e.tar.gz
Nix-41cce84a02652e22ad967c9f31669092eb3e7f0e.tar.zst
Nix-41cce84a02652e22ad967c9f31669092eb3e7f0e.zip
Move devtools to other place
-rw-r--r--modules/private/system/eldiron.nix5
-rw-r--r--modules/private/websites/chloe/integration.nix27
-rw-r--r--modules/private/websites/connexionswing/integration.nix22
-rw-r--r--modules/private/websites/florian/app.nix18
-rw-r--r--modules/private/websites/isabelle/aten_integration.nix19
-rw-r--r--modules/private/websites/ludivine/integration.nix18
-rw-r--r--modules/private/websites/piedsjaloux/integration.nix20
-rw-r--r--modules/private/websites/tools/tools/default.nix8
8 files changed, 55 insertions, 82 deletions
diff --git a/modules/private/system/eldiron.nix b/modules/private/system/eldiron.nix
index 5fb9887..39cf86a 100644
--- a/modules/private/system/eldiron.nix
+++ b/modules/private/system/eldiron.nix
@@ -166,11 +166,6 @@
166 ]; 166 ];
167 }; 167 };
168 168
169 fileSystems."/var/lib/pub/immae/devtools" = {
170 device = "/run/current-system/sw/bin/bindfs#/var/lib/ftp/devtools.immae.eu/";
171 fsType = "fuse";
172 options = [ "force-user=pub" "create-for-user=wwwrun" "create-for-group=wwwrun" ];
173 };
174 environment.systemPackages = [ pkgs.bindfs ]; 169 environment.systemPackages = [ pkgs.bindfs ];
175 170
176 services.zrepl = { 171 services.zrepl = {
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix
index 7ed3852..aedf3a5 100644
--- a/modules/private/websites/chloe/integration.nix
+++ b/modules/private/websites/chloe/integration.nix
@@ -3,11 +3,8 @@ let
3 apacheUser = config.services.httpd.Inte.user; 3 apacheUser = config.services.httpd.Inte.user;
4 apacheGroup = config.services.httpd.Inte.group; 4 apacheGroup = config.services.httpd.Inte.group;
5 ccfg = config.myEnv.websites.chloe.integration; 5 ccfg = config.myEnv.websites.chloe.integration;
6 app = pkgs.callPackage ./app { 6 webRoot = "/var/lib/ftp/immae/chloe";
7 inherit (ccfg) environment; 7 varDir = "/var/lib/ftp/immae/chloe_var";
8 inherit (pkgs.webapps) spip;
9 varDir = "/var/lib/chloe_integration";
10 };
11 cfg = config.myServices.websites.chloe.integration; 8 cfg = config.myServices.websites.chloe.integration;
12in { 9in {
13 options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration"; 10 options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration";
@@ -20,8 +17,8 @@ in {
20 permissions = "0400"; 17 permissions = "0400";
21 text = '' 18 text = ''
22 SetEnv SPIP_CONFIG_DIR "${./config}" 19 SetEnv SPIP_CONFIG_DIR "${./config}"
23 SetEnv SPIP_VAR_DIR "${app.varDir}" 20 SetEnv SPIP_VAR_DIR "${varDir}"
24 SetEnv SPIP_SITE "chloe-${app.environment}" 21 SetEnv SPIP_SITE "chloe-dev"
25 SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu" 22 SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu"
26 SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" 23 SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu"
27 SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}" 24 SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}"
@@ -45,8 +42,8 @@ in {
45 "php_admin_value[upload_max_filesize]" = "20M"; 42 "php_admin_value[upload_max_filesize]" = "20M";
46 "php_admin_value[post_max_size]" = "20M"; 43 "php_admin_value[post_max_size]" = "20M";
47 # "php_admin_flag[log_errors]" = "on"; 44 # "php_admin_flag[log_errors]" = "on";
48 "php_admin_value[open_basedir]" = "${app.spipConfig}:${./config}:${app}:${app.varDir}:/tmp"; 45 "php_admin_value[open_basedir]" = "${../../../../pkgs/webapps/spip/spip_mes_options.php}:${./config}:${webRoot}:${varDir}:/tmp";
49 "php_admin_value[session.save_path]" = "${app.varDir}/phpSessions"; 46 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
50 "pm" = "ondemand"; 47 "pm" = "ondemand";
51 "pm.max_children" = "5"; 48 "pm.max_children" = "5";
52 "pm.process_idle_timeout" = "60"; 49 "pm.process_idle_timeout" = "60";
@@ -56,8 +53,8 @@ in {
56 system.activationScripts.chloe_integration = { 53 system.activationScripts.chloe_integration = {
57 deps = [ "wrappers" ]; 54 deps = [ "wrappers" ];
58 text = '' 55 text = ''
59 install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir} ${app.varDir}/IMG ${app.varDir}/tmp ${app.varDir}/local 56 install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${varDir} ${varDir}/IMG ${varDir}/tmp ${varDir}/local
60 install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions 57 install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${varDir}/phpSessions
61 ''; 58 '';
62 }; 59 };
63 services.websites.env.integration.modules = [ "proxy_fcgi" ]; 60 services.websites.env.integration.modules = [ "proxy_fcgi" ];
@@ -65,7 +62,7 @@ in {
65 certName = "integration"; 62 certName = "integration";
66 addToCerts = true; 63 addToCerts = true;
67 hosts = ["chloe.immae.eu" ]; 64 hosts = ["chloe.immae.eu" ];
68 root = app.webRoot; 65 root = webRoot;
69 extraConfig = [ 66 extraConfig = [
70 '' 67 ''
71 Include ${config.secrets.fullPaths."websites/chloe/integration"} 68 Include ${config.secrets.fullPaths."websites/chloe/integration"}
@@ -76,16 +73,16 @@ in {
76 SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_integration.socket}|fcgi://localhost" 73 SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_integration.socket}|fcgi://localhost"
77 </FilesMatch> 74 </FilesMatch>
78 75
79 <Directory ${app.webRoot}> 76 <Directory ${webRoot}>
80 DirectoryIndex index.php index.htm index.html 77 DirectoryIndex index.php index.htm index.html
81 Options -Indexes +FollowSymLinks +MultiViews +Includes 78 Options -Indexes +FollowSymLinks +MultiViews +Includes
82 Include ${app.webRoot}/htaccess.txt 79 Include ${webRoot}/htaccess.txt
83 80
84 AllowOverride AuthConfig FileInfo Limit 81 AllowOverride AuthConfig FileInfo Limit
85 Require all granted 82 Require all granted
86 </Directory> 83 </Directory>
87 84
88 <DirectoryMatch "${app.webRoot}/squelettes"> 85 <DirectoryMatch "${webRoot}/squelettes">
89 Require all denied 86 Require all denied
90 </DirectoryMatch> 87 </DirectoryMatch>
91 88
diff --git a/modules/private/websites/connexionswing/integration.nix b/modules/private/websites/connexionswing/integration.nix
index 93cda00..fe0e4d9 100644
--- a/modules/private/websites/connexionswing/integration.nix
+++ b/modules/private/websites/connexionswing/integration.nix
@@ -1,12 +1,8 @@
1{ lib, pkgs, config, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = config.myEnv.websites.connexionswing.integration; 3 secrets = config.myEnv.websites.connexionswing.integration;
4 app = pkgs.callPackage ./app { 4 webRoot = "/var/lib/ftp/immae/connexionswing/web";
5 composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; 5 varDir = "/var/lib/ftp/immae/connexionswing_var";
6 environment = secrets.environment;
7 varDir = "/var/lib/connexionswing_integration";
8 secretsPath = config.secrets.fullPaths."websites/connexionswing/integration";
9 };
10 cfg = config.myServices.websites.connexionswing.integration; 6 cfg = config.myServices.websites.connexionswing.integration;
11 pcfg = config.services.phpApplication; 7 pcfg = config.services.phpApplication;
12in { 8in {
@@ -18,16 +14,16 @@ in {
18 websiteEnv = "integration"; 14 websiteEnv = "integration";
19 httpdUser = config.services.httpd.Inte.user; 15 httpdUser = config.services.httpd.Inte.user;
20 httpdGroup = config.services.httpd.Inte.group; 16 httpdGroup = config.services.httpd.Inte.group;
21 inherit (app) webRoot varDir; 17 inherit webRoot varDir;
22 varDirPaths = { 18 varDirPaths = {
23 "medias" = "0700"; 19 "medias" = "0700";
24 "uploads" = "0700"; 20 "uploads" = "0700";
25 "var" = "0700"; 21 "var" = "0700";
26 }; 22 };
27 inherit app; 23 app = "/var/lib/ftp/immae/connexionswing";
28 serviceDeps = [ "mysql.service" ]; 24 serviceDeps = [ "mysql.service" ];
29 preStartActions = [ 25 preStartActions = [
30 "./bin/console --env=${app.environment} cache:clear --no-warmup" 26 "./bin/console --env=dev cache:clear --no-warmup"
31 ]; 27 ];
32 phpOpenbasedir = [ "/tmp" "/run/wrappers/bin/sendmail" ]; 28 phpOpenbasedir = [ "/tmp" "/run/wrappers/bin/sendmail" ];
33 phpPool = { 29 phpPool = {
@@ -74,20 +70,20 @@ in {
74 certName = "integration"; 70 certName = "integration";
75 addToCerts = true; 71 addToCerts = true;
76 hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ]; 72 hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
77 root = app.webRoot; 73 root = webRoot;
78 extraConfig = [ 74 extraConfig = [
79 '' 75 ''
80 <FilesMatch "\.php$"> 76 <FilesMatch "\.php$">
81 SetHandler "proxy:unix:${pcfg.phpListenPaths.connexionswing_integration}|fcgi://localhost" 77 SetHandler "proxy:unix:${pcfg.phpListenPaths.connexionswing_integration}|fcgi://localhost"
82 </FilesMatch> 78 </FilesMatch>
83 79
84 <Directory ${app.varDir}/medias> 80 <Directory ${varDir}/medias>
85 Options FollowSymLinks 81 Options FollowSymLinks
86 AllowOverride None 82 AllowOverride None
87 Require all granted 83 Require all granted
88 </Directory> 84 </Directory>
89 85
90 <Directory ${app.varDir}/uploads> 86 <Directory ${varDir}/uploads>
91 Options FollowSymLinks 87 Options FollowSymLinks
92 AllowOverride None 88 AllowOverride None
93 Require all granted 89 Require all granted
@@ -99,7 +95,7 @@ in {
99 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://connexionswing.com\"></html>" 95 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://connexionswing.com\"></html>"
100 </Location> 96 </Location>
101 97
102 <Directory ${app.webRoot}> 98 <Directory ${webRoot}>
103 Options Indexes FollowSymLinks MultiViews Includes 99 Options Indexes FollowSymLinks MultiViews Includes
104 AllowOverride None 100 AllowOverride None
105 Require all granted 101 Require all granted
diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix
index 5e6255c..27810a5 100644
--- a/modules/private/websites/florian/app.nix
+++ b/modules/private/websites/florian/app.nix
@@ -2,12 +2,7 @@
2let 2let
3 adminer = pkgs.callPackage ../commons/adminer.nix { inherit config; }; 3 adminer = pkgs.callPackage ../commons/adminer.nix { inherit config; };
4 secrets = config.myEnv.websites.tellesflorian.integration; 4 secrets = config.myEnv.websites.tellesflorian.integration;
5 app = pkgs.callPackage ./app { 5 webRoot = "/var/lib/ftp/immae/florian/web";
6 composerEnv = pkgs.composerEnv.override { php = pkgs.php72; };
7 environment = secrets.environment;
8 varDir = "/var/lib/florian_app";
9 secretsPath = config.secrets.fullPaths."websites/florian/app";
10 };
11 cfg = config.myServices.websites.florian.app; 6 cfg = config.myServices.websites.florian.app;
12 pcfg = config.services.phpApplication; 7 pcfg = config.services.phpApplication;
13in { 8in {
@@ -19,14 +14,15 @@ in {
19 websiteEnv = "integration"; 14 websiteEnv = "integration";
20 httpdUser = config.services.httpd.Inte.user; 15 httpdUser = config.services.httpd.Inte.user;
21 httpdGroup = config.services.httpd.Inte.group; 16 httpdGroup = config.services.httpd.Inte.group;
22 inherit (app) webRoot varDir; 17 inherit webRoot;
18 varDir = "/var/lib/ftp/immae/florian_var";
23 varDirPaths = { 19 varDirPaths = {
24 "var" = "0700"; 20 "var" = "0700";
25 }; 21 };
26 inherit app; 22 app = "/var/lib/ftp/immae/florian";
27 serviceDeps = [ "mysql.service" ]; 23 serviceDeps = [ "mysql.service" ];
28 preStartActions = [ 24 preStartActions = [
29 "./bin/console --env=${app.environment} cache:clear --no-warmup" 25 "./bin/console --env=dev cache:clear --no-warmup"
30 ]; 26 ];
31 phpOpenbasedir = [ "/tmp" ]; 27 phpOpenbasedir = [ "/tmp" ];
32 phpPool = { 28 phpPool = {
@@ -81,7 +77,7 @@ in {
81 certName = "integration"; 77 certName = "integration";
82 addToCerts = true; 78 addToCerts = true;
83 hosts = [ "app.tellesflorian.com" ]; 79 hosts = [ "app.tellesflorian.com" ];
84 root = app.webRoot; 80 root = webRoot;
85 extraConfig = [ 81 extraConfig = [
86 '' 82 ''
87 <FilesMatch "\.php$"> 83 <FilesMatch "\.php$">
@@ -99,7 +95,7 @@ in {
99 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>" 95 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
100 </Location> 96 </Location>
101 97
102 <Directory ${app.webRoot}> 98 <Directory ${webRoot}>
103 Options Indexes FollowSymLinks MultiViews Includes 99 Options Indexes FollowSymLinks MultiViews Includes
104 AllowOverride None 100 AllowOverride None
105 Require all granted 101 Require all granted
diff --git a/modules/private/websites/isabelle/aten_integration.nix b/modules/private/websites/isabelle/aten_integration.nix
index 7e0aaf7..288f20d 100644
--- a/modules/private/websites/isabelle/aten_integration.nix
+++ b/modules/private/websites/isabelle/aten_integration.nix
@@ -1,11 +1,7 @@
1{ lib, pkgs, config, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = config.myEnv.websites.isabelle.aten_integration; 3 secrets = config.myEnv.websites.isabelle.aten_integration;
4 app = pkgs.callPackage ./aten_app { 4 webRoot = "/var/lib/ftp/immae/aten/public";
5 composerEnv = pkgs.composerEnv.override { php = pkgs.php72; };
6 environment = secrets.environment;
7 varDir = "/var/lib/isabelle_aten_integration";
8 };
9 cfg = config.myServices.websites.isabelle.aten_integration; 5 cfg = config.myServices.websites.isabelle.aten_integration;
10 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
11in { 7in {
@@ -20,11 +16,12 @@ in {
20 httpdWatchFiles = [ 16 httpdWatchFiles = [
21 config.secrets.fullPaths."websites/isabelle/aten_integration" 17 config.secrets.fullPaths."websites/isabelle/aten_integration"
22 ]; 18 ];
23 inherit (app) webRoot varDir; 19 inherit webRoot;
24 inherit app; 20 varDir = "/var/lib/ftp/immae/aten_var";
21 app = "/var/lib/ftp/immae/aten";
25 serviceDeps = [ "postgresql.service" ]; 22 serviceDeps = [ "postgresql.service" ];
26 preStartActions = [ 23 preStartActions = [
27 "APP_ENV=${app.environment} ./bin/console --env=${app.environment} cache:clear --no-warmup" 24 "APP_ENV=dev ./bin/console --env=dev cache:clear --no-warmup"
28 ]; 25 ];
29 phpOpenbasedir = [ "/tmp" ]; 26 phpOpenbasedir = [ "/tmp" ];
30 phpPool = { 27 phpPool = {
@@ -51,7 +48,7 @@ in {
51 # vendor/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php#parseDatabaseUrlQuery 48 # vendor/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php#parseDatabaseUrlQuery
52 psql_url = with secrets.postgresql; "pdo-pgsql://${user}:${password}@invalid:${port}/${database}?host=${socket}"; 49 psql_url = with secrets.postgresql; "pdo-pgsql://${user}:${password}@invalid:${port}/${database}?host=${socket}";
53 in '' 50 in ''
54 SetEnv APP_ENV "${app.environment}" 51 SetEnv APP_ENV "dev"
55 SetEnv APP_SECRET "${secrets.secret}" 52 SetEnv APP_SECRET "${secrets.secret}"
56 SetEnv DATABASE_URL "${psql_url}" 53 SetEnv DATABASE_URL "${psql_url}"
57 ''; 54 '';
@@ -60,7 +57,7 @@ in {
60 certName = "integration"; 57 certName = "integration";
61 addToCerts = true; 58 addToCerts = true;
62 hosts = [ "dev.aten.pro" ]; 59 hosts = [ "dev.aten.pro" ];
63 root = app.webRoot; 60 root = webRoot;
64 extraConfig = [ 61 extraConfig = [
65 '' 62 ''
66 <FilesMatch "\.php$"> 63 <FilesMatch "\.php$">
@@ -81,7 +78,7 @@ in {
81 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://aten.pro\"></html>" 78 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://aten.pro\"></html>"
82 </Location> 79 </Location>
83 80
84 <Directory ${app.webRoot}> 81 <Directory ${webRoot}>
85 Options Indexes FollowSymLinks MultiViews Includes 82 Options Indexes FollowSymLinks MultiViews Includes
86 AllowOverride All 83 AllowOverride All
87 Require all granted 84 Require all granted
diff --git a/modules/private/websites/ludivine/integration.nix b/modules/private/websites/ludivine/integration.nix
index 99c9acf..d04295d 100644
--- a/modules/private/websites/ludivine/integration.nix
+++ b/modules/private/websites/ludivine/integration.nix
@@ -1,14 +1,9 @@
1{ lib, pkgs, config, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = config.myEnv.websites.ludivine.integration; 3 secrets = config.myEnv.websites.ludivine.integration;
4 app = pkgs.callPackage ./app {
5 composerEnv = pkgs.composerEnv.override { php = pkgs.php72; };
6 environment = secrets.environment;
7 varDir = "/var/lib/ludivine_integration";
8 secretsPath = config.secrets.fullPaths."websites/ludivine/integration";
9 };
10 cfg = config.myServices.websites.ludivine.integration; 4 cfg = config.myServices.websites.ludivine.integration;
11 pcfg = config.services.phpApplication; 5 pcfg = config.services.phpApplication;
6 webRoot = "/var/lib/ftp/immae/ludivine/web";
12in { 7in {
13 options.myServices.websites.ludivine.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration"; 8 options.myServices.websites.ludivine.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration";
14 9
@@ -18,14 +13,15 @@ in {
18 websiteEnv = "integration"; 13 websiteEnv = "integration";
19 httpdUser = config.services.httpd.Inte.user; 14 httpdUser = config.services.httpd.Inte.user;
20 httpdGroup = config.services.httpd.Inte.group; 15 httpdGroup = config.services.httpd.Inte.group;
21 inherit (app) webRoot varDir; 16 inherit webRoot;
17 varDir = "/var/lib/ftp/immae/ludivine_var";
18 app = "/var/lib/ftp/immae/ludivine";
22 varDirPaths = { 19 varDirPaths = {
23 "tmp" = "0700"; 20 "tmp" = "0700";
24 }; 21 };
25 inherit app;
26 serviceDeps = [ "mysql.service" ]; 22 serviceDeps = [ "mysql.service" ];
27 preStartActions = [ 23 preStartActions = [
28 "./bin/console --env=${app.environment} cache:clear --no-warmup" 24 "./bin/console --env=dev cache:clear --no-warmup"
29 ]; 25 ];
30 phpOpenbasedir = [ "/tmp" ]; 26 phpOpenbasedir = [ "/tmp" ];
31 phpPool = { 27 phpPool = {
@@ -90,7 +86,7 @@ in {
90 certName = "integration"; 86 certName = "integration";
91 addToCerts = true; 87 addToCerts = true;
92 hosts = [ "ludivine.immae.eu" ]; 88 hosts = [ "ludivine.immae.eu" ];
93 root = app.webRoot; 89 root = webRoot;
94 extraConfig = [ 90 extraConfig = [
95 '' 91 ''
96 <FilesMatch "\.php$"> 92 <FilesMatch "\.php$">
@@ -103,7 +99,7 @@ in {
103 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://ludivinecassal.com\"></html>" 99 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://ludivinecassal.com\"></html>"
104 </Location> 100 </Location>
105 101
106 <Directory ${app.webRoot}> 102 <Directory ${webRoot}>
107 Options Indexes FollowSymLinks MultiViews Includes 103 Options Indexes FollowSymLinks MultiViews Includes
108 AllowOverride None 104 AllowOverride None
109 Require all granted 105 Require all granted
diff --git a/modules/private/websites/piedsjaloux/integration.nix b/modules/private/websites/piedsjaloux/integration.nix
index 437b127..64d577e 100644
--- a/modules/private/websites/piedsjaloux/integration.nix
+++ b/modules/private/websites/piedsjaloux/integration.nix
@@ -1,12 +1,7 @@
1{ lib, pkgs, config, ... }: 1{ lib, pkgs, config, ... }:
2let 2let
3 secrets = config.myEnv.websites.piedsjaloux.integration; 3 secrets = config.myEnv.websites.piedsjaloux.integration;
4 app = pkgs.callPackage ./app { 4 webRoot = "/var/lib/ftp/immae/piedsjaloux/web";
5 composerEnv = pkgs.composerEnv.override { php = pkgs.php72; };
6 environment = secrets.environment;
7 varDir = "/var/lib/piedsjaloux_integration";
8 secretsPath = config.secrets.fullPaths."websites/piedsjaloux/integration";
9 };
10 cfg = config.myServices.websites.piedsjaloux.integration; 5 cfg = config.myServices.websites.piedsjaloux.integration;
11 pcfg = config.services.phpApplication; 6 pcfg = config.services.phpApplication;
12 texlive = pkgs.texlive.combine { inherit (pkgs.texlive) attachfile preprint scheme-small; }; 7 texlive = pkgs.texlive.combine { inherit (pkgs.texlive) attachfile preprint scheme-small; };
@@ -19,14 +14,15 @@ in {
19 websiteEnv = "integration"; 14 websiteEnv = "integration";
20 httpdUser = config.services.httpd.Inte.user; 15 httpdUser = config.services.httpd.Inte.user;
21 httpdGroup = config.services.httpd.Inte.group; 16 httpdGroup = config.services.httpd.Inte.group;
22 inherit (app) webRoot varDir; 17 inherit webRoot;
18 varDir = "/var/lib/ftp/immae/piedsjaloux_var";
23 varDirPaths = { 19 varDirPaths = {
24 "tmp" = "0700"; 20 "tmp" = "0700";
25 }; 21 };
26 inherit app; 22 app = "/var/lib/ftp/immae/piedsjaloux";
27 serviceDeps = [ "mysql.service" ]; 23 serviceDeps = [ "mysql.service" ];
28 preStartActions = [ 24 preStartActions = [
29 "./bin/console --env=${app.environment} cache:clear --no-warmup" 25 "./bin/console --env=dev cache:clear --no-warmup"
30 ]; 26 ];
31 phpOpenbasedir = [ "/tmp" ]; 27 phpOpenbasedir = [ "/tmp" ];
32 phpPool = { 28 phpPool = {
@@ -47,7 +43,7 @@ in {
47 SYMFONY_DEBUG_MODE = "\"yes\""; 43 SYMFONY_DEBUG_MODE = "\"yes\"";
48 }; 44 };
49 phpWatchFiles = [ 45 phpWatchFiles = [
50 app.secretsPath 46 config.secrets.fullPaths."websites/piedsjaloux/integration"
51 ]; 47 ];
52 phpPackage = pkgs.php72; 48 phpPackage = pkgs.php72;
53 }; 49 };
@@ -80,7 +76,7 @@ in {
80 certName = "integration"; 76 certName = "integration";
81 addToCerts = true; 77 addToCerts = true;
82 hosts = [ "piedsjaloux.immae.eu" ]; 78 hosts = [ "piedsjaloux.immae.eu" ];
83 root = app.webRoot; 79 root = webRoot;
84 extraConfig = [ 80 extraConfig = [
85 '' 81 ''
86 <FilesMatch "\.php$"> 82 <FilesMatch "\.php$">
@@ -93,7 +89,7 @@ in {
93 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://piedsjaloux.fr\"></html>" 89 ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://piedsjaloux.fr\"></html>"
94 </Location> 90 </Location>
95 91
96 <Directory ${app.webRoot}> 92 <Directory ${webRoot}>
97 Options Indexes FollowSymLinks MultiViews Includes 93 Options Indexes FollowSymLinks MultiViews Includes
98 AllowOverride None 94 AllowOverride None
99 Require all granted 95 Require all granted
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 499ef91..9052473 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -121,14 +121,14 @@ in {
121 certMainHost = "devtools.immae.eu"; 121 certMainHost = "devtools.immae.eu";
122 addToCerts = true; 122 addToCerts = true;
123 hosts = [ "devtools.immae.eu" ]; 123 hosts = [ "devtools.immae.eu" ];
124 root = "/var/lib/ftp/devtools.immae.eu"; 124 root = "/var/lib/ftp/immae/devtools";
125 extraConfig = [ 125 extraConfig = [
126 '' 126 ''
127 Use Apaxy "/var/lib/ftp/devtools.immae.eu" "title" 127 Use Apaxy "/var/lib/ftp/immae/devtools" "title"
128 Timeout 600 128 Timeout 600
129 ProxyTimeout 600 129 ProxyTimeout 600
130 Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}" 130 Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}"
131 <Directory "/var/lib/ftp/devtools.immae.eu"> 131 <Directory "/var/lib/ftp/immae/devtools">
132 DirectoryIndex index.php index.htm index.html 132 DirectoryIndex index.php index.htm index.html
133 AllowOverride all 133 AllowOverride all
134 Require all granted 134 Require all granted
@@ -339,7 +339,7 @@ in {
339 "pm.min_spare_servers" = "1"; 339 "pm.min_spare_servers" = "1";
340 "pm.max_spare_servers" = "10"; 340 "pm.max_spare_servers" = "10";
341 341
342 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"; 342 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/immae/devtools:/tmp";
343 }; 343 };
344 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.mysqli all.redis all.apcu all.opcache ]); 344 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.mysqli all.redis all.apcu all.opcache ]);
345 }; 345 };