--- /dev/null
+{ pkgs, lib, config, ... }:
+let
+ env = config.myEnv.tools.status_engine;
+ package = pkgs.status_engine.interface.override({ config_file = config.secrets.fullPaths."status_engine_ui"; });
+ apacheRoot = "${package}/public";
+ cfg = config.myServices.websites.tools.performance;
+in
+{
+ options.myServices.websites.tools.performance = {
+ enable = lib.mkEnableOption "Enable performance website";
+ };
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = [
+ {
+ dest = "status_engine_ui";
+ permissions = "0400";
+ user = "wwwrun";
+ group = "wwwrun";
+ text = ''
+ allow_anonymous: 0
+ anonymous_can_submit_commands: 0
+ urls_without_login:
+ - login
+ - loginstate
+ auth_type: ldap
+ ldap_server: ${env.ldap.host}
+ ldap_use_ssl: 1
+ ldap_port: 636
+ ldap_bind_dn: ${env.ldap.dn}
+ ldap_bind_password: ${env.ldap.password}
+ ldap_base_dn: ${env.ldap.base}
+ ldap_filter: "${env.ldap.filter}"
+ ldap_attribute:
+ - memberOf
+ use_crate: 0
+ use_mysql: 1
+ mysql:
+ host: 127.0.0.1
+ port: ${env.mysql.port}
+ username: ${env.mysql.user}
+ password: ${env.mysql.password}
+ database: ${env.mysql.database}
+ display_perfdata: 1
+ perfdata_backend: mysql
+ '';
+ }
+ ];
+
+ services.websites.env.tools.modules = [ "proxy_fcgi" ];
+
+ services.websites.env.tools.vhostConfs.performance = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "performance.immae.eu" ];
+ root = apacheRoot;
+ extraConfig = [
+ ''
+ <Directory ${apacheRoot}>
+ DirectoryIndex index.html
+ AllowOverride None
+ Require all granted
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:${config.services.phpfpm.pools.status_engine.socket}|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ ''
+ ];
+ };
+
+ services.phpfpm.pools.status_engine = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = {
+ "listen.owner" = "wwwrun";
+ "listen.group" = "wwwrun";
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
+
+ "php_admin_value[open_basedir]" = "${package}:/tmp:/var/secrets/status_engine_ui";
+ };
+ phpPackage = pkgs.php74;
+ };
+
+ };
+}