diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-16 17:40:07 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-16 20:20:45 +0200 |
commit | 4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0 (patch) | |
tree | 9a7ede9ac3f1899074e9ef568a447f883191d3b5 /modules/private/websites/chloe | |
parent | da30ae4ffdd153a1eb32fb86f9ca9a65aa19e4e2 (diff) | |
download | Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.gz Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.zst Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.zip |
Use attrs for secrets instead of lists
Diffstat (limited to 'modules/private/websites/chloe')
-rw-r--r-- | modules/private/websites/chloe/integration.nix | 43 | ||||
-rw-r--r-- | modules/private/websites/chloe/production.nix | 43 |
2 files changed, 40 insertions, 46 deletions
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix index ffae6ec..c4b79f8 100644 --- a/modules/private/websites/chloe/integration.nix +++ b/modules/private/websites/chloe/integration.nix | |||
@@ -15,29 +15,26 @@ in { | |||
15 | 15 | ||
16 | config = lib.mkIf cfg.enable { | 16 | config = lib.mkIf cfg.enable { |
17 | services.duplyBackup.profiles.chloe_integration.rootDir = app.varDir; | 17 | services.duplyBackup.profiles.chloe_integration.rootDir = app.varDir; |
18 | secrets.keys = [ | 18 | secrets.keys."websites/chloe/integration" = { |
19 | { | 19 | user = apacheUser; |
20 | dest = "websites/chloe/integration"; | 20 | group = apacheGroup; |
21 | user = apacheUser; | 21 | permissions = "0400"; |
22 | group = apacheGroup; | 22 | text = '' |
23 | permissions = "0400"; | 23 | SetEnv SPIP_CONFIG_DIR "${./config}" |
24 | text = '' | 24 | SetEnv SPIP_VAR_DIR "${app.varDir}" |
25 | SetEnv SPIP_CONFIG_DIR "${./config}" | 25 | SetEnv SPIP_SITE "chloe-${app.environment}" |
26 | SetEnv SPIP_VAR_DIR "${app.varDir}" | 26 | SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu" |
27 | SetEnv SPIP_SITE "chloe-${app.environment}" | 27 | SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" |
28 | SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu" | 28 | SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}" |
29 | SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" | 29 | SetEnv SPIP_LDAP_SEARCH_PW "${ccfg.ldap.password}" |
30 | SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}" | 30 | SetEnv SPIP_LDAP_SEARCH "${ccfg.ldap.filter}" |
31 | SetEnv SPIP_LDAP_SEARCH_PW "${ccfg.ldap.password}" | 31 | SetEnv SPIP_MYSQL_HOST "${ccfg.mysql.host}" |
32 | SetEnv SPIP_LDAP_SEARCH "${ccfg.ldap.filter}" | 32 | SetEnv SPIP_MYSQL_PORT "${ccfg.mysql.port}" |
33 | SetEnv SPIP_MYSQL_HOST "${ccfg.mysql.host}" | 33 | SetEnv SPIP_MYSQL_DB "${ccfg.mysql.database}" |
34 | SetEnv SPIP_MYSQL_PORT "${ccfg.mysql.port}" | 34 | SetEnv SPIP_MYSQL_USER "${ccfg.mysql.user}" |
35 | SetEnv SPIP_MYSQL_DB "${ccfg.mysql.database}" | 35 | SetEnv SPIP_MYSQL_PASSWORD "${ccfg.mysql.password}" |
36 | SetEnv SPIP_MYSQL_USER "${ccfg.mysql.user}" | 36 | ''; |
37 | SetEnv SPIP_MYSQL_PASSWORD "${ccfg.mysql.password}" | 37 | }; |
38 | ''; | ||
39 | } | ||
40 | ]; | ||
41 | systemd.services.phpfpm-chloe_integration.after = lib.mkAfter [ "mysql.service" ]; | 38 | systemd.services.phpfpm-chloe_integration.after = lib.mkAfter [ "mysql.service" ]; |
42 | systemd.services.phpfpm-chloe_integration.wants = [ "mysql.service" ]; | 39 | systemd.services.phpfpm-chloe_integration.wants = [ "mysql.service" ]; |
43 | services.phpfpm.pools.chloe_integration = { | 40 | services.phpfpm.pools.chloe_integration = { |
diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix index 7f8f1de..92ae05b 100644 --- a/modules/private/websites/chloe/production.nix +++ b/modules/private/websites/chloe/production.nix | |||
@@ -16,29 +16,26 @@ in { | |||
16 | config = lib.mkIf cfg.enable { | 16 | config = lib.mkIf cfg.enable { |
17 | services.duplyBackup.profiles.chloe_production.rootDir = app.varDir; | 17 | services.duplyBackup.profiles.chloe_production.rootDir = app.varDir; |
18 | services.duplyBackup.profiles.chloe_production.remotes = ["eriomem" "ovh"]; | 18 | services.duplyBackup.profiles.chloe_production.remotes = ["eriomem" "ovh"]; |
19 | secrets.keys = [ | 19 | secrets.keys."websites/chloe/production" = { |
20 | { | 20 | user = apacheUser; |
21 | dest = "websites/chloe/production"; | 21 | group = apacheGroup; |
22 | user = apacheUser; | 22 | permissions = "0400"; |
23 | group = apacheGroup; | 23 | text = '' |
24 | permissions = "0400"; | 24 | SetEnv SPIP_CONFIG_DIR "${./config}" |
25 | text = '' | 25 | SetEnv SPIP_VAR_DIR "${app.varDir}" |
26 | SetEnv SPIP_CONFIG_DIR "${./config}" | 26 | SetEnv SPIP_SITE "chloe-${app.environment}" |
27 | SetEnv SPIP_VAR_DIR "${app.varDir}" | 27 | SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu" |
28 | SetEnv SPIP_SITE "chloe-${app.environment}" | 28 | SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" |
29 | SetEnv SPIP_LDAP_BASE "dc=immae,dc=eu" | 29 | SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}" |
30 | SetEnv SPIP_LDAP_HOST "ldaps://ldap.immae.eu" | 30 | SetEnv SPIP_LDAP_SEARCH_PW "${ccfg.ldap.password}" |
31 | SetEnv SPIP_LDAP_SEARCH_DN "${ccfg.ldap.dn}" | 31 | SetEnv SPIP_LDAP_SEARCH "${ccfg.ldap.filter}" |
32 | SetEnv SPIP_LDAP_SEARCH_PW "${ccfg.ldap.password}" | 32 | SetEnv SPIP_MYSQL_HOST "${ccfg.mysql.host}" |
33 | SetEnv SPIP_LDAP_SEARCH "${ccfg.ldap.filter}" | 33 | SetEnv SPIP_MYSQL_PORT "${ccfg.mysql.port}" |
34 | SetEnv SPIP_MYSQL_HOST "${ccfg.mysql.host}" | 34 | SetEnv SPIP_MYSQL_DB "${ccfg.mysql.database}" |
35 | SetEnv SPIP_MYSQL_PORT "${ccfg.mysql.port}" | 35 | SetEnv SPIP_MYSQL_USER "${ccfg.mysql.user}" |
36 | SetEnv SPIP_MYSQL_DB "${ccfg.mysql.database}" | 36 | SetEnv SPIP_MYSQL_PASSWORD "${ccfg.mysql.password}" |
37 | SetEnv SPIP_MYSQL_USER "${ccfg.mysql.user}" | 37 | ''; |
38 | SetEnv SPIP_MYSQL_PASSWORD "${ccfg.mysql.password}" | 38 | }; |
39 | ''; | ||
40 | } | ||
41 | ]; | ||
42 | services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ]; | 39 | services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ]; |
43 | 40 | ||
44 | systemd.services.phpfpm-chloe_production.after = lib.mkAfter [ "mysql.service" ]; | 41 | systemd.services.phpfpm-chloe_production.after = lib.mkAfter [ "mysql.service" ]; |