From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 01:35:06 +0200 Subject: Squash changes containing private information There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository --- .../private/websites/piedsjaloux/production.nix | 106 --------------------- 1 file changed, 106 deletions(-) delete mode 100644 modules/private/websites/piedsjaloux/production.nix (limited to 'modules/private/websites/piedsjaloux/production.nix') diff --git a/modules/private/websites/piedsjaloux/production.nix b/modules/private/websites/piedsjaloux/production.nix deleted file mode 100644 index 422c7f0..0000000 --- a/modules/private/websites/piedsjaloux/production.nix +++ /dev/null @@ -1,106 +0,0 @@ -{ lib, pkgs, config, ... }: -let - secrets = config.myEnv.websites.piedsjaloux.production; - app = pkgs.callPackage ./app { - composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; - environment = secrets.environment; - varDir = "/var/lib/piedsjaloux_production"; - secretsPath = config.secrets.fullPaths."websites/piedsjaloux/production"; - }; - cfg = config.myServices.websites.piedsjaloux.production; - pcfg = config.services.phpApplication; - texlive = pkgs.texlive.combine { inherit (pkgs.texlive) attachfile preprint scheme-small; }; -in { - options.myServices.websites.piedsjaloux.production.enable = lib.mkEnableOption "enable PiedsJaloux's website in production"; - - config = lib.mkIf cfg.enable { - services.webstats.sites = [ { name = "piedsjaloux.fr"; } ]; - services.phpApplication.apps.piedsjaloux_production = { - websiteEnv = "production"; - httpdUser = config.services.httpd.Prod.user; - httpdGroup = config.services.httpd.Prod.group; - inherit (app) webRoot varDir; - varDirPaths = { - "tmp" = "0700"; - }; - inherit app; - serviceDeps = [ "mysql.service" ]; - preStartActions = [ - "./bin/console --env=${app.environment} cache:clear --no-warmup" - ]; - phpOpenbasedir = [ "/tmp" ]; - phpPool = { - "php_admin_value[upload_max_filesize]" = "20M"; - "php_admin_value[post_max_size]" = "20M"; - #"php_admin_flag[log_errors]" = "on"; - "pm" = "dynamic"; - "pm.max_children" = "20"; - "pm.start_servers" = "2"; - "pm.min_spare_servers" = "1"; - "pm.max_spare_servers" = "3"; - }; - phpEnv = { - PATH = lib.makeBinPath [ - pkgs.apg pkgs.unzip - # below ones don't need to be in the PATH but they’re used in - # secrets - pkgs.imagemagick texlive - ]; - }; - phpWatchFiles = [ - app.secretsPath - ]; - phpPackage = pkgs.php72; - }; - - secrets.keys."websites/piedsjaloux/production" = { - user = config.services.httpd.Prod.user; - group = config.services.httpd.Prod.group; - permissions = "0400"; - text = '' - # This file is auto-generated during the composer install - parameters: - database_host: ${secrets.mysql.host} - database_port: ${secrets.mysql.port} - database_name: ${secrets.mysql.database} - database_user: ${secrets.mysql.user} - database_password: ${secrets.mysql.password} - database_server_version: ${pkgs.mariadb.mysqlVersion} - mailer_transport: smtp - mailer_host: 127.0.0.1 - mailer_user: null - mailer_password: null - secret: ${secrets.secret} - pdflatex: "${texlive}/bin/pdflatex" - leapt_im: - binary_path: ${pkgs.imagemagick}/bin - ''; - }; - - services.websites.env.production.vhostConfs.piedsjaloux_production = { - certName = "piedsjaloux"; - certMainHost = "piedsjaloux.fr"; - hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ]; - root = app.webRoot; - extraConfig = [ - '' - RewriteEngine on - RewriteCond "%{HTTP_HOST}" "!^www.piedsjaloux\.fr$" [NC] - RewriteRule ^(.+)$ https://www.piedsjaloux.fr$1 [R=302,L] - - - SetHandler "proxy:unix:${pcfg.phpListenPaths.piedsjaloux_production}|fcgi://localhost" - - - Use Stats piedsjaloux.fr - - - Options Indexes FollowSymLinks MultiViews Includes - AllowOverride All - Require all granted - - '' - ]; - }; - }; -} -- cgit v1.2.3