Squash changes containing private information

[perso/Immae/Config/Nix.git] / systems / eldiron / databases / redis.nix

diff --git a/modules/private/databases/redis.nix b/systems/eldiron/databases/redis.nix
similarity index 56%
rename from modules/private/databases/redis.nix
rename to systems/eldiron/databases/redis.nix
index 685fa464cf60efdb7f7ef64a1e9008c4590cd769..1f57aa98cd2c99121a10887ec97f9ca8a2fefd69 100644 (file)
--- a/modules/private/databases/redis.nix
+++ b/systems/eldiron/databases/redis.nix
@@ -32,16 +32,21 @@ in {
   config = lib.mkIf cfg.enable {
     users.users.redis.uid = config.ids.uids.redis;
     users.groups.redis.gid = config.ids.gids.redis;
-    services.redis = rec {
+    services.redis.servers."" = {
       enable = true;
       bind = "127.0.0.1";
       unixSocket = cfg.sockets.redis;
-      extraConfig = ''
-        unixsocketperm 777
-        maxclients 1024
-        '';
+      unixSocketPerm = 777;
+      maxclients = 1024;
     };
     systemd.services.redis.serviceConfig.Slice = "redis.slice";
+    systemd.services.redis.serviceConfig.RuntimeDirectoryMode = lib.mkForce "0755";
+    services.redis.servers."php-sessions" = {
+      enable = true;
+      maxclients = 1024;
+      unixSocketPerm = 777;
+      user = "wwwrun";
+    };
 
     services.spiped = {
       enable = true;
@@ -68,38 +73,38 @@ in {
       script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/redis.spec`";
     };
 
-    services.filesWatcher.predixy = {
-      restart = true;
-      paths = [ config.secrets.fullPaths."redis/predixy.conf" ];
-    };
+    #services.filesWatcher.predixy = {
+    #  restart = true;
+    #  paths = [ config.secrets.fullPaths."redis/predixy.conf" ];
+    #};
 
-    networking.firewall.allowedTCPPorts = [ 7617 16379 ];
+    networking.firewall.allowedTCPPorts = [ 16379 ];
     secrets.keys = {
-      "redis/predixy.conf" = {
-        user = "redis";
-        group = "redis";
-        permissions = "0400";
-        text = ''
-          Name Predixy
-          Bind 127.0.0.1:7617
-          ClientTimeout 300
-          WorkerThreads 1
+      #"redis/predixy.conf" = {
+      #  user = "redis";
+      #  group = "redis";
+      #  permissions = "0400";
+      #  text = ''
+      #    Name Predixy
+      #    Bind 127.0.0.1:7617
+      #    ClientTimeout 300
+      #    WorkerThreads 1
 
-          Authority {
-              Auth "${config.myEnv.databases.redis.predixy.read}" {
-                  Mode read
-              }
-          }
+      #    Authority {
+      #        Auth "${config.myEnv.databases.redis.predixy.read}" {
+      #            Mode read
+      #        }
+      #    }
 
-          StandaloneServerPool {
-            Databases 16
-            RefreshMethod fixed
-            Group shard001 {
-              + ${config.myEnv.databases.redis.socket}
-            }
-          }
-          '';
-      };
+      #    StandaloneServerPool {
+      #      Databases 16
+      #      RefreshMethod fixed
+      #      Group shard001 {
+      #        + ${config.myEnv.databases.redis.socket}
+      #      }
+      #    }
+      #    '';
+      #};
       "redis/spiped_keyfile" = {
         user = "spiped";
         group = "spiped";
@@ -112,22 +117,22 @@ in {
       description = "Redis slice";
     };
 
-    systemd.services.predixy = {
-      description = "Redis proxy";
-      wantedBy = [ "multi-user.target" ];
-      after = [ "redis.service" ];
+    #systemd.services.predixy = {
+    #  description = "Redis proxy";
+    #  wantedBy = [ "multi-user.target" ];
+    #  after = [ "redis.service" ];
 
-      serviceConfig = {
-        Slice = "redis.slice";
-        User = "redis";
-        Group = "redis";
-        SupplementaryGroups = "keys";
-        Type = "simple";
+    #  serviceConfig = {
+    #    Slice = "redis.slice";
+    #    User = "redis";
+    #    Group = "redis";
+    #    SupplementaryGroups = "keys";
+    #    Type = "simple";
 
-        ExecStart = "${pkgs.predixy}/bin/predixy ${config.secrets.fullPaths."redis/predixy.conf"}";
-      };
+    #    ExecStart = "${pkgs.predixy}/bin/predixy ${config.secrets.fullPaths."redis/predixy.conf"}";
+    #  };
 
-    };
+    #};
   };
 }