diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-18 10:49:00 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-18 10:49:00 +0200 |
| commit | f8026b6e4c869aa108f6361c8ccd50890657994d (patch) | |
| tree | 57cb311e520933bd2ab6ccbae05f2913799eb49e /modules/private/websites/leila | |
| parent | 4aac110f17f0528d90510eec00c9a8df60bcf04f (diff) | |
| download | Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.tar.gz Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.tar.zst Nix-f8026b6e4c869aa108f6361c8ccd50890657994d.zip | |
Move personal websites to modules
Diffstat (limited to 'modules/private/websites/leila')
| -rw-r--r-- | modules/private/websites/leila/production.nix | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/modules/private/websites/leila/production.nix b/modules/private/websites/leila/production.nix new file mode 100644 index 0000000..1ce8eea --- /dev/null +++ b/modules/private/websites/leila/production.nix | |||
| @@ -0,0 +1,82 @@ | |||
| 1 | { lib, pkgs, config, ... }: | ||
| 2 | let | ||
| 3 | cfg = config.myServices.websites.leila.production; | ||
| 4 | varDir = "/var/lib/ftp/leila"; | ||
| 5 | in { | ||
| 6 | options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's website in production"; | ||
| 7 | |||
| 8 | config = lib.mkIf cfg.enable { | ||
| 9 | services.myPhpfpm.poolConfigs.leila = '' | ||
| 10 | listen = /run/phpfpm/leila.sock | ||
| 11 | user = wwwrun | ||
| 12 | group = wwwrun | ||
| 13 | listen.owner = wwwrun | ||
| 14 | listen.group = wwwrun | ||
| 15 | |||
| 16 | pm = ondemand | ||
| 17 | pm.max_children = 5 | ||
| 18 | pm.process_idle_timeout = 60 | ||
| 19 | |||
| 20 | php_admin_value[open_basedir] = "${varDir}:/tmp" | ||
| 21 | ''; | ||
| 22 | |||
| 23 | services.webstats.sites = [ | ||
| 24 | { name = "leila.bouya.org"; } | ||
| 25 | { name = "chorale.leila.bouya.org"; } | ||
| 26 | ]; | ||
| 27 | |||
| 28 | services.websites.production.modules = [ "proxy_fcgi" ]; | ||
| 29 | services.websites.production.vhostConfs.leila_chorale = { | ||
| 30 | certName = "leila"; | ||
| 31 | addToCerts = true; | ||
| 32 | hosts = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ]; | ||
| 33 | root = "${varDir}/Chorale"; | ||
| 34 | extraConfig = [ | ||
| 35 | '' | ||
| 36 | Use Stats chorale.leila.bouya.org | ||
| 37 | <Directory ${varDir}/Chorale> | ||
| 38 | DirectoryIndex index.php index.htm index.html | ||
| 39 | Options Indexes FollowSymLinks MultiViews Includes | ||
| 40 | AllowOverride None | ||
| 41 | |||
| 42 | Use LDAPConnect | ||
| 43 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | ||
| 44 | |||
| 45 | <FilesMatch "\.php$"> | ||
| 46 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | ||
| 47 | </FilesMatch> | ||
| 48 | </Directory> | ||
| 49 | '' | ||
| 50 | ]; | ||
| 51 | }; | ||
| 52 | services.websites.production.vhostConfs.leila = { | ||
| 53 | certName = "leila"; | ||
| 54 | certMainHost = "leila.bouya.org"; | ||
| 55 | hosts = [ "leila.bouya.org" ]; | ||
| 56 | root = varDir; | ||
| 57 | extraConfig = [ | ||
| 58 | '' | ||
| 59 | Use Stats leila.bouya.org | ||
| 60 | <Directory ${varDir}/Chorale> | ||
| 61 | DirectoryIndex index.htm index.html | ||
| 62 | Options Indexes FollowSymLinks MultiViews Includes | ||
| 63 | AllowOverride None | ||
| 64 | |||
| 65 | Use LDAPConnect | ||
| 66 | Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu | ||
| 67 | |||
| 68 | <FilesMatch "\.php$"> | ||
| 69 | SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost" | ||
| 70 | </FilesMatch> | ||
| 71 | </Directory> | ||
| 72 | <Directory ${varDir}> | ||
| 73 | DirectoryIndex index.htm index.html | ||
| 74 | Options Indexes FollowSymLinks MultiViews Includes | ||
| 75 | AllowOverride None | ||
| 76 | Require all granted | ||
| 77 | </Directory> | ||
| 78 | '' | ||
| 79 | ]; | ||
| 80 | }; | ||
| 81 | }; | ||
| 82 | } | ||