Add evariste website

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-03-25 00:34:28 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-03-25 00:34:28 +0100
commit: ab97f6e7a32d37e3aefc260d8b8ed35a40261518 (patch)
tree: 67c5f13aa9e3e5ab8899304a1cf75ac5545760d0 /modules
parent: 360b270415155fb5eaade600b5bff90bc695a245 (diff)
download: Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.tar.gz
Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.tar.zst
Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.zip
3 files changed, 103 insertions, 0 deletions
diff --git a/modules/private/default.nix b/modules/private/default.nix
index 3996eac..ece6907 100644
--- a/modules/private/default.nix
+++ b/modules/private/default.nix
@@ -38,6 +38,7 @@ set = {
  ludivinecassalProd = ./websites/ludivinecassal/production.nix;
  nassimeProd = ./websites/nassime/production.nix;
  naturaloutilProd = ./websites/naturaloutil/production.nix;
+  evaristeProd = ./websites/evariste/production.nix;
  telioTortayProd = ./websites/teliotortay/production.nix;
  papaMaisonBbc = ./websites/papa/maison_bbc.nix;
  papaSurveillance = ./websites/papa/surveillance.nix;
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index 90f24a4..5c0e655 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -256,6 +256,7 @@ in
      nassime.production.enable = true;
+      evariste.production.enable = true;
      naturaloutil.production.enable = true;
      telioTortay.production.enable = true;
diff --git a/modules/private/websites/evariste/production.nix b/modules/private/websites/evariste/production.nix
new file mode 100644
index 0000000..00e6fe1
--- /dev/null
+++ b/modules/private/websites/evariste/production.nix
@@ -0,0 +1,101 @@
+{ lib, pkgs, config,  ... }:
+let
+  cfg = config.myServices.websites.evariste.production;
+  nsiVarDir = "/var/lib/ftp/nsievariste";
+  stmgVarDir = "/var/lib/ftp/stmgevariste";
+in {
+  options.myServices.websites.evariste.production.enable = lib.mkEnableOption "enable NSI/STMG Evariste website";
+  config = lib.mkIf cfg.enable {
+    services.webstats.sites = [
+      { name = "nsievariste.immae.eu"; }
+      { name = "stmgevariste.immae.eu"; }
+    ];
+    services.websites.env.production.modules = [ "proxy_fcgi" ];
+    system.activationScripts.evariste = {
+      deps = [ "httpd" ];
+      text = ''
+        install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/nsievariste
+        install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/stmgevariste
+        '';
+    };
+    services.phpfpm.pools.nsievariste = {
+      listen = "/run/phpfpm/nsievariste.sock";
+      extraConfig = ''
+        user = wwwrun
+        group = wwwrun
+        listen.owner = wwwrun
+        listen.group = wwwrun
+        pm = ondemand
+        pm.max_children = 5
+        pm.process_idle_timeout = 60
+        php_admin_value[open_basedir] = "/var/lib/php/sessions/nsievariste:${nsiVarDir}:/tmp"
+        php_admin_value[session.save_path] = "/var/lib/php/sessions/nsievariste"
+        '';
+    };
+    services.websites.env.production.vhostConfs.nsievariste = {
+      certName     = "eldiron";
+      addToCerts   = true;
+      hosts        = ["nsievariste.immae.eu" ];
+      root         = nsiVarDir;
+      extraConfig  = [
+        ''
+        Use Stats nsievariste.immae.eu
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:/run/phpfpm/nsievariste.sock|fcgi://localhost"
+        </FilesMatch>
+        <Directory ${nsiVarDir}>
+          DirectoryIndex index.php index.htm index.html
+          Options Indexes FollowSymLinks MultiViews Includes
+          AllowOverride None
+          Require all granted
+        </Directory>
+          ''
+      ];
+    };
+    services.phpfpm.pools.stmgevariste = {
+      listen = "/run/phpfpm/stmgevariste.sock";
+      extraConfig = ''
+        user = wwwrun
+        group = wwwrun
+        listen.owner = wwwrun
+        listen.group = wwwrun
+        pm = ondemand
+        pm.max_children = 5
+        pm.process_idle_timeout = 60
+        php_admin_value[open_basedir] = "/var/lib/php/sessions/stmgevariste:${stmgVarDir}:/tmp"
+        php_admin_value[session.save_path] = "/var/lib/php/sessions/stmgevariste"
+        '';
+    };
+    services.websites.env.production.vhostConfs.stmgevariste = {
+      certName     = "eldiron";
+      addToCerts   = true;
+      hosts        = ["stmgevariste.immae.eu" ];
+      root         = stmgVarDir;
+      extraConfig  = [
+        ''
+        Use Stats stmgevariste.immae.eu
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:/run/phpfpm/stmgevariste.sock|fcgi://localhost"
+        </FilesMatch>
+        <Directory ${stmgVarDir}>
+          DirectoryIndex index.php index.htm index.html
+          Options Indexes FollowSymLinks MultiViews Includes
+          AllowOverride None
+          Require all granted
+        </Directory>
+          ''
+      ];
+    };
+  };
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-03-25 00:34:28 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-03-25 00:34:28 +0100
commit	ab97f6e7a32d37e3aefc260d8b8ed35a40261518 (patch)
tree	67c5f13aa9e3e5ab8899304a1cf75ac5545760d0 /modules
parent	360b270415155fb5eaade600b5bff90bc695a245 (diff)
download	Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.tar.gz Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.tar.zst Nix-ab97f6e7a32d37e3aefc260d8b8ed35a40261518.zip

diff --git a/modules/private/default.nix b/modules/private/default.nix index 3996eac..ece6907 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix
@@ -38,6 +38,7 @@ set = {
38	ludivinecassalProd = ./websites/ludivinecassal/production.nix;	38	ludivinecassalProd = ./websites/ludivinecassal/production.nix;
39	nassimeProd = ./websites/nassime/production.nix;	39	nassimeProd = ./websites/nassime/production.nix;
40	naturaloutilProd = ./websites/naturaloutil/production.nix;	40	naturaloutilProd = ./websites/naturaloutil/production.nix;
		41	evaristeProd = ./websites/evariste/production.nix;
41	telioTortayProd = ./websites/teliotortay/production.nix;	42	telioTortayProd = ./websites/teliotortay/production.nix;
42	papaMaisonBbc = ./websites/papa/maison_bbc.nix;	43	papaMaisonBbc = ./websites/papa/maison_bbc.nix;
43	papaSurveillance = ./websites/papa/surveillance.nix;	44	papaSurveillance = ./websites/papa/surveillance.nix;


diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index 90f24a4..5c0e655 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix
@@ -256,6 +256,7 @@ in
256		256
257	nassime.production.enable = true;	257	nassime.production.enable = true;
258		258
		259	evariste.production.enable = true;
259	naturaloutil.production.enable = true;	260	naturaloutil.production.enable = true;
260	telioTortay.production.enable = true;	261	telioTortay.production.enable = true;
261		262


diff --git a/modules/private/websites/evariste/production.nix b/modules/private/websites/evariste/production.nix new file mode 100644 index 0000000..00e6fe1 --- /dev/null +++ b/modules/private/websites/evariste/production.nix
@@ -0,0 +1,101 @@
		1	{ lib, pkgs, config, ... }:
		2	let
		3	cfg = config.myServices.websites.evariste.production;
		4	nsiVarDir = "/var/lib/ftp/nsievariste";
		5	stmgVarDir = "/var/lib/ftp/stmgevariste";
		6	in {
		7	options.myServices.websites.evariste.production.enable = lib.mkEnableOption "enable NSI/STMG Evariste website";
		8
		9	config = lib.mkIf cfg.enable {
		10	services.webstats.sites = [
		11	{ name = "nsievariste.immae.eu"; }
		12	{ name = "stmgevariste.immae.eu"; }
		13	];
		14
		15	services.websites.env.production.modules = [ "proxy_fcgi" ];
		16	system.activationScripts.evariste = {
		17	deps = [ "httpd" ];
		18	text = ''
		19	install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/nsievariste
		20	install -m 0755 -o wwwrun -g wwwrun -d /var/lib/php/sessions/stmgevariste
		21	'';
		22	};
		23	services.phpfpm.pools.nsievariste = {
		24	listen = "/run/phpfpm/nsievariste.sock";
		25	extraConfig = ''
		26	user = wwwrun
		27	group = wwwrun
		28	listen.owner = wwwrun
		29	listen.group = wwwrun
		30
		31	pm = ondemand
		32	pm.max_children = 5
		33	pm.process_idle_timeout = 60
		34
		35	php_admin_value[open_basedir] = "/var/lib/php/sessions/nsievariste:${nsiVarDir}:/tmp"
		36	php_admin_value[session.save_path] = "/var/lib/php/sessions/nsievariste"
		37	'';
		38	};
		39	services.websites.env.production.vhostConfs.nsievariste = {
		40	certName = "eldiron";
		41	addToCerts = true;
		42	hosts = ["nsievariste.immae.eu" ];
		43	root = nsiVarDir;
		44	extraConfig = [
		45	''
		46	Use Stats nsievariste.immae.eu
		47
		48	<FilesMatch "\.php$">
		49	SetHandler "proxy:unix:/run/phpfpm/nsievariste.sock\|fcgi://localhost"
		50	</FilesMatch>
		51
		52	<Directory ${nsiVarDir}>
		53	DirectoryIndex index.php index.htm index.html
		54	Options Indexes FollowSymLinks MultiViews Includes
		55	AllowOverride None
		56	Require all granted
		57	</Directory>
		58	''
		59	];
		60	};
		61
		62	services.phpfpm.pools.stmgevariste = {
		63	listen = "/run/phpfpm/stmgevariste.sock";
		64	extraConfig = ''
		65	user = wwwrun
		66	group = wwwrun
		67	listen.owner = wwwrun
		68	listen.group = wwwrun
		69
		70	pm = ondemand
		71	pm.max_children = 5
		72	pm.process_idle_timeout = 60
		73
		74	php_admin_value[open_basedir] = "/var/lib/php/sessions/stmgevariste:${stmgVarDir}:/tmp"
		75	php_admin_value[session.save_path] = "/var/lib/php/sessions/stmgevariste"
		76	'';
		77	};
		78	services.websites.env.production.vhostConfs.stmgevariste = {
		79	certName = "eldiron";
		80	addToCerts = true;
		81	hosts = ["stmgevariste.immae.eu" ];
		82	root = stmgVarDir;
		83	extraConfig = [
		84	''
		85	Use Stats stmgevariste.immae.eu
		86
		87	<FilesMatch "\.php$">
		88	SetHandler "proxy:unix:/run/phpfpm/stmgevariste.sock\|fcgi://localhost"
		89	</FilesMatch>
		90
		91	<Directory ${stmgVarDir}>
		92	DirectoryIndex index.php index.htm index.html
		93	Options Indexes FollowSymLinks MultiViews Includes
		94	AllowOverride None
		95	Require all granted
		96	</Directory>
		97	''
		98	];
		99	};
		100	};
		101	}