1 { lib, pkgs, config, ... }:
3 cfg = config.myServices.tools.cloud.farm;
4 apacheUser = config.services.httpd.Prod.user;
5 apacheGroup = config.services.httpd.Prod.group;
6 toVardir = name: "/var/lib/nextcloud_farm/${name}";
7 varDirs = lib.mapAttrsToList (name: v: toVardir name) cfg.instances;
8 toPhpBaseDir = name: [ cfg.rootDirs."${name}" (toVardir name) ] ++ cfg.rootDirs."${name}".apps;
9 phpBaseDir = builtins.concatStringsSep ":" (lib.unique (lib.flatten (lib.mapAttrsToList (name: v: toPhpBaseDir name) cfg.instances)));
11 SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
12 SetEnv NEXTCLOUD_CONFIG_DIR "${toVardir name}"
13 <Directory ${cfg.rootDirs."${name}"}>
15 DirectoryIndex index.php
16 Options FollowSymlinks
20 <IfModule mod_headers.c>
21 Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
25 SetHandler "proxy:unix:${config.services.phpfpm.pools.nextcloud_farm.socket}|fcgi://localhost"
30 phpPackage = (pkgs.php74.withExtensions({ enabled, all }: enabled ++ [ all.redis all.apcu all.opcache all.imagick ])).override { extraConfig = ''
36 options.myServices.tools.cloud.farm = {
37 instances = lib.mkOption {
38 description = "Instances names for the nextcloud Farm";
40 type = lib.types.attrsOf (lib.types.submodule {
42 nextcloud = lib.mkOption {
43 description = "Nextcloud version to use";
44 default = pkgs.webapps.nextcloud_20;
45 type = lib.types.package;
48 description = "Applications to use";
50 #type = functionTo (listOf packages)
51 type = lib.types.unspecified;
56 rootDirs = lib.mkOption {
57 description = "Instance root dirs";
59 type = lib.types.attrsOf lib.types.package;
60 default = lib.mapAttrs (name: v: (v.nextcloud.override { varDir = null; }).withApps v.apps) cfg.instances;
62 vhosts = lib.mkOption {
63 description = "Instance vhosts configs";
65 type = lib.types.attrsOf lib.types.str;
66 default = lib.mapAttrs (name: v: toVhost name) cfg.instances;
70 config = lib.mkIf (builtins.length (builtins.attrNames cfg.instances) > 0) {
71 system.activationScripts.cloud_farm_vardirs = {
74 install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${builtins.concatStringsSep " " varDirs}
75 install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/nextcloud_farm/phpSessions
78 systemd.services.phpfpm-nextcloud_farm.after = lib.mkAfter [ "postgresql.service" ];
79 systemd.services.phpfpm-nextcloud_farm.wants = [ "postgresql.service" ];
80 services.phpfpm.pools.nextcloud_farm = {
84 instanceNb = builtins.length (builtins.attrNames cfg.instances);
86 "listen.owner" = apacheUser;
87 "listen.group" = apacheGroup;
89 "pm.max_children" = builtins.toString (60 * instanceNb);
90 "pm.start_servers" = builtins.toString (3 * instanceNb);
91 "pm.min_spare_servers" = builtins.toString (3 * instanceNb);
92 "pm.max_spare_servers" = builtins.toString (5 * instanceNb);
93 "pm.process_idle_timeout" = "60";
95 "php_admin_value[output_buffering]" = "0";
96 "php_admin_value[max_execution_time]" = "1800";
97 "php_admin_value[zend_extension]" = "opcache";
98 "php_value[apcu.enable_cli]" = "1";
99 "php_value[apcu.enabled]" = "1";
100 #already enabled by default?
101 #"php_value[opcache.enable]" = "1";
102 "php_value[opcache.enable_cli]" = "1";
103 "php_value[opcache.interned_strings_buffer]" = "8";
104 "php_value[opcache.max_accelerated_files]" = "10000";
105 "php_value[opcache.memory_consumption]" = "128";
106 "php_value[opcache.save_comments]" = "1";
107 "php_value[opcache.revalidate_freq]" = "1";
108 "php_admin_value[memory_limit]" = "512M";
110 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${phpBaseDir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp";
111 "php_admin_value[session.save_path]" = "/var/lib/nextcloud_farm/phpSessions";
115 users.users.root.packages = let
116 toOcc = name: pkgs.writeScriptBin "nextcloud-occ-${name}" ''
117 #! ${pkgs.stdenv.shell}
118 cd ${cfg.rootDirs."${name}"}
119 NEXTCLOUD_CONFIG_DIR="${toVardir name}" \
121 sudo -E -u wwwrun ${phpPackage}/bin/php \
122 -c ${phpPackage}/etc/php.ini \
125 in lib.mapAttrsToList (name: v: toOcc name) cfg.instances;
129 toScript = name: pkgs.writeScriptBin "nextcloud-cron" ''
130 #! ${pkgs.stdenv.shell}
131 export LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive
132 export PATH=/run/wrappers/bin:$PATH
133 export NEXTCLOUD_CONFIG_DIR="${toVardir name}"
134 ${phpPackage}/bin/php -c ${phpPackage}/etc/php.ini -d memory_limit=512M -f ${cfg.rootDirs."${name}"}/cron.php
137 */15 * * * * wwwrun ${toScript name}/bin/nextcloud-cron
139 in lib.mapAttrsToList (name: v: toLine name) cfg.instances;