diff options
Diffstat (limited to 'modules/private/websites/florian/app.nix')
-rw-r--r-- | modules/private/websites/florian/app.nix | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix index c65c26f..19a88b0 100644 --- a/modules/private/websites/florian/app.nix +++ b/modules/private/websites/florian/app.nix | |||
@@ -2,15 +2,19 @@ | |||
2 | let | 2 | let |
3 | adminer = pkgs.callPackage ../commons/adminer.nix { inherit config; }; | 3 | adminer = pkgs.callPackage ../commons/adminer.nix { inherit config; }; |
4 | secrets = config.myEnv.websites.tellesflorian.integration; | 4 | secrets = config.myEnv.websites.tellesflorian.integration; |
5 | app = pkgs.webapps.tellesflorian.override { environment = secrets.environment; }; | 5 | app = pkgs.callPackage ./app { |
6 | environment = secrets.environment; | ||
7 | varDir = "/var/lib/florian_app"; | ||
8 | secretsPath = config.secrets.fullPaths."websites/florian/app"; | ||
9 | }; | ||
6 | cfg = config.myServices.websites.florian.app; | 10 | cfg = config.myServices.websites.florian.app; |
7 | pcfg = config.services.phpApplication; | 11 | pcfg = config.services.phpApplication; |
8 | in { | 12 | in { |
9 | options.myServices.websites.florian.app.enable = lib.mkEnableOption "enable Florian's app in integration"; | 13 | options.myServices.websites.florian.app.enable = lib.mkEnableOption "enable Florian's app in integration"; |
10 | 14 | ||
11 | config = lib.mkIf cfg.enable { | 15 | config = lib.mkIf cfg.enable { |
12 | services.duplyBackup.profiles.tellesflorian_dev.rootDir = app.varDir; | 16 | services.duplyBackup.profiles.florian_app.rootDir = app.varDir; |
13 | services.phpApplication.apps.florian_dev = { | 17 | services.phpApplication.apps.florian_app = { |
14 | websiteEnv = "integration"; | 18 | websiteEnv = "integration"; |
15 | httpdUser = config.services.httpd.Inte.user; | 19 | httpdUser = config.services.httpd.Inte.user; |
16 | httpdGroup = config.services.httpd.Inte.group; | 20 | httpdGroup = config.services.httpd.Inte.group; |
@@ -33,16 +37,16 @@ in { | |||
33 | "pm.process_idle_timeout" = "60"; | 37 | "pm.process_idle_timeout" = "60"; |
34 | }; | 38 | }; |
35 | phpEnv = { | 39 | phpEnv = { |
36 | SYMFONY_DEBUG_MODE = "yes"; | 40 | SYMFONY_DEBUG_MODE = "\"yes\""; |
37 | }; | 41 | }; |
38 | phpWatchFiles = [ | 42 | phpWatchFiles = [ |
39 | config.secrets.fullPaths."webapps/${app.environment}-tellesflorian" | 43 | config.secrets.fullPaths."websites/florian/app" |
40 | ]; | 44 | ]; |
41 | }; | 45 | }; |
42 | 46 | ||
43 | secrets.keys = [ | 47 | secrets.keys = [ |
44 | { | 48 | { |
45 | dest = "webapps/${app.environment}-tellesflorian-passwords"; | 49 | dest = "websites/florian/app_passwords"; |
46 | user = config.services.httpd.Inte.user; | 50 | user = config.services.httpd.Inte.user; |
47 | group = config.services.httpd.Inte.group; | 51 | group = config.services.httpd.Inte.group; |
48 | permissions = "0400"; | 52 | permissions = "0400"; |
@@ -51,7 +55,7 @@ in { | |||
51 | ''; | 55 | ''; |
52 | } | 56 | } |
53 | { | 57 | { |
54 | dest = "webapps/${app.environment}-tellesflorian"; | 58 | dest = "websites/florian/app"; |
55 | user = config.services.httpd.Inte.user; | 59 | user = config.services.httpd.Inte.user; |
56 | group = config.services.httpd.Inte.group; | 60 | group = config.services.httpd.Inte.group; |
57 | permissions = "0400"; | 61 | permissions = "0400"; |
@@ -73,15 +77,15 @@ in { | |||
73 | ]; | 77 | ]; |
74 | 78 | ||
75 | services.websites.env.integration.modules = adminer.apache.modules; | 79 | services.websites.env.integration.modules = adminer.apache.modules; |
76 | services.websites.env.integration.vhostConfs.florian_dev = { | 80 | services.websites.env.integration.vhostConfs.florian_app = { |
77 | certName = "integration"; | 81 | certName = "integration"; |
78 | addToCerts = true; | 82 | addToCerts = true; |
79 | hosts = [ "app.tellesflorian.com" ]; | 83 | hosts = [ "app.tellesflorian.com" ]; |
80 | root = pcfg.webappDirs.florian_dev; | 84 | root = pcfg.webappDirs.florian_app; |
81 | extraConfig = [ | 85 | extraConfig = [ |
82 | '' | 86 | '' |
83 | <FilesMatch "\.php$"> | 87 | <FilesMatch "\.php$"> |
84 | SetHandler "proxy:unix:${pcfg.phpListenPaths.florian_dev}|fcgi://localhost" | 88 | SetHandler "proxy:unix:${pcfg.phpListenPaths.florian_app}|fcgi://localhost" |
85 | </FilesMatch> | 89 | </FilesMatch> |
86 | 90 | ||
87 | <Location /> | 91 | <Location /> |
@@ -89,13 +93,13 @@ in { | |||
89 | Use LDAPConnect | 93 | Use LDAPConnect |
90 | Require ldap-group cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu | 94 | Require ldap-group cn=app.tellesflorian.com,cn=httpd,ou=services,dc=immae,dc=eu |
91 | 95 | ||
92 | AuthUserFile "${config.secrets.fullPaths."webapps/${app.environment}-tellesflorian-passwords"}" | 96 | AuthUserFile "${config.secrets.fullPaths."websites/florian/app_passwords"}" |
93 | Require user "invite" | 97 | Require user "invite" |
94 | 98 | ||
95 | ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>" | 99 | ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>" |
96 | </Location> | 100 | </Location> |
97 | 101 | ||
98 | <Directory ${pcfg.webappDirs.florian_dev}> | 102 | <Directory ${pcfg.webappDirs.florian_app}> |
99 | Options Indexes FollowSymLinks MultiViews Includes | 103 | Options Indexes FollowSymLinks MultiViews Includes |
100 | AllowOverride None | 104 | AllowOverride None |
101 | Require all granted | 105 | Require all granted |