diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-01-11 15:34:31 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-01-11 15:34:31 +0100 |
commit | 423c3f1caefdf5f125a2acf7456b5ca0273cee4b (patch) | |
tree | 079f24a9d16dd83d0779d4f7a4c17e49a0160457 /modules/private/websites/isabelle/iridologie.nix | |
parent | 619e4f46adc15e409122c4e0fa0e0a0b811bb32f (diff) | |
download | Nix-423c3f1caefdf5f125a2acf7456b5ca0273cee4b.tar.gz Nix-423c3f1caefdf5f125a2acf7456b5ca0273cee4b.tar.zst Nix-423c3f1caefdf5f125a2acf7456b5ca0273cee4b.zip |
Add iridologie via spip
Diffstat (limited to 'modules/private/websites/isabelle/iridologie.nix')
-rw-r--r-- | modules/private/websites/isabelle/iridologie.nix | 76 |
1 files changed, 33 insertions, 43 deletions
diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix index cb4e300..460bd2a 100644 --- a/modules/private/websites/isabelle/iridologie.nix +++ b/modules/private/websites/isabelle/iridologie.nix | |||
@@ -1,59 +1,49 @@ | |||
1 | { lib, config, ... }: | 1 | { lib, pkgs, config, ... }: |
2 | let | 2 | let |
3 | iridologie = pkgs.callPackage ./spip_builder.nix { | ||
4 | inherit (pkgs.webapps) iridologie; | ||
5 | config = config.myEnv.websites.isabelle.iridologie; | ||
6 | apacheUser = config.services.httpd.Prod.user; | ||
7 | apacheGroup = config.services.httpd.Prod.group; | ||
8 | }; | ||
9 | |||
3 | cfg = config.myServices.websites.isabelle.iridologie; | 10 | cfg = config.myServices.websites.isabelle.iridologie; |
4 | varDir = "/var/lib/ftp/isabelle"; | ||
5 | in { | 11 | in { |
6 | options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website"; | 12 | options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website"; |
7 | 13 | ||
8 | config = lib.mkIf cfg.enable { | 14 | config = lib.mkIf cfg.enable { |
15 | services.duplyBackup.profiles.iridologie_prod.rootDir = iridologie.app.varDir; | ||
16 | secrets.keys = iridologie.keys; | ||
9 | services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ]; | 17 | services.webstats.sites = [ { name = "iridologie.icommandeur.org"; } ]; |
10 | system.activationScripts.iridologie = { | ||
11 | deps = [ "httpd" ]; | ||
12 | text = '' | ||
13 | install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/iridologie | ||
14 | ''; | ||
15 | }; | ||
16 | services.phpfpm.pools.iridologie = { | ||
17 | listen = "/run/phpfpm/iridologie.sock"; | ||
18 | extraConfig = '' | ||
19 | user = wwwrun | ||
20 | group = wwwrun | ||
21 | listen.owner = wwwrun | ||
22 | listen.group = wwwrun | ||
23 | |||
24 | pm = ondemand | ||
25 | pm.max_children = 5 | ||
26 | pm.process_idle_timeout = 60 | ||
27 | 18 | ||
28 | php_admin_value[open_basedir] = "/var/lib/php/sessions/iridologie:${varDir}:/tmp" | 19 | systemd.services.phpfpm-iridologie.after = lib.mkAfter iridologie.phpFpm.serviceDeps; |
29 | php_admin_value[session.save_path] = "/var/lib/php/sessions/iridologie" | 20 | systemd.services.phpfpm-iridologie.wants = iridologie.phpFpm.serviceDeps; |
30 | ''; | 21 | services.phpfpm.pools.iridologie = { |
22 | listen = iridologie.phpFpm.socket; | ||
23 | extraConfig = iridologie.phpFpm.pool; | ||
24 | phpOptions = config.services.phpfpm.phpOptions + '' | ||
25 | extension=${pkgs.php}/lib/php/extensions/mysqli.so | ||
26 | ''; | ||
31 | }; | 27 | }; |
32 | services.websites.env.production.modules = [ "proxy_fcgi" ]; | 28 | system.activationScripts.iridologie = iridologie.activationScript; |
29 | myServices.websites.webappDirs."${iridologie.apache.webappName}" = iridologie.app.webRoot; | ||
30 | services.websites.env.production.modules = iridologie.apache.modules; | ||
33 | services.websites.env.production.vhostConfs.iridologie = { | 31 | services.websites.env.production.vhostConfs.iridologie = { |
34 | certName = "aten"; | 32 | certName = "aten"; |
35 | addToCerts = true; | 33 | addToCerts = true; |
36 | hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ]; | 34 | hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ]; |
37 | root = varDir; | 35 | root = iridologie.apache.root; |
38 | extraConfig = [ | 36 | extraConfig = [ |
39 | '' | 37 | '' |
40 | Use Stats iridologie.icommandeur.org | 38 | RewriteEngine On |
41 | RewriteEngine On | 39 | RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC] |
42 | RewriteCond "%{HTTP_HOST}" "!^iridologie\.icommandeur\.org$" [NC] | 40 | RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L] |
43 | RewriteRule ^(.+)$ https://iridologie.icommandeur.org$1 [R=302,L] | ||
44 | |||
45 | <FilesMatch "\.php$"> | ||
46 | SetHandler "proxy:unix:/run/phpfpm/iridologie.sock|fcgi://localhost" | ||
47 | </FilesMatch> | ||
48 | |||
49 | <Directory ${varDir}> | ||
50 | DirectoryIndex index.php index.htm index.html | ||
51 | AllowOverride All | ||
52 | Require all granted | ||
53 | </Directory> | ||
54 | '' | 41 | '' |
42 | iridologie.apache.vhostConf | ||
55 | ]; | 43 | ]; |
56 | }; | 44 | }; |
45 | services.websites.env.production.watchPaths = [ | ||
46 | "/var/secrets/webapps/${iridologie.app.environment}-iridologie" | ||
47 | ]; | ||
57 | }; | 48 | }; |
58 | } | 49 | } |
59 | |||