Migrate php sessions to redis

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / cloud / farm.nix

diff --git a/modules/private/websites/tools/cloud/farm.nix b/modules/private/websites/tools/cloud/farm.nix
index de1cfaecb1056cdf5c62391c2dfa6e5a2bbf9889..1811200b42653e8c0ee60d26f4e758ba4065ce48 100644 (file)
--- a/modules/private/websites/tools/cloud/farm.nix
+++ b/modules/private/websites/tools/cloud/farm.nix
@@ -5,8 +5,7 @@ let
   apacheGroup = config.services.httpd.Prod.group;
   toVardir = name: "/var/lib/nextcloud_farm/${name}";
   varDirs = lib.mapAttrsToList (name: v: toVardir name) cfg.instances;
-  toPhpBaseDir = name: [ cfg.rootDirs."${name}" (toVardir name) ] ++ cfg.rootDirs."${name}".apps;
-  phpBaseDir = builtins.concatStringsSep ":" (lib.unique (lib.flatten (lib.mapAttrsToList (name: v: toPhpBaseDir name) cfg.instances)));
+  toPhpBaseDir = name: builtins.concatStringsSep ":" ([ cfg.rootDirs."${name}" (toVardir name) ] ++ cfg.rootDirs."${name}".apps);
   toVhost = name: ''
     SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
     SetEnv NEXTCLOUD_CONFIG_DIR "${toVardir name}"
@@ -22,7 +21,7 @@ let
       </IfModule>
       <FilesMatch "\.php$">
         CGIPassAuth on
-        SetHandler "proxy:unix:${config.services.phpfpm.pools.nextcloud_farm.socket}|fcgi://localhost"
+        SetHandler "proxy:unix:${config.services.phpfpm.pools.${"nextcloud_farm_" + name}.socket}|fcgi://localhost"
       </FilesMatch>
 
     </Directory>
@@ -72,24 +71,23 @@ in
       deps = [ "httpd" ];
       text = ''
         install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${builtins.concatStringsSep " " varDirs}
-        install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/nextcloud_farm/phpSessions
         '';
     };
-    systemd.services.phpfpm-nextcloud_farm.after = lib.mkAfter [ "postgresql.service" ];
-    systemd.services.phpfpm-nextcloud_farm.wants = [ "postgresql.service" ];
-    services.phpfpm.pools.nextcloud_farm = {
+    systemd.services = lib.mapAttrs' (k: v: lib.nameValuePair ("phpfpm-nextcloud_farm_" + k) {
+      after = lib.mkAfter [ "postgresql.service" ];
+      wants = [ "postgresql.service" ];
+    }) cfg.instances;
+    services.phpfpm.pools = lib.mapAttrs' (k: v: lib.nameValuePair ("nextcloud_farm_" + k) {
       user = apacheUser;
       group = apacheGroup;
-      settings = let
-        instanceNb = builtins.length (builtins.attrNames cfg.instances);
-      in {
+      settings = {
         "listen.owner" = apacheUser;
         "listen.group" = apacheGroup;
         "pm" = "dynamic";
-        "pm.max_children" = builtins.toString (60 * instanceNb);
-        "pm.start_servers" = builtins.toString (3 * instanceNb);
-        "pm.min_spare_servers" = builtins.toString (3 * instanceNb);
-        "pm.max_spare_servers" = builtins.toString (5 * instanceNb);
+        "pm.max_children" = "60";
+        "pm.start_servers" = "3";
+        "pm.min_spare_servers" = "3";
+        "pm.max_spare_servers" = "3";
         "pm.process_idle_timeout" = "60";
 
         "php_admin_value[output_buffering]" = "0";
@@ -107,11 +105,12 @@ in
         "php_value[opcache.revalidate_freq]" = "1";
         "php_admin_value[memory_limit]" = "512M";
 
-        "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${phpBaseDir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp";
-        "php_admin_value[session.save_path]" = "/var/lib/nextcloud_farm/phpSessions";
+        "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${toPhpBaseDir k}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp";
+        "php_admin_value[session.save_handler]" = "redis";
+        "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:NextcloudFarm:${k}:'";
       };
       inherit phpPackage;
-    };
+    }) cfg.instances;
     users.users.root.packages = let
       toOcc = name: pkgs.writeScriptBin "nextcloud-occ-${name}" ''
         #! ${pkgs.stdenv.shell}