with lib;
let
cfg = config.services.phpApplication;
- cfgByEnv = lists.groupBy (x: x.websiteEnv) (builtins.attrValues cfg);
+ cfgByEnv = lists.groupBy (x: x.websiteEnv) (builtins.attrValues cfg.apps);
in
{
- options = {
- services.phpApplication = with types; mkOption {
+ options = with types; {
+ services.phpApplication.apps = mkOption {
default = {};
description = ''
php applications to define
default = true;
description = "Handle phpsession files separately in vardir";
};
+ phpListen = mkOption {
+ type = nullOr str;
+ default = null;
+ description = "Name of the socket to listen to. Defaults to app name if null";
+ };
+ phpPool = mkOption {
+ type = lines;
+ default = "";
+ description = "Pool configuration to append";
+ };
+ phpOptions = mkOption {
+ type = lines;
+ default = "";
+ description = "php configuration to append";
+ };
+ phpOpenbasedir = mkOption {
+ type = listOf path;
+ default = [];
+ description = ''
+ paths to add to php open_basedir configuration in addition to app and vardir
+ '';
+ };
+ phpWatchFiles = mkOption {
+ type = listOf path;
+ default = [];
+ description = ''
+ Path to other files to watch to trigger preStart scripts
+ '';
+ };
websiteEnv = mkOption {
type = str;
description = ''
httpd group to run the prestart scripts as.
'';
};
+ httpdWatchFiles = mkOption {
+ type = listOf path;
+ default = [];
+ description = ''
+ Path to other files to watch to trigger httpd reload
+ '';
+ };
app = mkOption {
type = path;
description = ''
};
webappName = mkOption {
type = nullOr str;
+ default = null;
description = ''
Alias name for the app, to be used in services.websites.webappDirs
'';
List of systemd services this application depends on
'';
};
- watchFiles = mkOption {
- type = listOf path;
- default = [];
- description = ''
- Path to other files to watch to trigger preStart scripts
- '';
- };
};
});
};
+ # Read-only variables
+ services.phpApplication.phpListenPaths = mkOption {
+ type = attrsOf path;
+ default = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
+ name "/run/phpfpm/${if icfg.phpListen == null then name else icfg.phpListen}.sock"
+ ) cfg.apps;
+ readOnly = true;
+ description = ''
+ Full paths to listen for php
+ '';
+ };
+ services.phpApplication.webappDirs = mkOption {
+ type = attrsOf path;
+ default = attrsets.filterAttrs (n: v: builtins.hasAttr n cfg.apps) config.services.websites.webappDirsPaths;
+ readOnly = true;
+ description = ''
+ Stable name webapp dirs for httpd
+ '';
+ };
};
config = {
services.websites.env = attrsets.mapAttrs' (name: cfgs: attrsets.nameValuePair
name {
modules = [ "proxy_fcgi" ];
- watchPaths = builtins.concatLists (map (c: c.watchFiles) cfgs);
+ watchPaths = builtins.concatLists (map (c: c.httpdWatchFiles) cfgs);
}
) cfgByEnv;
+ services.phpfpm.pools = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
+ name {
+ listen = cfg.phpListenPaths."${name}";
+ extraConfig = ''
+ user = ${icfg.httpdUser}
+ group = ${icfg.httpdGroup}
+ listen.owner = ${icfg.httpdUser}
+ listen.group = ${icfg.httpdGroup}
+ ${optionalString (icfg.phpSession) ''
+ php_admin_value[session.save_path] = "${icfg.varDir}/phpSessions"''}
+ php_admin_value[open_basedir] = "${builtins.concatStringsSep ":" ([icfg.app icfg.varDir] ++ icfg.phpOpenbasedir)}"
+ '' + icfg.phpPool;
+ phpOptions = config.services.phpfpm.phpOptions + icfg.phpOptions;
+ }
+ ) cfg.apps;
+
services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
- icfg.webappName icfg.webRoot
- ) (attrsets.filterAttrs (n: v: !isNull v.webappName && !isNull v.webRoot) cfg);
+ (if icfg.webappName == null then name else icfg.webappName) icfg.webRoot
+ ) (attrsets.filterAttrs (n: v: !isNull v.webRoot) cfg.apps);
systemd.services = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
"phpfpm-${name}" {
wants = icfg.serviceDeps;
preStart = lib.mkAfter (optionalString (!isNull icfg.varDir) ''
watchFilesChanged() {
- ${optionalString (builtins.length icfg.watchFiles == 0) "return 0"}
+ ${optionalString (builtins.length icfg.phpWatchFiles == 0) "return 1"}
[ ! -f "${icfg.varDir}"/watchedFiles ] \
|| ! sha512sum -c --status ${icfg.varDir}/watchedFiles
}
"${icfg.app}" != "$(cat ${icfg.varDir}/currentWebappDir 2>/dev/null)" ]
}
updateWatchFiles() {
- ${optionalString (builtins.length icfg.watchFiles == 0) "return 0"}
- sha512sum ${builtins.concatStringsSep " " icfg.watchFiles} > ${icfg.varDir}/watchedFiles
+ ${optionalString (builtins.length icfg.phpWatchFiles == 0) "return 0"}
+ sha512sum ${builtins.concatStringsSep " " icfg.phpWatchFiles} > ${icfg.varDir}/watchedFiles
}
if watchFilesChanged || appDirChanged; then
fi
'');
}
- ) cfg;
+ ) cfg.apps;
system.activationScripts = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
name {
install -m 0700 -o ${icfg.httpdUser} -g ${icfg.httpdGroup} -d ${icfg.varDir}/phpSessions
'';
}
- ) cfg;
+ ) cfg.apps;
};
}
projects / perso / Immae / Config / Nix / NUR.git / commitdiff
