X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=systems%2Feldiron%2Fdatabases%2Fredis.nix;fp=modules%2Fprivate%2Fdatabases%2Fredis.nix;h=1f57aa98cd2c99121a10887ec97f9ca8a2fefd69;hp=685fa464cf60efdb7f7ef64a1e9008c4590cd769;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hpb=fa25ffd4583cc362075cd5e1b4130f33306103f0 diff --git a/modules/private/databases/redis.nix b/systems/eldiron/databases/redis.nix similarity index 56% rename from modules/private/databases/redis.nix rename to systems/eldiron/databases/redis.nix index 685fa46..1f57aa9 100644 --- a/modules/private/databases/redis.nix +++ b/systems/eldiron/databases/redis.nix @@ -32,16 +32,21 @@ in { config = lib.mkIf cfg.enable { users.users.redis.uid = config.ids.uids.redis; users.groups.redis.gid = config.ids.gids.redis; - services.redis = rec { + services.redis.servers."" = { enable = true; bind = "127.0.0.1"; unixSocket = cfg.sockets.redis; - extraConfig = '' - unixsocketperm 777 - maxclients 1024 - ''; + unixSocketPerm = 777; + maxclients = 1024; }; systemd.services.redis.serviceConfig.Slice = "redis.slice"; + systemd.services.redis.serviceConfig.RuntimeDirectoryMode = lib.mkForce "0755"; + services.redis.servers."php-sessions" = { + enable = true; + maxclients = 1024; + unixSocketPerm = 777; + user = "wwwrun"; + }; services.spiped = { enable = true; @@ -68,38 +73,38 @@ in { script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/redis.spec`"; }; - services.filesWatcher.predixy = { - restart = true; - paths = [ config.secrets.fullPaths."redis/predixy.conf" ]; - }; + #services.filesWatcher.predixy = { + # restart = true; + # paths = [ config.secrets.fullPaths."redis/predixy.conf" ]; + #}; - networking.firewall.allowedTCPPorts = [ 7617 16379 ]; + networking.firewall.allowedTCPPorts = [ 16379 ]; secrets.keys = { - "redis/predixy.conf" = { - user = "redis"; - group = "redis"; - permissions = "0400"; - text = '' - Name Predixy - Bind 127.0.0.1:7617 - ClientTimeout 300 - WorkerThreads 1 + #"redis/predixy.conf" = { + # user = "redis"; + # group = "redis"; + # permissions = "0400"; + # text = '' + # Name Predixy + # Bind 127.0.0.1:7617 + # ClientTimeout 300 + # WorkerThreads 1 - Authority { - Auth "${config.myEnv.databases.redis.predixy.read}" { - Mode read - } - } + # Authority { + # Auth "${config.myEnv.databases.redis.predixy.read}" { + # Mode read + # } + # } - StandaloneServerPool { - Databases 16 - RefreshMethod fixed - Group shard001 { - + ${config.myEnv.databases.redis.socket} - } - } - ''; - }; + # StandaloneServerPool { + # Databases 16 + # RefreshMethod fixed + # Group shard001 { + # + ${config.myEnv.databases.redis.socket} + # } + # } + # ''; + #}; "redis/spiped_keyfile" = { user = "spiped"; group = "spiped"; @@ -112,22 +117,22 @@ in { description = "Redis slice"; }; - systemd.services.predixy = { - description = "Redis proxy"; - wantedBy = [ "multi-user.target" ]; - after = [ "redis.service" ]; + #systemd.services.predixy = { + # description = "Redis proxy"; + # wantedBy = [ "multi-user.target" ]; + # after = [ "redis.service" ]; - serviceConfig = { - Slice = "redis.slice"; - User = "redis"; - Group = "redis"; - SupplementaryGroups = "keys"; - Type = "simple"; + # serviceConfig = { + # Slice = "redis.slice"; + # User = "redis"; + # Group = "redis"; + # SupplementaryGroups = "keys"; + # Type = "simple"; - ExecStart = "${pkgs.predixy}/bin/predixy ${config.secrets.fullPaths."redis/predixy.conf"}"; - }; + # ExecStart = "${pkgs.predixy}/bin/predixy ${config.secrets.fullPaths."redis/predixy.conf"}"; + # }; - }; + #}; }; }