diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-04-18 16:10:56 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-04-20 01:51:48 +0200 |
commit | d3452fc59b9839846225fd254926c64a9c71f071 (patch) | |
tree | a98a0958b826ac4b2ab137720edf0195c65dd958 /modules/private/websites/emilia | |
parent | 514f9ec3beec470c4445be690673a0ceab9115b4 (diff) | |
download | Nix-d3452fc59b9839846225fd254926c64a9c71f071.tar.gz Nix-d3452fc59b9839846225fd254926c64a9c71f071.tar.zst Nix-d3452fc59b9839846225fd254926c64a9c71f071.zip |
Refactor websites
Diffstat (limited to 'modules/private/websites/emilia')
-rw-r--r-- | modules/private/websites/emilia/moodle.nix | 69 | ||||
-rw-r--r-- | modules/private/websites/emilia/production.nix | 69 | ||||
-rw-r--r-- | modules/private/websites/emilia/richie.json | 14 | ||||
-rw-r--r-- | modules/private/websites/emilia/richie.nix | 102 |
4 files changed, 69 insertions, 185 deletions
diff --git a/modules/private/websites/emilia/moodle.nix b/modules/private/websites/emilia/moodle.nix new file mode 100644 index 0000000..d49faf5 --- /dev/null +++ b/modules/private/websites/emilia/moodle.nix | |||
@@ -0,0 +1,69 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.emilia.moodle; | ||
4 | env = config.myEnv.websites.emilia; | ||
5 | varDir = "/var/lib/emilia_moodle"; | ||
6 | siteDir = ./moodle; | ||
7 | webappName = "emilia_moodle"; | ||
8 | webappdir = config.services.websites.webappDirsPaths.emilia_moodle; | ||
9 | # php_admin_value[upload_max_filesize] = 50000000 | ||
10 | # php_admin_value[post_max_size] = 50000000 | ||
11 | configFile = '' | ||
12 | <?php // Moodle configuration file | ||
13 | |||
14 | unset($CFG); | ||
15 | global $CFG; | ||
16 | $CFG = new stdClass(); | ||
17 | |||
18 | $CFG->dbtype = 'pgsql'; | ||
19 | $CFG->dblibrary = 'native'; | ||
20 | $CFG->dbhost = '${env.postgresql.host}'; | ||
21 | $CFG->dbname = '${env.postgresql.database}'; | ||
22 | $CFG->dbuser = '${env.postgresql.user}'; | ||
23 | $CFG->dbpass = '${env.postgresql.password}'; | ||
24 | $CFG->prefix = 'mdl_'; | ||
25 | $CFG->dboptions = array ( | ||
26 | 'dbpersist' => 0, | ||
27 | 'dbport' => '${env.postgreesql.port}', | ||
28 | 'dbsocket' => '${env.postgresql.password}', | ||
29 | ); | ||
30 | |||
31 | $CFG->wwwroot = 'https://www.saison-photo.org'; | ||
32 | $CFG->dataroot = '${varDir}'; | ||
33 | $CFG->admin = 'admin'; | ||
34 | |||
35 | $CFG->directorypermissions = 02777; | ||
36 | |||
37 | require_once(__DIR__ . '/lib/setup.php'); | ||
38 | |||
39 | // There is no php closing tag in this file, | ||
40 | // it is intentional because it prevents trailing whitespace problems! | ||
41 | ''; | ||
42 | apacheUser = config.services.httpd.Prod.user; | ||
43 | apacheGroup = config.services.httpd.Prod.group; | ||
44 | in { | ||
45 | options.myServices.websites.emilia.moodle.enable = lib.mkEnableOption "enable Emilia's website"; | ||
46 | |||
47 | config = lib.mkIf cfg.enable { | ||
48 | services.duplyBackup.profiles.emilia_moodle.rootDir = varDir; | ||
49 | system.activationScripts.emilia_moodle = '' | ||
50 | install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${varDir} | ||
51 | ''; | ||
52 | services.websites.webappDirs.emilia_moodle = siteDir; | ||
53 | services.websites.env.production.vhostConfs.emilia_moodle = { | ||
54 | certName = "emilia"; | ||
55 | certMainHost = "saison-photo.org"; | ||
56 | hosts = [ "saison-photo.org" "www.saison-photo.org" ]; | ||
57 | root = webappdir; | ||
58 | extraConfig = [ | ||
59 | '' | ||
60 | <Directory ${webappdir}> | ||
61 | DirectoryIndex pause.html | ||
62 | Options Indexes FollowSymLinks MultiViews Includes | ||
63 | Require all granted | ||
64 | </Directory> | ||
65 | '' | ||
66 | ]; | ||
67 | }; | ||
68 | }; | ||
69 | } | ||
diff --git a/modules/private/websites/emilia/production.nix b/modules/private/websites/emilia/production.nix deleted file mode 100644 index 71b97dd..0000000 --- a/modules/private/websites/emilia/production.nix +++ /dev/null | |||
@@ -1,69 +0,0 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.emilia.production; | ||
4 | env = config.myEnv.websites.emilia; | ||
5 | varDir = "/var/lib/moodle"; | ||
6 | siteDir = ./moodle; | ||
7 | webappName = "emilia_moodle"; | ||
8 | root = "/run/current-system/webapps/${webappName}"; | ||
9 | # php_admin_value[upload_max_filesize] = 50000000 | ||
10 | # php_admin_value[post_max_size] = 50000000 | ||
11 | configFile = '' | ||
12 | <?php // Moodle configuration file | ||
13 | |||
14 | unset($CFG); | ||
15 | global $CFG; | ||
16 | $CFG = new stdClass(); | ||
17 | |||
18 | $CFG->dbtype = 'pgsql'; | ||
19 | $CFG->dblibrary = 'native'; | ||
20 | $CFG->dbhost = '${env.postgresql.host}'; | ||
21 | $CFG->dbname = '${env.postgresql.database}'; | ||
22 | $CFG->dbuser = '${env.postgresql.user}'; | ||
23 | $CFG->dbpass = '${env.postgresql.password}'; | ||
24 | $CFG->prefix = 'mdl_'; | ||
25 | $CFG->dboptions = array ( | ||
26 | 'dbpersist' => 0, | ||
27 | 'dbport' => '${env.postgreesql.port}', | ||
28 | 'dbsocket' => '${env.postgresql.password}', | ||
29 | ); | ||
30 | |||
31 | $CFG->wwwroot = 'https://www.saison-photo.org'; | ||
32 | $CFG->dataroot = '${varDir}'; | ||
33 | $CFG->admin = 'admin'; | ||
34 | |||
35 | $CFG->directorypermissions = 02777; | ||
36 | |||
37 | require_once(__DIR__ . '/lib/setup.php'); | ||
38 | |||
39 | // There is no php closing tag in this file, | ||
40 | // it is intentional because it prevents trailing whitespace problems! | ||
41 | ''; | ||
42 | in { | ||
43 | options.myServices.websites.emilia.production.enable = lib.mkEnableOption "enable Emilia's website"; | ||
44 | |||
45 | config = lib.mkIf cfg.enable { | ||
46 | services.duplyBackup.profiles.emilia_prod = { | ||
47 | rootDir = varDir; | ||
48 | }; | ||
49 | system.activationScripts.emilia = '' | ||
50 | install -m 0755 -o wwwrun -g wwwrun -d ${varDir} | ||
51 | ''; | ||
52 | myServices.websites.webappDirs."${webappName}" = siteDir; | ||
53 | services.websites.env.production.vhostConfs.emilia = { | ||
54 | certName = "emilia"; | ||
55 | certMainHost = "saison-photo.org"; | ||
56 | hosts = [ "saison-photo.org" "www.saison-photo.org" ]; | ||
57 | root = root; | ||
58 | extraConfig = [ | ||
59 | '' | ||
60 | <Directory ${root}> | ||
61 | DirectoryIndex pause.html | ||
62 | Options Indexes FollowSymLinks MultiViews Includes | ||
63 | Require all granted | ||
64 | </Directory> | ||
65 | '' | ||
66 | ]; | ||
67 | }; | ||
68 | }; | ||
69 | } | ||
diff --git a/modules/private/websites/emilia/richie.json b/modules/private/websites/emilia/richie.json deleted file mode 100644 index f51d8c1..0000000 --- a/modules/private/websites/emilia/richie.json +++ /dev/null | |||
@@ -1,14 +0,0 @@ | |||
1 | { | ||
2 | "tag": "11490d4-master", | ||
3 | "meta": { | ||
4 | "name": "richie", | ||
5 | "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Richie", | ||
6 | "branch": "master" | ||
7 | }, | ||
8 | "git": { | ||
9 | "url": "ssh://gitolite@git.immae.eu/perso/Immae/Sites/Richie", | ||
10 | "rev": "11490d4591034deca7681aae8d9a22ca6cd8da4a", | ||
11 | "sha256": "1rlq5qkbaw9n7yxhyvvimrizwkpqlhhsc8mhipzxlwk1si81fci1", | ||
12 | "fetchSubmodules": true | ||
13 | } | ||
14 | } | ||
diff --git a/modules/private/websites/emilia/richie.nix b/modules/private/websites/emilia/richie.nix deleted file mode 100644 index 98ab1cd..0000000 --- a/modules/private/websites/emilia/richie.nix +++ /dev/null | |||
@@ -1,102 +0,0 @@ | |||
1 | { lib, config, pkgs, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.emilia.richie_production; | ||
4 | vardir = "/var/lib/richie_production"; | ||
5 | richieSrc = pkgs.stdenv.mkDerivation (pkgs.mylibs.fetchedGitPrivate ./richie.json // { | ||
6 | phases = "installPhase"; | ||
7 | installPhase = '' | ||
8 | cp -a $src $out | ||
9 | chmod -R u+w $out | ||
10 | ln -sf ${vardir}/files $out/ | ||
11 | ln -sf ${vardir}/drapeaux $out/images/ | ||
12 | ln -sf ${vardir}/photos $out/ | ||
13 | sed -i "s@localedef --list-archive@localedef --list-archive /run/current-system/sw/lib/locale/locale-archive@" $out/admin/parametres.php | ||
14 | ''; | ||
15 | }); | ||
16 | in | ||
17 | { | ||
18 | options.myServices.websites.emilia.richie_production.enable = lib.mkEnableOption "enable Richie's website"; | ||
19 | config = lib.mkIf cfg.enable { | ||
20 | services.duplyBackup.profiles.richie_production.rootDir = vardir; | ||
21 | services.webstats.sites = [ { name = "europe-richie.org"; } ]; | ||
22 | |||
23 | secrets.keys = [{ | ||
24 | dest = "webapps/prod-richie"; | ||
25 | user = "wwwrun"; | ||
26 | group = "wwwrun"; | ||
27 | permissions = "0400"; | ||
28 | text = with config.myEnv.websites.richie; '' | ||
29 | <?php | ||
30 | |||
31 | $hote_sql = '${mysql.host}'; | ||
32 | $login_sql = '${mysql.user}'; | ||
33 | $bdd_sql = '${mysql.database}'; | ||
34 | $mdp_sql = '${mysql.password}'; | ||
35 | |||
36 | $db = mysqli_connect($hote_sql,$login_sql,$mdp_sql); | ||
37 | unset($mdp_sql); | ||
38 | |||
39 | $smtp_mailer->Auth('${smtp_mailer.user}', '${smtp_mailer.password}'); | ||
40 | ?> | ||
41 | ''; | ||
42 | }]; | ||
43 | myServices.websites.webappDirs.richie_production = richieSrc; | ||
44 | system.activationScripts.richie_production = { | ||
45 | deps = [ "httpd" ]; | ||
46 | text = '' | ||
47 | install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/richie_production | ||
48 | install -m 0755 -o wwwrun -g wwwrun -d ${vardir} | ||
49 | ''; | ||
50 | }; | ||
51 | services.phpfpm.pools.richie_production = { | ||
52 | user = "wwwrun"; | ||
53 | group = "wwwrun"; | ||
54 | settings = { | ||
55 | "listen.owner" = "wwwrun"; | ||
56 | "listen.group" = "wwwrun"; | ||
57 | |||
58 | "pm" = "ondemand"; | ||
59 | "pm.max_children" = "5"; | ||
60 | "pm.process_idle_timeout" = "60"; | ||
61 | |||
62 | "php_admin_value[open_basedir]" = "${vardir}:/var/lib/php/sessions/richie_production:/var/secrets/webapps/prod-richie:${richieSrc}:/tmp"; | ||
63 | "php_admin_value[session.save_path]" = "/var/lib/php/sessions/richie_production"; | ||
64 | }; | ||
65 | phpEnv = { | ||
66 | PATH = "/run/current-system/sw/bin:${lib.makeBinPath [ pkgs.imagemagick ]}"; | ||
67 | BDD_CONNECT = "/var/secrets/webapps/prod-richie"; | ||
68 | }; | ||
69 | phpOptions = config.services.phpfpm.phpOptions + '' | ||
70 | date.timezone = 'Europe/Paris' | ||
71 | extension=${pkgs.php}/lib/php/extensions/mysqli.so | ||
72 | ''; | ||
73 | }; | ||
74 | services.websites.env.production.modules = [ "proxy_fcgi" ]; | ||
75 | services.websites.env.production.vhostConfs.richie_production = { | ||
76 | certName = "richie"; | ||
77 | addToCerts = true; | ||
78 | certMainHost = "europe-richie.org"; | ||
79 | hosts = [ "europe-richie.org" "www.europe-richie.org" ]; | ||
80 | root = "/run/current-system/webapps/richie_production"; | ||
81 | extraConfig = [ | ||
82 | '' | ||
83 | Use Stats europe-richie.org | ||
84 | ErrorDocument 404 /404.html | ||
85 | <LocationMatch "^/files/.*/admin/"> | ||
86 | Require all denied | ||
87 | </LocationMatch> | ||
88 | <Directory /run/current-system/webapps/richie_production> | ||
89 | DirectoryIndex index.php index.htm index.html | ||
90 | Options Indexes FollowSymLinks MultiViews Includes | ||
91 | AllowOverride None | ||
92 | Require all granted | ||
93 | |||
94 | <FilesMatch "\.php$"> | ||
95 | SetHandler "proxy:unix:${config.services.phpfpm.pools.richie_production.socket}|fcgi://localhost" | ||
96 | </FilesMatch> | ||
97 | </Directory> | ||
98 | '' | ||
99 | ]; | ||
100 | }; | ||
101 | }; | ||
102 | } | ||