6 files changed, 172 insertions, 167 deletions
diff --git a/nixops/modules/websites/tellesflorian/default.nix b/nixops/modules/websites/tellesflorian/default.nix
index f86b0c5..381476c 100644
--- a/nixops/modules/websites/tellesflorian/default.nix
+++ b/nixops/modules/websites/tellesflorian/default.nix
@@ -1,13 +1,13 @@
 { lib, pkgs, config, myconfig, mylibs, ... }:
 let
-    adminer = pkgs.callPackage ../commons/adminer.nix {};
+  adminer = pkgs.callPackage ../commons/adminer.nix {};
-    tellesflorian = pkgs.callPackage ./tellesflorian.nix { inherit (mylibs) fetchedGitPrivate; };
+  tellesflorian_dev  = pkgs.callPackage ./tellesflorian.nix {
-    tellesflorian_dev  = tellesflorian {
+    inherit (pkgs.private.webapps) tellesflorian;
-      config = myconfig.env.websites.tellesflorian.integration;
+    config = myconfig.env.websites.tellesflorian.integration;
-    };
+  };
-    cfg = config.services.myWebsites.TellesFlorian;
+  cfg = config.services.myWebsites.TellesFlorian;
 in {
  options.services.myWebsites.TellesFlorian = {
    integration = {
@@ -24,7 +24,7 @@ in {
    system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript;
    system.extraSystemBuilderCmds = ''
      mkdir -p $out/webapps
-      ln -s ${tellesflorian_dev.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}
+      ln -s ${tellesflorian_dev.app.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}
      '';
    services.myWebsites.integration.modules = adminer.apache.modules ++ tellesflorian_dev.apache.modules;
    services.myWebsites.integration.vhostConfs.tellesflorian = {
diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.nix b/nixops/modules/websites/tellesflorian/tellesflorian.nix
index afd723c..5955431 100644
--- a/nixops/modules/websites/tellesflorian/tellesflorian.nix
+++ b/nixops/modules/websites/tellesflorian/tellesflorian.nix
@@ -1,175 +1,154 @@
-{ lib, writeText, fetchedGitPrivate, fetchurl, stdenv, composerEnv }:
+{ tellesflorian, config }:
-let
+rec {
-  tellesflorian = { config }: rec {
+  app = tellesflorian.override { inherit (config) environment; };
-    environment = config.environment;
+  keys = [
-    varDir = "/var/lib/tellesflorian_${environment}";
+    {
-    keys = [
+      dest = "webapps/${app.environment}-tellesflorian-passwords";
-      {
+      user = apache.user;
-        dest = "webapps/${environment}-tellesflorian-passwords";
+      group = apache.group;
-        user = apache.user;
+      permissions = "0400";
-        group = apache.group;
+      text = ''
-        permissions = "0400";
+        invite:${config.invite_passwords}
-        text = ''
+      '';
-          invite:${config.invite_passwords}
+    }
-        '';
+    {
-      }
+      dest = "webapps/${app.environment}-tellesflorian";
-      {
+      user = apache.user;
-        dest = "webapps/${environment}-tellesflorian";
+      group = apache.group;
-        user = apache.user;
+      permissions = "0400";
-        group = apache.group;
+      text = ''
-        permissions = "0400";
+        # This file is auto-generated during the composer install
-        text = ''
+        parameters:
-          # This file is auto-generated during the composer install
+          database_host: ${config.mysql.host}
-          parameters:
+          database_port: ${config.mysql.port}
-            database_host: ${config.mysql.host}
+          database_name: ${config.mysql.name}
-            database_port: ${config.mysql.port}
+          database_user: ${config.mysql.user}
-            database_name: ${config.mysql.name}
+          database_password: ${config.mysql.password}
-            database_user: ${config.mysql.user}
+          mailer_transport: smtp
-            database_password: ${config.mysql.password}
+          mailer_host: 127.0.0.1
-            mailer_transport: smtp
+          mailer_user: null
-            mailer_host: 127.0.0.1
+          mailer_password: null
-            mailer_user: null
+          secret: ${config.secret}
-            mailer_password: null
+      '';
-            secret: ${config.secret}
+    }
-        '';
+  ];
-      }
+  phpFpm = rec {
-    ];
+    preStart = ''
-    phpFpm = rec {
+      if [ ! -f "${app.varDir}/currentWebappDir" -o \
-      preStart = ''
+          ! -f "${app.varDir}/currentKey" -o \
-        if [ ! -f "${varDir}/currentWebappDir" -o \
+          "${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
-            ! -f "${varDir}/currentKey" -o \
+          || ! sha512sum -c --status ${app.varDir}/currentKey; then
-            "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \
+        pushd ${app} > /dev/null
-            || ! sha512sum -c --status ${varDir}/currentKey; then
+        /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
-          pushd ${webappDir} > /dev/null
+        popd > /dev/null
-          /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup
+        echo -n "${app}" > ${app.varDir}/currentWebappDir
-          popd > /dev/null
+        sha512sum /var/secrets/webapps/${app.environment}-tellesflorian > ${app.varDir}/currentKey
-          echo -n "${webappDir}" > ${varDir}/currentWebappDir
+      fi
-          sha512sum /var/secrets/webapps/${environment}-tellesflorian > ${varDir}/currentKey
+      '';
-        fi
+    serviceDeps = [ "mysql.service" ];
-        '';
+    socket = "/var/run/phpfpm/floriantelles-${app.environment}.sock";
-      serviceDeps = [ "mysql.service" ];
+    pool = ''
-      socket = "/var/run/phpfpm/floriantelles-${environment}.sock";
+      listen = ${socket}
-      pool = ''
+      user = ${apache.user}
-        listen = ${socket}
+      group = ${apache.group}
-        user = ${apache.user}
+      listen.owner = ${apache.user}
-        group = ${apache.group}
+      listen.group = ${apache.group}
-        listen.owner = ${apache.user}
+      php_admin_value[upload_max_filesize] = 20M
-        listen.group = ${apache.group}
+      php_admin_value[post_max_size] = 20M
-        php_admin_value[upload_max_filesize] = 20M
+      ;php_admin_flag[log_errors] = on
-        php_admin_value[post_max_size] = 20M
+      php_admin_value[open_basedir] = "/var/secrets/webapps/${app.environment}-tellesflorian:${app}:${app.varDir}:/tmp"
-        ;php_admin_flag[log_errors] = on
+      php_admin_value[session.save_path] = "${app.varDir}/phpSessions"
-        php_admin_value[open_basedir] = "/var/secrets/webapps/${environment}-tellesflorian:${webappDir}:${varDir}:/tmp"
+      ${if app.environment == "dev" then ''
-        php_admin_value[session.save_path] = "${varDir}/phpSessions"
+      pm = ondemand
-        ${if environment == "dev" then ''
+      pm.max_children = 5
-        pm = ondemand
+      pm.process_idle_timeout = 60
-        pm.max_children = 5
+      env[SYMFONY_DEBUG_MODE] = "yes"
-        pm.process_idle_timeout = 60
+      '' else ''
-        env[SYMFONY_DEBUG_MODE] = "yes"
+      pm = dynamic
-        '' else ''
+      pm.max_children = 20
-        pm = dynamic
+      pm.start_servers = 2
-        pm.max_children = 20
+      pm.min_spare_servers = 1
-        pm.start_servers = 2
+      pm.max_spare_servers = 3
-        pm.min_spare_servers = 1
+      ''}'';
-        pm.max_spare_servers = 3
+  };
-        ''}'';
+  apache = rec {
-    };
+    user = "wwwrun";
-    apache = rec {
+    group = "wwwrun";
-      user = "wwwrun";
+    modules = [ "proxy_fcgi" ];
-      group = "wwwrun";
+    webappName = "florian_${app.environment}";
-      modules = [ "proxy_fcgi" ];
+    root = "/run/current-system/webapps/${webappName}";
-      webappName = "florian_${environment}";
+    vhostConf = ''
-      root = "/run/current-system/webapps/${webappName}";
+    <FilesMatch "\.php$">
-      vhostConf = ''
+      SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-      <FilesMatch "\.php$">
+    </FilesMatch>
-        SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-      </FilesMatch>
-      ${if environment == "dev" then ''
+    ${if app.environment == "dev" then ''
-      <Location />
+    <Location />
-        AuthBasicProvider file ldap
+      AuthBasicProvider file ldap
-        Use LDAPConnect
+      Use LDAPConnect
-        Require ldap-group   cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu
+      Require ldap-group   cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu
-        AuthUserFile "/var/secrets/webapps/${environment}-tellesflorian-passwords"
+      AuthUserFile "/var/secrets/webapps/${app.environment}-tellesflorian-passwords"
-        Require user "invite"
+      Require user "invite"
-        ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
+      ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
-      </Location>
+    </Location>
-      <Directory ${root}>
+    <Directory ${root}>
-        Options Indexes FollowSymLinks MultiViews Includes
+      Options Indexes FollowSymLinks MultiViews Includes
-        AllowOverride None
+      AllowOverride None
-        Require all granted
+      Require all granted
-        DirectoryIndex app_dev.php
+      DirectoryIndex app_dev.php
-        <IfModule mod_negotiation.c>
+      <IfModule mod_negotiation.c>
-        Options -MultiViews
+      Options -MultiViews
-        </IfModule>
+      </IfModule>
-        <IfModule mod_rewrite.c>
+      <IfModule mod_rewrite.c>
-          RewriteEngine On
+        RewriteEngine On
-          RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
+        RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
-          RewriteRule ^(.*) - [E=BASE:%1]
+        RewriteRule ^(.*) - [E=BASE:%1]
-          # Maintenance script
+        # Maintenance script
-          RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f
+        RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f
-          RewriteCond %{SCRIPT_FILENAME} !maintenance.php
+        RewriteCond %{SCRIPT_FILENAME} !maintenance.php
-          RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L]
+        RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L]
-          ErrorDocument 503 /maintenance.php
+        ErrorDocument 503 /maintenance.php
-          # Sets the HTTP_AUTHORIZATION header removed by Apache
+        # Sets the HTTP_AUTHORIZATION header removed by Apache
-          RewriteCond %{HTTP:Authorization} .
+        RewriteCond %{HTTP:Authorization} .
-          RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+        RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-          RewriteCond %{ENV:REDIRECT_STATUS} ^$
+        RewriteCond %{ENV:REDIRECT_STATUS} ^$
-          RewriteRule ^app_dev\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
+        RewriteRule ^app_dev\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
-          # If the requested filename exists, simply serve it.
+        # If the requested filename exists, simply serve it.
-          # We only want to let Apache serve files and not directories.
+        # We only want to let Apache serve files and not directories.
-          RewriteCond %{REQUEST_FILENAME} -f
+        RewriteCond %{REQUEST_FILENAME} -f
-          RewriteRule ^ - [L]
+        RewriteRule ^ - [L]
-          # Rewrite all other queries to the front controller.
+        # Rewrite all other queries to the front controller.
-          RewriteRule ^ %{ENV:BASE}/app_dev.php [L]
+        RewriteRule ^ %{ENV:BASE}/app_dev.php [L]
-        </IfModule>
+      </IfModule>
-      </Directory>
+    </Directory>
-      '' else ''
+    '' else ''
-      <Directory ${root}>
+    <Directory ${root}>
-        Options Indexes FollowSymLinks MultiViews Includes
+      Options Indexes FollowSymLinks MultiViews Includes
-        AllowOverride All
+      AllowOverride All
-        Require all granted
+      Require all granted
-      </Directory>
+    </Directory>
-      ''}
+    ''}
-      '';
+    '';
-    };
+  };
-    activationScript = {
+  activationScript = {
-      deps = [ "wrappers" ];
+    deps = [ "wrappers" ];
-      text = ''
+    text = ''
-      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+    install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
-        ${varDir}/var
+      ${app.varDir}/var
-      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+    install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
-      '';
+    '';
-    };
-    webappDir = composerEnv.buildPackage (
-      import ./php-packages.nix { inherit composerEnv fetchurl; } //
-      fetchedGitPrivate ./tellesflorian.json //
-      rec {
-        noDev = (environment == "prod");
-        preInstall = ''
-          export SYMFONY_ENV="${environment}"
-          '';
-        postInstall = ''
-          cd $out
-          rm app/config/parameters.yml
-          ln -sf /var/secrets/webapps/${environment}-tellesflorian app/config/parameters.yml
-          rm -rf var/{logs,cache}
-          ln -sf ${varDir}/var/{logs,cache,sessions} var/
-          '';
-      });
-    webRoot = "${webappDir}/web";
  };
-in
+}
-  tellesflorian
diff --git a/pkgs/private/webapps/default.nix b/pkgs/private/webapps/default.nix
index 9acff98..46ad31c 100644
--- a/pkgs/private/webapps/default.nix
+++ b/pkgs/private/webapps/default.nix
@@ -4,4 +4,5 @@ rec {
  connexionswing = callPackage ./connexionswing { inherit composerEnv mylibs;};
  ludivinecassal = callPackage ./ludivinecassal { inherit composerEnv mylibs; };
  piedsjaloux = callPackage ./piedsjaloux { inherit composerEnv mylibs; };
+  tellesflorian = callPackage ./tellesflorian { inherit composerEnv mylibs; };
 }
diff --git a/pkgs/private/webapps/tellesflorian/default.nix b/pkgs/private/webapps/tellesflorian/default.nix
new file mode 100644
index 0000000..b1ccb98
--- /dev/null
+++ b/pkgs/private/webapps/tellesflorian/default.nix
@@ -0,0 +1,25 @@
+{ environment ? "prod"
+, varDir ? "/var/lib/tellesflorian_${environment}"
+, composerEnv, fetchurl, mylibs }:
+let
+  app = composerEnv.buildPackage (
+    import ./php-packages.nix { inherit composerEnv fetchurl; } //
+    mylibs.fetchedGitPrivate ./tellesflorian.json //
+    rec {
+      noDev = (environment == "prod");
+      preInstall = ''
+        export SYMFONY_ENV="${environment}"
+        '';
+      postInstall = ''
+        cd $out
+        rm app/config/parameters.yml
+        ln -sf /var/secrets/webapps/${environment}-tellesflorian app/config/parameters.yml
+        rm -rf var/{logs,cache}
+        ln -sf ${varDir}/var/{logs,cache,sessions} var/
+        '';
+      passthru = {
+        inherit varDir environment;
+        webRoot = "${app}/web";
+      };
+    });
+in app
diff --git a/nixops/modules/websites/tellesflorian/php-packages.nix b/pkgs/private/webapps/tellesflorian/php-packages.nix
index 0c7e00c..0c7e00c 100644
--- a/nixops/modules/websites/tellesflorian/php-packages.nix
+++ b/pkgs/private/webapps/tellesflorian/php-packages.nix
diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.json b/pkgs/private/webapps/tellesflorian/tellesflorian.json
index 81b42af..81b42af 100644
--- a/nixops/modules/websites/tellesflorian/tellesflorian.json
+++ b/pkgs/private/webapps/tellesflorian/tellesflorian.json

diff --git a/nixops/modules/websites/tellesflorian/default.nix b/nixops/modules/websites/tellesflorian/default.nix index f86b0c5..381476c 100644 --- a/nixops/modules/websites/tellesflorian/default.nix +++ b/nixops/modules/websites/tellesflorian/default.nix
@@ -1,13 +1,13 @@
1	{ lib, pkgs, config, myconfig, mylibs, ... }:	1	{ lib, pkgs, config, myconfig, mylibs, ... }:
2	let	2	let
3	adminer = pkgs.callPackage ../commons/adminer.nix {};	3	adminer = pkgs.callPackage ../commons/adminer.nix {};
4		4
5	tellesflorian = pkgs.callPackage ./tellesflorian.nix { inherit (mylibs) fetchedGitPrivate; };	5	tellesflorian_dev = pkgs.callPackage ./tellesflorian.nix {
6	tellesflorian_dev = tellesflorian {	6	inherit (pkgs.private.webapps) tellesflorian;
7	config = myconfig.env.websites.tellesflorian.integration;	7	config = myconfig.env.websites.tellesflorian.integration;
8	};	8	};
9		9
10	cfg = config.services.myWebsites.TellesFlorian;	10	cfg = config.services.myWebsites.TellesFlorian;
11	in {	11	in {
12	options.services.myWebsites.TellesFlorian = {	12	options.services.myWebsites.TellesFlorian = {
13	integration = {	13	integration = {
@@ -24,7 +24,7 @@ in {
24	system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript;	24	system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript;
25	system.extraSystemBuilderCmds = ''	25	system.extraSystemBuilderCmds = ''
26	mkdir -p $out/webapps	26	mkdir -p $out/webapps
27	ln -s ${tellesflorian_dev.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}	27	ln -s ${tellesflorian_dev.app.webRoot} $out/webapps/${tellesflorian_dev.apache.webappName}
28	'';	28	'';
29	services.myWebsites.integration.modules = adminer.apache.modules ++ tellesflorian_dev.apache.modules;	29	services.myWebsites.integration.modules = adminer.apache.modules ++ tellesflorian_dev.apache.modules;
30	services.myWebsites.integration.vhostConfs.tellesflorian = {	30	services.myWebsites.integration.vhostConfs.tellesflorian = {


diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.nix b/nixops/modules/websites/tellesflorian/tellesflorian.nix index afd723c..5955431 100644 --- a/nixops/modules/websites/tellesflorian/tellesflorian.nix +++ b/nixops/modules/websites/tellesflorian/tellesflorian.nix
@@ -1,175 +1,154 @@
1	{ lib, writeText, fetchedGitPrivate, fetchurl, stdenv, composerEnv }:	1	{ tellesflorian, config }:
2	let	2	rec {
3	tellesflorian = { config }: rec {	3	app = tellesflorian.override { inherit (config) environment; };
4	environment = config.environment;	4	keys = [
5	varDir = "/var/lib/tellesflorian_${environment}";	5	{
6	keys = [	6	dest = "webapps/${app.environment}-tellesflorian-passwords";
7	{	7	user = apache.user;
8	dest = "webapps/${environment}-tellesflorian-passwords";	8	group = apache.group;
9	user = apache.user;	9	permissions = "0400";
10	group = apache.group;	10	text = ''
11	permissions = "0400";	11	invite:${config.invite_passwords}
12	text = ''	12	'';
13	invite:${config.invite_passwords}	13	}
14	'';	14	{
15	}	15	dest = "webapps/${app.environment}-tellesflorian";
16	{	16	user = apache.user;
17	dest = "webapps/${environment}-tellesflorian";	17	group = apache.group;
18	user = apache.user;	18	permissions = "0400";
19	group = apache.group;	19	text = ''
20	permissions = "0400";	20	# This file is auto-generated during the composer install
21	text = ''	21	parameters:
22	# This file is auto-generated during the composer install	22	database_host: ${config.mysql.host}
23	parameters:	23	database_port: ${config.mysql.port}
24	database_host: ${config.mysql.host}	24	database_name: ${config.mysql.name}
25	database_port: ${config.mysql.port}	25	database_user: ${config.mysql.user}
26	database_name: ${config.mysql.name}	26	database_password: ${config.mysql.password}
27	database_user: ${config.mysql.user}	27	mailer_transport: smtp
28	database_password: ${config.mysql.password}	28	mailer_host: 127.0.0.1
29	mailer_transport: smtp	29	mailer_user: null
30	mailer_host: 127.0.0.1	30	mailer_password: null
31	mailer_user: null	31	secret: ${config.secret}
32	mailer_password: null	32	'';
33	secret: ${config.secret}	33	}
34	'';	34	];
35	}	35	phpFpm = rec {
36	];	36	preStart = ''
37	phpFpm = rec {	37	if [ ! -f "${app.varDir}/currentWebappDir" -o \
38	preStart = ''	38	! -f "${app.varDir}/currentKey" -o \
39	if [ ! -f "${varDir}/currentWebappDir" -o \	39	"${app}" != "$(cat ${app.varDir}/currentWebappDir 2>/dev/null)" ] \
40	! -f "${varDir}/currentKey" -o \	40	\|\| ! sha512sum -c --status ${app.varDir}/currentKey; then
41	"${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \	41	pushd ${app} > /dev/null
42	\|\| ! sha512sum -c --status ${varDir}/currentKey; then	42	/run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${app.environment} cache:clear --no-warmup
43	pushd ${webappDir} > /dev/null	43	popd > /dev/null
44	/run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup	44	echo -n "${app}" > ${app.varDir}/currentWebappDir
45	popd > /dev/null	45	sha512sum /var/secrets/webapps/${app.environment}-tellesflorian > ${app.varDir}/currentKey
46	echo -n "${webappDir}" > ${varDir}/currentWebappDir	46	fi
47	sha512sum /var/secrets/webapps/${environment}-tellesflorian > ${varDir}/currentKey	47	'';
48	fi	48	serviceDeps = [ "mysql.service" ];
49	'';	49	socket = "/var/run/phpfpm/floriantelles-${app.environment}.sock";
50	serviceDeps = [ "mysql.service" ];	50	pool = ''
51	socket = "/var/run/phpfpm/floriantelles-${environment}.sock";	51	listen = ${socket}
52	pool = ''	52	user = ${apache.user}
53	listen = ${socket}	53	group = ${apache.group}
54	user = ${apache.user}	54	listen.owner = ${apache.user}
55	group = ${apache.group}	55	listen.group = ${apache.group}
56	listen.owner = ${apache.user}	56	php_admin_value[upload_max_filesize] = 20M
57	listen.group = ${apache.group}	57	php_admin_value[post_max_size] = 20M
58	php_admin_value[upload_max_filesize] = 20M	58	;php_admin_flag[log_errors] = on
59	php_admin_value[post_max_size] = 20M	59	php_admin_value[open_basedir] = "/var/secrets/webapps/${app.environment}-tellesflorian:${app}:${app.varDir}:/tmp"
60	;php_admin_flag[log_errors] = on	60	php_admin_value[session.save_path] = "${app.varDir}/phpSessions"
61	php_admin_value[open_basedir] = "/var/secrets/webapps/${environment}-tellesflorian:${webappDir}:${varDir}:/tmp"	61	${if app.environment == "dev" then ''
62	php_admin_value[session.save_path] = "${varDir}/phpSessions"	62	pm = ondemand
63	${if environment == "dev" then ''	63	pm.max_children = 5
64	pm = ondemand	64	pm.process_idle_timeout = 60
65	pm.max_children = 5	65	env[SYMFONY_DEBUG_MODE] = "yes"
66	pm.process_idle_timeout = 60	66	'' else ''
67	env[SYMFONY_DEBUG_MODE] = "yes"	67	pm = dynamic
68	'' else ''	68	pm.max_children = 20
69	pm = dynamic	69	pm.start_servers = 2
70	pm.max_children = 20	70	pm.min_spare_servers = 1
71	pm.start_servers = 2	71	pm.max_spare_servers = 3
72	pm.min_spare_servers = 1	72	''}'';
73	pm.max_spare_servers = 3	73	};
74	''}'';	74	apache = rec {
75	};	75	user = "wwwrun";
76	apache = rec {	76	group = "wwwrun";
77	user = "wwwrun";	77	modules = [ "proxy_fcgi" ];
78	group = "wwwrun";	78	webappName = "florian_${app.environment}";
79	modules = [ "proxy_fcgi" ];	79	root = "/run/current-system/webapps/${webappName}";
80	webappName = "florian_${environment}";	80	vhostConf = ''
81	root = "/run/current-system/webapps/${webappName}";	81	<FilesMatch "\.php$">
82	vhostConf = ''	82	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
83	<FilesMatch "\.php$">	83	</FilesMatch>
84	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
85	</FilesMatch>
86		84
87	${if environment == "dev" then ''	85	${if app.environment == "dev" then ''
88	<Location />	86	<Location />
89	AuthBasicProvider file ldap	87	AuthBasicProvider file ldap
90	Use LDAPConnect	88	Use LDAPConnect
91	Require ldap-group cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu	89	Require ldap-group cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu
92		90
93	AuthUserFile "/var/secrets/webapps/${environment}-tellesflorian-passwords"	91	AuthUserFile "/var/secrets/webapps/${app.environment}-tellesflorian-passwords"
94	Require user "invite"	92	Require user "invite"
95		93
96	ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"	94	ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
97	</Location>	95	</Location>
98		96
99	<Directory ${root}>	97	<Directory ${root}>
100	Options Indexes FollowSymLinks MultiViews Includes	98	Options Indexes FollowSymLinks MultiViews Includes
101	AllowOverride None	99	AllowOverride None
102	Require all granted	100	Require all granted
103		101
104	DirectoryIndex app_dev.php	102	DirectoryIndex app_dev.php
105		103
106	<IfModule mod_negotiation.c>	104	<IfModule mod_negotiation.c>
107	Options -MultiViews	105	Options -MultiViews
108	</IfModule>	106	</IfModule>
109		107
110	<IfModule mod_rewrite.c>	108	<IfModule mod_rewrite.c>
111	RewriteEngine On	109	RewriteEngine On
112		110
113	RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$	111	RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
114	RewriteRule ^(.*) - [E=BASE:%1]	112	RewriteRule ^(.*) - [E=BASE:%1]
115		113
116	# Maintenance script	114	# Maintenance script
117	RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f	115	RewriteCond %{DOCUMENT_ROOT}/maintenance.php -f
118	RewriteCond %{SCRIPT_FILENAME} !maintenance.php	116	RewriteCond %{SCRIPT_FILENAME} !maintenance.php
119	RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L]	117	RewriteRule ^.*$ %{ENV:BASE}/maintenance.php [R=503,L]
120	ErrorDocument 503 /maintenance.php	118	ErrorDocument 503 /maintenance.php
121		119
122	# Sets the HTTP_AUTHORIZATION header removed by Apache	120	# Sets the HTTP_AUTHORIZATION header removed by Apache
123	RewriteCond %{HTTP:Authorization} .	121	RewriteCond %{HTTP:Authorization} .
124	RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]	122	RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
125		123
126	RewriteCond %{ENV:REDIRECT_STATUS} ^$	124	RewriteCond %{ENV:REDIRECT_STATUS} ^$
127	RewriteRule ^app_dev\.php(?:/(.*)\|$) %{ENV:BASE}/$1 [R=301,L]	125	RewriteRule ^app_dev\.php(?:/(.*)\|$) %{ENV:BASE}/$1 [R=301,L]
128		126
129	# If the requested filename exists, simply serve it.	127	# If the requested filename exists, simply serve it.
130	# We only want to let Apache serve files and not directories.	128	# We only want to let Apache serve files and not directories.
131	RewriteCond %{REQUEST_FILENAME} -f	129	RewriteCond %{REQUEST_FILENAME} -f
132	RewriteRule ^ - [L]	130	RewriteRule ^ - [L]
133		131
134	# Rewrite all other queries to the front controller.	132	# Rewrite all other queries to the front controller.
135	RewriteRule ^ %{ENV:BASE}/app_dev.php [L]	133	RewriteRule ^ %{ENV:BASE}/app_dev.php [L]
136	</IfModule>	134	</IfModule>
137		135
138	</Directory>	136	</Directory>
139	'' else ''	137	'' else ''
140	<Directory ${root}>	138	<Directory ${root}>
141	Options Indexes FollowSymLinks MultiViews Includes	139	Options Indexes FollowSymLinks MultiViews Includes
142	AllowOverride All	140	AllowOverride All
143	Require all granted	141	Require all granted
144	</Directory>	142	</Directory>
145	''}	143	''}
146	'';	144	'';
147	};	145	};
148	activationScript = {	146	activationScript = {
149	deps = [ "wrappers" ];	147	deps = [ "wrappers" ];
150	text = ''	148	text = ''
151	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \	149	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${app.varDir} \
152	${varDir}/var	150	${app.varDir}/var
153	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions	151	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${app.varDir}/phpSessions
154	'';	152	'';
155	};
156	webappDir = composerEnv.buildPackage (
157	import ./php-packages.nix { inherit composerEnv fetchurl; } //
158	fetchedGitPrivate ./tellesflorian.json //
159	rec {
160	noDev = (environment == "prod");
161	preInstall = ''
162	export SYMFONY_ENV="${environment}"
163	'';
164	postInstall = ''
165	cd $out
166	rm app/config/parameters.yml
167	ln -sf /var/secrets/webapps/${environment}-tellesflorian app/config/parameters.yml
168	rm -rf var/{logs,cache}
169	ln -sf ${varDir}/var/{logs,cache,sessions} var/
170	'';
171	});
172	webRoot = "${webappDir}/web";
173	};	153	};
174	in	154	}
175	tellesflorian


diff --git a/pkgs/private/webapps/default.nix b/pkgs/private/webapps/default.nix index 9acff98..46ad31c 100644 --- a/pkgs/private/webapps/default.nix +++ b/pkgs/private/webapps/default.nix
@@ -4,4 +4,5 @@ rec {
4	connexionswing = callPackage ./connexionswing { inherit composerEnv mylibs;};	4	connexionswing = callPackage ./connexionswing { inherit composerEnv mylibs;};
5	ludivinecassal = callPackage ./ludivinecassal { inherit composerEnv mylibs; };	5	ludivinecassal = callPackage ./ludivinecassal { inherit composerEnv mylibs; };
6	piedsjaloux = callPackage ./piedsjaloux { inherit composerEnv mylibs; };	6	piedsjaloux = callPackage ./piedsjaloux { inherit composerEnv mylibs; };
		7	tellesflorian = callPackage ./tellesflorian { inherit composerEnv mylibs; };
7	}	8	}


diff --git a/pkgs/private/webapps/tellesflorian/default.nix b/pkgs/private/webapps/tellesflorian/default.nix new file mode 100644 index 0000000..b1ccb98 --- /dev/null +++ b/pkgs/private/webapps/tellesflorian/default.nix
@@ -0,0 +1,25 @@
		1	{ environment ? "prod"
		2	, varDir ? "/var/lib/tellesflorian_${environment}"
		3	, composerEnv, fetchurl, mylibs }:
		4	let
		5	app = composerEnv.buildPackage (
		6	import ./php-packages.nix { inherit composerEnv fetchurl; } //
		7	mylibs.fetchedGitPrivate ./tellesflorian.json //
		8	rec {
		9	noDev = (environment == "prod");
		10	preInstall = ''
		11	export SYMFONY_ENV="${environment}"
		12	'';
		13	postInstall = ''
		14	cd $out
		15	rm app/config/parameters.yml
		16	ln -sf /var/secrets/webapps/${environment}-tellesflorian app/config/parameters.yml
		17	rm -rf var/{logs,cache}
		18	ln -sf ${varDir}/var/{logs,cache,sessions} var/
		19	'';
		20	passthru = {
		21	inherit varDir environment;
		22	webRoot = "${app}/web";
		23	};
		24	});
		25	in app


diff --git a/nixops/modules/websites/tellesflorian/php-packages.nix b/pkgs/private/webapps/tellesflorian/php-packages.nix index 0c7e00c..0c7e00c 100644 --- a/nixops/modules/websites/tellesflorian/php-packages.nix +++ b/pkgs/private/webapps/tellesflorian/php-packages.nix


diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.json b/pkgs/private/webapps/tellesflorian/tellesflorian.json index 81b42af..81b42af 100644 --- a/nixops/modules/websites/tellesflorian/tellesflorian.json +++ b/pkgs/private/webapps/tellesflorian/tellesflorian.json