diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-18 10:49:00 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-18 10:49:00 +0200 |
commit | f8026b6e4c869aa108f6361c8ccd50890657994d (patch) | |
tree | 57cb311e520933bd2ab6ccbae05f2913799eb49e /modules/private/websites/leila/production.nix | |
parent | 4aac110f17f0528d90510eec00c9a8df60bcf04f (diff) | |
download | Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.tar.gz Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.tar.zst Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.zip |
Move personal websites to modules
Diffstat (limited to 'modules/private/websites/leila/production.nix')
-rw-r--r-- | modules/private/websites/leila/production.nix | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/modules/private/websites/leila/production.nix b/modules/private/websites/leila/production.nix new file mode 100644 index 0000000..1ce8eea --- /dev/null +++ b/modules/private/websites/leila/production.nix | |||
@@ -0,0 +1,82 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.leila.production; | ||
4 | varDir = "/var/lib/ftp/leila"; | ||
5 | in { | ||
6 | options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's website in production"; | ||
7 | |||
8 | config = lib.mkIf cfg.enable { | ||
9 | services.myPhpfpm.poolConfigs.leila = '' | ||
10 | listen = /run/phpfpm/leila.sock | ||
11 | user = wwwrun | ||
12 | group = wwwrun | ||
13 | listen.owner = wwwrun | ||
14 | listen.group = wwwrun | ||
15 | |||
16 | pm = ondemand | ||
17 | pm.max_children = 5 | ||
18 | pm.process_idle_timeout = 60 | ||
19 | |||
20 | php_admin_value[open_basedir] = "${varDir}:/tmp" | ||
21 | ''; | ||
22 | |||
23 | services.webstats.sites = [ | ||
24 | { name = "leila.bouya.org"; } | ||
25 | { name = "chorale.leila.bouya.org"; } | ||
26 | ]; | ||
27 | |||
28 | services.websites.production.modules = [ "proxy_fcgi" ]; | ||
29 | services.websites.production.vhostConfs.leila_chorale = { | ||
30 | certName = "leila"; | ||
31 | addToCerts = true; | ||
32 | hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ]; | ||
33 | root = "${varDir}/Chorale"; | ||
34 | extraConfig = [ | ||
35 | '' | ||
36 | Use Stats chorale.leila.bouya.org | ||
37 | <Directory ${varDir}/Chorale> | ||
38 | DirectoryIndex index.php index.htm index.html | ||
39 | Options Indexes FollowSymLinks MultiViews Includes | ||
40 | AllowOverride None | ||
41 | |||
42 | Use LDAPConnect | ||
43 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | ||
44 | |||
45 | <FilesMatch "\.php$"> | ||
46 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | ||
47 | </FilesMatch> | ||
48 | </Directory> | ||
49 | '' | ||
50 | ]; | ||
51 | }; | ||
52 | services.websites.production.vhostConfs.leila = { | ||
53 | certName = "leila"; | ||
54 | certMainHost = "leila.bouya.org"; | ||
55 | hosts = [ "leila.bouya.org" ]; | ||
56 | root = varDir; | ||
57 | extraConfig = [ | ||
58 | '' | ||
59 | Use Stats leila.bouya.org | ||
60 | <Directory ${varDir}/Chorale> | ||
61 | DirectoryIndex index.htm index.html | ||
62 | Options Indexes FollowSymLinks MultiViews Includes | ||
63 | AllowOverride None | ||
64 | |||
65 | Use LDAPConnect | ||
66 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | ||
67 | |||
68 | <FilesMatch "\.php$"> | ||
69 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | ||
70 | </FilesMatch> | ||
71 | </Directory> | ||
72 | <Directory ${varDir}> | ||
73 | DirectoryIndex index.htm index.html | ||
74 | Options Indexes FollowSymLinks MultiViews Includes | ||
75 | AllowOverride None | ||
76 | Require all granted | ||
77 | </Directory> | ||
78 | '' | ||
79 | ]; | ||
80 | }; | ||
81 | }; | ||
82 | } | ||