diff options
Diffstat (limited to 'nixops/modules/websites/piedsjaloux')
-rw-r--r-- | nixops/modules/websites/piedsjaloux/default.nix | 4 | ||||
-rw-r--r-- | nixops/modules/websites/piedsjaloux/piedsjaloux.nix | 14 |
2 files changed, 9 insertions, 9 deletions
diff --git a/nixops/modules/websites/piedsjaloux/default.nix b/nixops/modules/websites/piedsjaloux/default.nix index 57849a3..b2bd2fd 100644 --- a/nixops/modules/websites/piedsjaloux/default.nix +++ b/nixops/modules/websites/piedsjaloux/default.nix | |||
@@ -25,7 +25,7 @@ in { | |||
25 | 25 | ||
26 | config = lib.mkMerge [ | 26 | config = lib.mkMerge [ |
27 | (lib.mkIf cfg.production.enable { | 27 | (lib.mkIf cfg.production.enable { |
28 | deployment.keys = piedsjaloux_prod.keys; | 28 | mySecrets.keys = piedsjaloux_prod.keys; |
29 | services.myWebsites.commons.stats.enable = true; | 29 | services.myWebsites.commons.stats.enable = true; |
30 | services.myWebsites.commons.stats.sites = [ | 30 | services.myWebsites.commons.stats.sites = [ |
31 | { | 31 | { |
@@ -58,7 +58,7 @@ in { | |||
58 | }; | 58 | }; |
59 | }) | 59 | }) |
60 | (lib.mkIf cfg.integration.enable { | 60 | (lib.mkIf cfg.integration.enable { |
61 | deployment.keys = piedsjaloux_dev.keys; | 61 | mySecrets.keys = piedsjaloux_dev.keys; |
62 | security.acme.certs."eldiron".extraDomains."piedsjaloux.immae.eu" = null; | 62 | security.acme.certs."eldiron".extraDomains."piedsjaloux.immae.eu" = null; |
63 | services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux_dev.phpFpm.preStart; | 63 | services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux_dev.phpFpm.preStart; |
64 | services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux_dev.phpFpm.serviceDeps; | 64 | services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux_dev.phpFpm.serviceDeps; |
diff --git a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix index 87699db..5461e5d 100644 --- a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix +++ b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix | |||
@@ -3,8 +3,8 @@ let | |||
3 | piedsjaloux = { config }: rec { | 3 | piedsjaloux = { config }: rec { |
4 | environment = config.environment; | 4 | environment = config.environment; |
5 | varDir = "/var/lib/piedsjaloux_${environment}"; | 5 | varDir = "/var/lib/piedsjaloux_${environment}"; |
6 | keys."${environment}-piedsjaloux" = { | 6 | keys = [{ |
7 | destDir = "/run/keys/webapps"; | 7 | dest = "webapps/${environment}-piedsjaloux"; |
8 | user = apache.user; | 8 | user = apache.user; |
9 | group = apache.group; | 9 | group = apache.group; |
10 | permissions = "0400"; | 10 | permissions = "0400"; |
@@ -26,7 +26,7 @@ let | |||
26 | leapt_im: | 26 | leapt_im: |
27 | binary_path: ${imagemagick}/bin | 27 | binary_path: ${imagemagick}/bin |
28 | ''; | 28 | ''; |
29 | }; | 29 | }]; |
30 | phpFpm = rec { | 30 | phpFpm = rec { |
31 | preStart = '' | 31 | preStart = '' |
32 | if [ ! -f "${varDir}/currentWebappDir" -o \ | 32 | if [ ! -f "${varDir}/currentWebappDir" -o \ |
@@ -37,10 +37,10 @@ let | |||
37 | /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup | 37 | /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup |
38 | popd > /dev/null | 38 | popd > /dev/null |
39 | echo -n "${webappDir}" > ${varDir}/currentWebappDir | 39 | echo -n "${webappDir}" > ${varDir}/currentWebappDir |
40 | sha512sum /run/keys/webapps/${environment}-piedsjaloux > ${varDir}/currentKey | 40 | sha512sum /var/secrets/webapps/${environment}-piedsjaloux > ${varDir}/currentKey |
41 | fi | 41 | fi |
42 | ''; | 42 | ''; |
43 | serviceDeps = [ "mysql.service" "${environment}-piedsjaloux-key.service" ]; | 43 | serviceDeps = [ "mysql.service" ]; |
44 | socket = "/var/run/phpfpm/piedsjaloux-${environment}.sock"; | 44 | socket = "/var/run/phpfpm/piedsjaloux-${environment}.sock"; |
45 | pool = '' | 45 | pool = '' |
46 | listen = ${socket} | 46 | listen = ${socket} |
@@ -51,7 +51,7 @@ let | |||
51 | php_admin_value[upload_max_filesize] = 20M | 51 | php_admin_value[upload_max_filesize] = 20M |
52 | php_admin_value[post_max_size] = 20M | 52 | php_admin_value[post_max_size] = 20M |
53 | ;php_admin_flag[log_errors] = on | 53 | ;php_admin_flag[log_errors] = on |
54 | php_admin_value[open_basedir] = "/run/keys/webapps/${environment}-piedsjaloux:${webappDir}:${varDir}:/tmp" | 54 | php_admin_value[open_basedir] = "/var/secrets/webapps/${environment}-piedsjaloux:${webappDir}:${varDir}:/tmp" |
55 | php_admin_value[session.save_path] = "${varDir}/phpSessions" | 55 | php_admin_value[session.save_path] = "${varDir}/phpSessions" |
56 | env[PATH] = ${lib.makeBinPath [ pkgs.apg pkgs.unzip ]} | 56 | env[PATH] = ${lib.makeBinPath [ pkgs.apg pkgs.unzip ]} |
57 | ${if environment == "dev" then '' | 57 | ${if environment == "dev" then '' |
@@ -157,7 +157,7 @@ let | |||
157 | postInstall = '' | 157 | postInstall = '' |
158 | cd $out | 158 | cd $out |
159 | rm app/config/parameters.yml | 159 | rm app/config/parameters.yml |
160 | ln -sf /run/keys/webapps/${environment}-piedsjaloux app/config/parameters.yml | 160 | ln -sf /var/secrets/webapps/${environment}-piedsjaloux app/config/parameters.yml |
161 | rm -rf var/{logs,cache,data,miniatures,tmp} | 161 | rm -rf var/{logs,cache,data,miniatures,tmp} |
162 | ln -sf ${varDir}/{logs,cache,data,miniatures,tmp} var/ | 162 | ln -sf ${varDir}/{logs,cache,data,miniatures,tmp} var/ |
163 | ''; | 163 | ''; |