diff options
Diffstat (limited to 'nixops/modules/websites/aten')
-rw-r--r-- | nixops/modules/websites/aten/aten.nix | 12 | ||||
-rw-r--r-- | nixops/modules/websites/aten/default.nix | 4 |
2 files changed, 8 insertions, 8 deletions
diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix index 567dcd1..46a7361 100644 --- a/nixops/modules/websites/aten/aten.nix +++ b/nixops/modules/websites/aten/aten.nix | |||
@@ -13,10 +13,10 @@ let | |||
13 | /run/wrappers/bin/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup | 13 | /run/wrappers/bin/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup |
14 | popd > /dev/null | 14 | popd > /dev/null |
15 | echo -n "${webappDir}" > ${varDir}/currentWebappDir | 15 | echo -n "${webappDir}" > ${varDir}/currentWebappDir |
16 | sha512sum /run/keys/webapps/${environment}-aten > ${varDir}/currentKey | 16 | sha512sum /var/secrets/webapps/${environment}-aten > ${varDir}/currentKey |
17 | fi | 17 | fi |
18 | ''; | 18 | ''; |
19 | serviceDeps = [ "postgresql.service" "${environment}-aten-key.service" ]; | 19 | serviceDeps = [ "postgresql.service" ]; |
20 | socket = "/var/run/phpfpm/aten-${environment}.sock"; | 20 | socket = "/var/run/phpfpm/aten-${environment}.sock"; |
21 | pool = '' | 21 | pool = '' |
22 | listen = ${socket} | 22 | listen = ${socket} |
@@ -42,8 +42,8 @@ let | |||
42 | pm.max_spare_servers = 3 | 42 | pm.max_spare_servers = 3 |
43 | ''}''; | 43 | ''}''; |
44 | }; | 44 | }; |
45 | keys."${environment}-aten" = { | 45 | keys = [{ |
46 | destDir = "/run/keys/webapps"; | 46 | dest = "webapps/${environment}-aten"; |
47 | user = apache.user; | 47 | user = apache.user; |
48 | group = apache.group; | 48 | group = apache.group; |
49 | permissions = "0400"; | 49 | permissions = "0400"; |
@@ -52,7 +52,7 @@ let | |||
52 | SetEnv APP_SECRET "${config.secret}" | 52 | SetEnv APP_SECRET "${config.secret}" |
53 | SetEnv DATABASE_URL "${config.psql_url}" | 53 | SetEnv DATABASE_URL "${config.psql_url}" |
54 | ''; | 54 | ''; |
55 | }; | 55 | }]; |
56 | apache = rec { | 56 | apache = rec { |
57 | user = "wwwrun"; | 57 | user = "wwwrun"; |
58 | group = "wwwrun"; | 58 | group = "wwwrun"; |
@@ -64,7 +64,7 @@ let | |||
64 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | 64 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" |
65 | </FilesMatch> | 65 | </FilesMatch> |
66 | 66 | ||
67 | Include /run/keys/webapps/${environment}-aten | 67 | Include /var/secrets/webapps/${environment}-aten |
68 | 68 | ||
69 | ${if environment == "dev" then '' | 69 | ${if environment == "dev" then '' |
70 | <Location /> | 70 | <Location /> |
diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix index b0f7fdb..6f58d3c 100644 --- a/nixops/modules/websites/aten/default.nix +++ b/nixops/modules/websites/aten/default.nix | |||
@@ -25,7 +25,7 @@ in { | |||
25 | 25 | ||
26 | config = lib.mkMerge [ | 26 | config = lib.mkMerge [ |
27 | (lib.mkIf cfg.production.enable { | 27 | (lib.mkIf cfg.production.enable { |
28 | deployment.keys = aten_prod.keys; | 28 | mySecrets.keys = aten_prod.keys; |
29 | services.myWebsites.commons.stats.enable = true; | 29 | services.myWebsites.commons.stats.enable = true; |
30 | services.myWebsites.commons.stats.sites = [ | 30 | services.myWebsites.commons.stats.sites = [ |
31 | { | 31 | { |
@@ -59,7 +59,7 @@ in { | |||
59 | }; | 59 | }; |
60 | }) | 60 | }) |
61 | (lib.mkIf cfg.integration.enable { | 61 | (lib.mkIf cfg.integration.enable { |
62 | deployment.keys = aten_dev.keys; | 62 | mySecrets.keys = aten_dev.keys; |
63 | security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null; | 63 | security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null; |
64 | services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart; | 64 | services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart; |
65 | services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps; | 65 | services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps; |