Add iridologie via spip

1 files changed, 33 insertions, 43 deletions

diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix
index cb4e300..460bd2a 100644
--- a/modules/private/websites/isabelle/iridologie.nix
+++ b/modules/private/websites/isabelle/iridologie.nix
@@ -1,59 +1,49 @@
-{ lib, config,  ... }:
+{ lib, pkgs, config,  ... }:
 let
+  iridologie = pkgs.callPackage ./spip_builder.nix {
+    inherit (pkgs.webapps) iridologie;
+    config = config.myEnv.websites.isabelle.iridologie;
+    apacheUser = config.services.httpd.Prod.user;
+    apacheGroup = config.services.httpd.Prod.group;
+  };
+
   cfg = config.myServices.websites.isabelle.iridologie;
-  varDir = "/var/lib/ftp/isabelle";
 in {
   options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website";
 
   config = lib.mkIf cfg.enable {
+    services.duplyBackup.profiles.iridologie_prod.rootDir = iridologie.app.varDir;
+    secrets.keys = iridologie.keys;
     services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ];
-    system.activationScripts.iridologie = {
-      deps = [ "httpd" ];
-      text = ''
-        install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/iridologie
-        '';
-    };
-    services.phpfpm.pools.iridologie = {
-      listen = "/run/phpfpm/iridologie.sock";
-      extraConfig = ''
-        user = wwwrun
-        group = wwwrun
-        listen.owner = wwwrun
-        listen.group = wwwrun
-
-        pm = ondemand
-        pm.max_children = 5
-        pm.process_idle_timeout = 60
 
-        php_admin_value[open_basedir] = "/var/lib/php/sessions/iridologie:${varDir}:/tmp"
-        php_admin_value[session.save_path] = "/var/lib/php/sessions/iridologie"
-        '';
+    systemd.services.phpfpm-iridologie.after = lib.mkAfter iridologie.phpFpm.serviceDeps;
+    systemd.services.phpfpm-iridologie.wants = iridologie.phpFpm.serviceDeps;
+    services.phpfpm.pools.iridologie = {
+      listen = iridologie.phpFpm.socket;
+      extraConfig = iridologie.phpFpm.pool;
+      phpOptions = config.services.phpfpm.phpOptions + ''
+        extension=${pkgs.php}/lib/php/extensions/mysqli.so
+      '';
     };
-    services.websites.env.production.modules = [ "proxy_fcgi" ];
+    system.activationScripts.iridologie = iridologie.activationScript;
+    myServices.websites.webappDirs."${iridologie.apache.webappName}" = iridologie.app.webRoot;
+    services.websites.env.production.modules = iridologie.apache.modules;
     services.websites.env.production.vhostConfs.iridologie = {
-      certName    = "aten";
-      addToCerts  = true;
-      hosts       = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
-      root        = varDir;
-      extraConfig = [
+      certName     = "aten";
+      addToCerts   = true;
+      hosts        = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
+      root         = iridologie.apache.root;
+      extraConfig  = [
         ''
-        Use Stats iridologie.icommandeur.org
-        RewriteEngine On
-        RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
-        RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
-
-        <FilesMatch "\.php$">
-          SetHandler "proxy:unix:/run/phpfpm/iridologie.sock|fcgi://localhost"
-        </FilesMatch>
-
-        <Directory ${varDir}>
-          DirectoryIndex index.php index.htm index.html
-          AllowOverride All
-          Require all granted
-        </Directory>
+          RewriteEngine On
+          RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC]
+          RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L]
           ''
+        iridologie.apache.vhostConf
       ];
     };
+    services.websites.env.production.watchPaths = [
+      "/var/secrets/webapps/${iridologie.app.environment}-iridologie"
+    ];
   };
 }
-