config = lib.mkIf cfg.enable {
secrets.keys = aten.keys;
- services.myPhpfpm.preStart.aten_dev = aten.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.aten_dev = aten.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.aten_dev = aten.phpFpm.pool;
+ systemd.services.phpfpm-aten_dev.preStart = lib.mkAfter aten.phpFpm.preStart;
+ systemd.services.phpfpm-aten_dev.after = lib.mkAfter aten.phpFpm.serviceDeps;
+ systemd.services.phpfpm-aten_dev.wants = aten.phpFpm.serviceDeps;
+ services.phpfpm.poolConfigs.aten_dev = aten.phpFpm.pool;
system.activationScripts.aten_dev = aten.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
secrets.keys = aten.keys;
services.webstats.sites = [ { name = "aten.pro"; } ];
- services.myPhpfpm.preStart.aten_prod = aten.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.aten_prod = aten.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.aten_prod = aten.phpFpm.pool;
+ systemd.services.phpfpm-aten_prod.preStart = lib.mkAfter aten.phpFpm.preStart;
+ systemd.services.phpfpm-aten_prod.after = lib.mkAfter aten.phpFpm.serviceDeps;
+ systemd.services.phpfpm-aten_prod.wants = aten.phpFpm.serviceDeps;
+ services.phpfpm.poolConfigs.aten_prod = aten.phpFpm.pool;
system.activationScripts.aten_prod = aten.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
serviceDeps = [ "mysql.service" ];
socket = "/var/run/phpfpm/chloe-${app.environment}.sock";
pool = ''
- listen = ${socket}
user = ${apacheUser}
group = ${apacheGroup}
listen.owner = ${apacheUser}
config = lib.mkIf cfg.enable {
secrets.keys = chloe.keys;
- services.myPhpfpm.serviceDependencies.chloe_dev = chloe.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.chloe_dev = chloe.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.chloe_dev = ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ systemd.services.phpfpm-chloe_dev.after = lib.mkAfter chloe.phpFpm.serviceDeps;
+ systemd.services.phpfpm-chloe_dev.wants = chloe.phpFpm.serviceDeps;
+ services.phpfpm.pools.chloe_dev = {
+ listen = chloe.phpFpm.socket;
+ extraConfig = chloe.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
'';
+ };
system.activationScripts.chloe_dev = chloe.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
secrets.keys = chloe.keys;
services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
- services.myPhpfpm.serviceDependencies.chloe_prod = chloe.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.chloe_prod = chloe.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.chloe_prod = ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ systemd.services.phpfpm-chloe_prod.after = lib.mkAfter chloe.phpFpm.serviceDeps;
+ systemd.services.phpfpm-chloe_prod.wants = chloe.phpFpm.serviceDeps;
+ services.phpfpm.pools.chloe_prod = {
+ listen = chloe.phpFpm.socket;
+ extraConfig = chloe.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
'';
+ };
system.activationScripts.chloe_prod = chloe.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
'';
pool = ''
- listen = ${socket}
user = ${apacheUser}
group = ${apacheGroup}
listen.owner = ${apacheUser}
config = lib.mkIf cfg.enable {
secrets.keys = connexionswing.keys;
- services.myPhpfpm.preStart.connexionswing_dev = connexionswing.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.connexionswing_dev = connexionswing.phpFpm.phpConfig;
+ systemd.services.phpfpm-connexionswing_dev.after = lib.mkAfter connexionswing.phpFpm.serviceDeps;
+ systemd.services.phpfpm-connexionswing_dev.wants = connexionswing.phpFpm.serviceDeps;
+ systemd.services.phpfpm-connexionswing_dev.preStart = lib.mkAfter connexionswing.phpFpm.preStart;
+ services.phpfpm.pools.connexionswing_dev = {
+ listen = connexionswing.phpFpm.socket;
+ extraConfig = connexionswing.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + connexionswing.phpFpm.phpConfig;
+ };
system.activationScripts.connexionswing_dev = connexionswing.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
secrets.keys = connexionswing.keys;
services.webstats.sites = [ { name = "connexionswing.com"; } ];
- services.myPhpfpm.preStart.connexionswing_prod = connexionswing.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing.phpFpm.pool;
- services.myPhpfpm.poolPhpConfigs.connexionswing_prod = connexionswing.phpFpm.phpConfig;
+ systemd.services.phpfpm-connexionswing_prod.after = lib.mkAfter connexionswing.phpFpm.serviceDeps;
+ systemd.services.phpfpm-connexionswing_prod.wants = connexionswing.phpFpm.serviceDeps;
+ systemd.services.phpfpm-connexionswing_prod.preStart = lib.mkAfter connexionswing.phpFpm.preStart;
+ services.phpfpm.pools.connexionswing_prod = {
+ listen = connexionswing.phpFpm.socket;
+ extraConfig = connexionswing.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + connexionswing.phpFpm.phpConfig;
+ };
system.activationScripts.connexionswing_prod = connexionswing.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
config = lib.mkIf cfg.enable {
secrets.keys = tellesflorian.keys;
- services.myPhpfpm.preStart.tellesflorian_dev = tellesflorian.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.tellesflorian_dev = tellesflorian.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool;
+ systemd.services.phpfpm-tellesflorian_dev.after = lib.mkAfter tellesflorian.phpFpm.serviceDeps;
+ systemd.services.phpfpm-tellesflorian_dev.wants = tellesflorian.phpFpm.serviceDeps;
+ systemd.services.phpfpm-tellesflorian_dev.preStart = lib.mkAfter tellesflorian.phpFpm.preStart;
+ services.phpfpm.poolConfigs.tellesflorian_dev = tellesflorian.phpFpm.pool;
system.activationScripts.tellesflorian_dev = tellesflorian.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "www.immae.eu"; } ];
- services.myPhpfpm.poolConfigs.immae = ''
+ services.phpfpm.poolConfigs.immae = ''
listen = /run/phpfpm/immae.sock
user = wwwrun
group = wwwrun
options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's website in production";
config = lib.mkIf cfg.enable {
- services.myPhpfpm.poolConfigs.leila = ''
+ services.phpfpm.poolConfigs.leila = ''
listen = /run/phpfpm/leila.sock
user = wwwrun
group = wwwrun
config = lib.mkIf cfg.enable {
secrets.keys = ludivinecassal.keys;
- services.myPhpfpm.preStart.ludivinecassal_dev = ludivinecassal.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.ludivinecassal_dev = ludivinecassal.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool;
+ systemd.services.phpfpm-ludivinecassal_dev.after = lib.mkAfter ludivinecassal.phpFpm.serviceDeps;
+ systemd.services.phpfpm-ludivinecassal_dev.wants = ludivinecassal.phpFpm.serviceDeps;
+ systemd.services.phpfpm-ludivinecassal_dev.preStart = lib.mkAfter ludivinecassal.phpFpm.preStart;
+ services.phpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal.phpFpm.pool;
system.activationScripts.ludivinecassal_dev = ludivinecassal.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
secrets.keys = ludivinecassal.keys;
services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
- services.myPhpfpm.preStart.ludivinecassal_prod = ludivinecassal.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.ludivinecassal_prod = ludivinecassal.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool;
+ systemd.services.phpfpm-ludivinecassal_prod.after = lib.mkAfter ludivinecassal.phpFpm.serviceDeps;
+ systemd.services.phpfpm-ludivinecassal_prod.wants = ludivinecassal.phpFpm.serviceDeps;
+ systemd.services.phpfpm-ludivinecassal_prod.preStart = lib.mkAfter ludivinecassal.phpFpm.preStart;
+ services.phpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal.phpFpm.pool;
system.activationScripts.ludivinecassal_prod = ludivinecassal.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
?>
'';
}];
- services.myPhpfpm.serviceDependencies.jerome = [ "mysql.service" ];
- services.myPhpfpm.poolConfigs.jerome = ''
- listen = /run/phpfpm/naturaloutil.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
+ systemd.services.phpfpm-jerome.after = lib.mkAfter [ "mysql.service" ];
+ systemd.services.phpfpm-jerome.wants = [ "mysql.service" ];
+ services.phpfpm.pools.jerome = {
+ listen = "/run/phpfpm/naturaloutil.sock";
+ extraConfig = ''
+ user = wwwrun
+ group = wwwrun
+ listen.owner = wwwrun
+ listen.group = wwwrun
- pm = ondemand
- pm.max_children = 5
- pm.process_idle_timeout = 60
+ pm = ondemand
+ pm.max_children = 5
+ pm.process_idle_timeout = 60
- env[BDD_CONNECT] = "/var/secrets/webapps/prod-naturaloutil"
- php_admin_value[open_basedir] = "/var/secrets/webapps/prod-naturaloutil:${varDir}:/tmp"
- '';
- services.myPhpfpm.poolPhpConfigs.jerome = ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
- '';
+ env[BDD_CONNECT] = "/var/secrets/webapps/prod-naturaloutil"
+ php_admin_value[open_basedir] = "/var/secrets/webapps/prod-naturaloutil:${varDir}:/tmp"
+ '';
+ phpOptions = config.services.phpfpm.phpOptions + ''
+ extension=${pkgs.php}/lib/php/extensions/mysqli.so
+ '';
+ };
services.websites.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
services.websites.production.vhostConfs.naturaloutil = {
certName = "naturaloutil";
config = lib.mkIf cfg.enable {
secrets.keys = piedsjaloux.keys;
- services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool;
+ systemd.services.phpfpm-piedsjaloux_dev.after = lib.mkAfter piedsjaloux.phpFpm.serviceDeps;
+ systemd.services.phpfpm-piedsjaloux_dev.wants = piedsjaloux.phpFpm.serviceDeps;
+ systemd.services.phpfpm-piedsjaloux_dev.preStart = lib.mkAfter piedsjaloux.phpFpm.preStart;
+ services.phpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux.phpFpm.pool;
system.activationScripts.piedsjaloux_dev = piedsjaloux.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
secrets.keys = piedsjaloux.keys;
services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
- services.myPhpfpm.preStart.piedsjaloux_prod = piedsjaloux.phpFpm.preStart;
- services.myPhpfpm.serviceDependencies.piedsjaloux_prod = piedsjaloux.phpFpm.serviceDeps;
- services.myPhpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool;
+ systemd.services.phpfpm-piedsjaloux_prod.after = lib.mkAfter piedsjaloux.phpFpm.serviceDeps;
+ systemd.services.phpfpm-piedsjaloux_prod.wants = piedsjaloux.phpFpm.serviceDeps;
+ systemd.services.phpfpm-piedsjaloux_prod.preStart = lib.mkAfter piedsjaloux.phpFpm.preStart;
+ services.phpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux.phpFpm.pool;
system.activationScripts.piedsjaloux_prod = piedsjaloux.activationScript;
system.extraSystemBuilderCmds = ''
mkdir -p $out/webapps
</Location>
'') env.taskwarrior-web);
};
- services.myPhpfpm.poolConfigs = {
+ services.phpfpm.poolConfigs = {
tasks = ''
listen = /var/run/phpfpm/task.sock
user = ${user}
./tools/diaspora.nix
./tools/ether.nix
./tools/peertube.nix
- # Adapted from base phpfpm
- ./phpfpm
];
config = {
ln -s ${adminer.webRoot} $out/webapps/${adminer.apache.webappName}
'';
- services.myPhpfpm = {
+ services.phpfpm = {
phpPackage = pkgs.php;
phpOptions = ''
session.save_path = "/var/lib/php/sessions"
+++ /dev/null
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
- cfg = config.services.myPhpfpm;
- enabled = cfg.poolConfigs != {} || cfg.pools != {};
-
- stateDir = "/run/phpfpm";
-
- poolConfigs = cfg.poolConfigs // mapAttrs mkPool cfg.pools;
-
- mkPool = n: p: ''
- listen = ${p.listen}
- ${p.extraConfig}
- '';
-
- fpmCfgFile = pool: poolConfig: pkgs.writeText "phpfpm-${pool}.conf" ''
- [global]
- error_log = syslog
- daemonize = no
- ${cfg.extraConfig}
-
- [${pool}]
- ${poolConfig}
- '';
-
- phpIni = poolPhpOptions: (pkgs.runCommand "php.ini" {
- inherit (cfg) phpPackage phpOptions;
- inherit poolPhpOptions;
- nixDefaults = ''
- sendmail_path = "/run/wrappers/bin/sendmail -t -i"
- '';
- passAsFile = [ "nixDefaults" "phpOptions" "poolPhpOptions" ];
- } ''
- cat $phpPackage/etc/php.ini $nixDefaultsPath $phpOptionsPath $poolPhpOptionsPath > $out
- '');
-
-in {
-
- options = {
- services.myPhpfpm = {
- extraConfig = mkOption {
- type = types.lines;
- default = "";
- description = ''
- Extra configuration that should be put in the global section of
- the PHP-FPM configuration file. Do not specify the options
- <literal>error_log</literal> or
- <literal>daemonize</literal> here, since they are generated by
- NixOS.
- '';
- };
-
- phpPackage = mkOption {
- type = types.package;
- default = pkgs.php;
- defaultText = "pkgs.php";
- description = ''
- The PHP package to use for running the PHP-FPM service.
- '';
- };
-
- phpOptions = mkOption {
- type = types.lines;
- default = "";
- example =
- ''
- date.timezone = "CET"
- '';
- description =
- "Options appended to the PHP configuration file <filename>php.ini</filename>.";
- };
-
- serviceDependencies = mkOption {
- default = {};
- type = types.attrsOf (types.listOf types.string);
- example = literalExample ''
- { mypool = ["postgresql.service"]; }
- '';
- description = ''
- Extra service dependencies specific to pool.
- '';
- };
-
- envFile = mkOption {
- default = {};
- type = types.attrsOf types.string;
- example = literalExample ''
- { mypool = "path/to/file";
- }
- '';
- description = ''
- Extra environment file go into the service script.
- '';
- };
-
- preStart = mkOption {
- default = {};
- type = types.attrsOf types.lines;
- example = literalExample ''
- { mypool = '''
- touch foo
- ''';
- }
- '';
- description = ''
- Extra lines that will go into the preStart systemd service
- '';
- };
-
- poolPhpConfigs = mkOption {
- default = {};
- type = types.attrsOf types.lines;
- example = literalExample ''
- { mypool = '''
- extension = some_extension.so
- ''';
- }
- '';
- description = ''
- Extra lines that go into the php configuration specific to pool.
- '';
- };
-
- poolConfigs = mkOption {
- default = {};
- type = types.attrsOf types.lines;
- example = literalExample ''
- { mypool = '''
- listen = /run/phpfpm/mypool
- user = nobody
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 10
- pm.min_spare_servers = 5
- pm.max_spare_servers = 20
- pm.max_requests = 500
- ''';
- }
- '';
- description = ''
- A mapping between PHP-FPM pool names and their configurations.
- See the documentation on <literal>php-fpm.conf</literal> for
- details on configuration directives. If no pools are defined,
- the phpfpm service is disabled.
- '';
- };
-
- pools = mkOption {
- type = types.attrsOf (types.submodule (import ./pool-options.nix {
- inherit lib;
- }));
- default = {};
- example = literalExample ''
- {
- mypool = {
- listen = "/path/to/unix/socket";
- extraConfig = '''
- user = nobody
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 10
- pm.min_spare_servers = 5
- pm.max_spare_servers = 20
- pm.max_requests = 500
- ''';
- }
- }'';
- description = ''
- PHP-FPM pools. If no pools or poolConfigs are defined, the PHP-FPM
- service is disabled.
- '';
- };
- };
- };
-
- config = mkIf enabled {
-
- systemd.slices.phpfpm = {
- description = "PHP FastCGI Process manager pools slice";
- };
-
- systemd.targets.phpfpm = {
- description = "PHP FastCGI Process manager pools target";
- wantedBy = [ "multi-user.target" ];
- };
-
- systemd.services = flip mapAttrs' poolConfigs (pool: poolConfig:
- nameValuePair "phpfpm-${pool}" {
- description = "PHP FastCGI Process Manager service for pool ${pool}";
- after = [ "network.target" ] ++ (cfg.serviceDependencies.${pool} or []);
- wants = cfg.serviceDependencies.${pool} or [];
- wantedBy = [ "phpfpm.target" ];
- partOf = [ "phpfpm.target" ];
- preStart = ''
- mkdir -p ${stateDir}
- '' + (cfg.preStart.${pool} or "");
- serviceConfig = let
- cfgFile = fpmCfgFile pool poolConfig;
- poolPhpIni = cfg.poolPhpConfigs.${pool} or "";
- in {
- EnvironmentFile = if builtins.hasAttr pool cfg.envFile then [cfg.envFile.${pool}] else [];
- Slice = "phpfpm.slice";
- PrivateDevices = true;
- ProtectSystem = "full";
- ProtectHome = true;
- # XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work
- RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK";
- Type = "notify";
- ExecStart = "${cfg.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni poolPhpIni}";
- ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
- };
- }
- );
- };
-}
+++ /dev/null
-{ lib }:
-
-with lib; {
-
- options = {
-
- listen = mkOption {
- type = types.str;
- example = "/path/to/unix/socket";
- description = ''
- The address on which to accept FastCGI requests.
- '';
- };
-
- extraConfig = mkOption {
- type = types.lines;
- example = ''
- user = nobody
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 10
- pm.min_spare_servers = 5
- pm.max_spare_servers = 20
- pm.max_requests = 500
- '';
-
- description = ''
- Extra lines that go into the pool configuration.
- See the documentation on <literal>php-fpm.conf</literal> for
- details on configuration directives.
- '';
- };
- };
-}
-
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
'';
pool = ''
- listen = ${socket}
user = wwwrun
group = wwwrun
listen.owner = wwwrun
ln -s ${nextcloud} $out/webapps/${webappName}
'';
- services.myPhpfpm = {
- poolPhpConfigs.nextcloud = phpFpm.phpConfig;
- poolConfigs.nextcloud = phpFpm.pool;
+ services.phpfpm.pools.nextcloud = {
+ listen = phpFpm.socket;
+ extraConfig = phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + phpFpm.phpConfig;
};
services.cron = {
];
};
- services.myPhpfpm.poolConfigs = {
+ services.phpfpm.poolConfigs = {
davical = davical.phpFpm.pool;
};
''
];
};
- services.myPhpfpm.poolConfigs = {
+ services.phpfpm.poolConfigs = {
mantisbt = mantisbt.phpFpm.pool;
};
};
++ ldap.apache.modules
++ kanboard.apache.modules;
- systemd.services.ympd = {
- description = "Standalone MPD Web GUI written in C";
- wantedBy = [ "multi-user.target" ];
- script = ''
- export MPD_PASSWORD=$(cat /var/secrets/mpd)
- ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
- '';
- };
-
services.websites.integration.vhostConfs.devtools = {
certName = "eldiron";
addToCerts = true;
];
};
- services.myPhpfpm.serviceDependencies = {
- dokuwiki = dokuwiki.phpFpm.serviceDeps;
- kanboard = kanboard.phpFpm.serviceDeps;
- ldap = ldap.phpFpm.serviceDeps;
- rainloop = rainloop.phpFpm.serviceDeps;
- roundcubemail = roundcubemail.phpFpm.serviceDeps;
- shaarli = shaarli.phpFpm.serviceDeps;
- ttrss = ttrss.phpFpm.serviceDeps;
- wallabag = wallabag.phpFpm.serviceDeps;
- yourls = yourls.phpFpm.serviceDeps;
+ systemd.services = {
+ phpfpm-dokuwiki = {
+ after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
+ wants = dokuwiki.phpFpm.serviceDeps;
+ };
+ phpfpm-kanboard = {
+ after = lib.mkAfter kanboard.phpFpm.serviceDeps;
+ wants = kanboard.phpFpm.serviceDeps;
+ };
+ phpfpm-ldap = {
+ after = lib.mkAfter ldap.phpFpm.serviceDeps;
+ wants = ldap.phpFpm.serviceDeps;
+ };
+ phpfpm-rainloop = {
+ after = lib.mkAfter rainloop.phpFpm.serviceDeps;
+ wants = rainloop.phpFpm.serviceDeps;
+ };
+ phpfpm-roundcubemail = {
+ after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
+ wants = roundcubemail.phpFpm.serviceDeps;
+ };
+ phpfpm-shaarli = {
+ after = lib.mkAfter shaarli.phpFpm.serviceDeps;
+ wants = shaarli.phpFpm.serviceDeps;
+ };
+ phpfpm-ttrss = {
+ after = lib.mkAfter ttrss.phpFpm.serviceDeps;
+ wants = ttrss.phpFpm.serviceDeps;
+ };
+ phpfpm-wallabag = {
+ after = lib.mkAfter wallabag.phpFpm.serviceDeps;
+ wants = wallabag.phpFpm.serviceDeps;
+ preStart = lib.mkAfter wallabag.phpFpm.preStart;
+ };
+ phpfpm-yourls = {
+ after = lib.mkAfter yourls.phpFpm.serviceDeps;
+ wants = yourls.phpFpm.serviceDeps;
+ };
+ ympd = {
+ description = "Standalone MPD Web GUI written in C";
+ wantedBy = [ "multi-user.target" ];
+ script = ''
+ export MPD_PASSWORD=$(cat /var/secrets/mpd)
+ ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
+ '';
+ };
+ tt-rss = {
+ description = "Tiny Tiny RSS feeds update daemon";
+ serviceConfig = {
+ User = "wwwrun";
+ ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
+ StandardOutput = "syslog";
+ StandardError = "syslog";
+ PermissionsStartOnly = true;
+ };
+
+ wantedBy = [ "multi-user.target" ];
+ requires = ["postgresql.service"];
+ after = ["network.target" "postgresql.service"];
+ };
+ };
+
+ services.phpfpm.pools.roundcubemail = {
+ listen = roundcubemail.phpFpm.socket;
+ extraConfig = roundcubemail.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
};
- services.myPhpfpm.poolPhpConfigs = {
- devtools = ''
+ services.phpfpm.pools.devtools = {
+ listen = "/var/run/phpfpm/devtools.sock";
+ extraConfig = ''
+ user = wwwrun
+ group = wwwrun
+ listen.owner = wwwrun
+ listen.group = wwwrun
+ pm = dynamic
+ pm.max_children = 60
+ pm.start_servers = 2
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 10
+
+ php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
+ '';
+ phpOptions = config.services.phpfpm.phpOptions + ''
extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
'';
- roundcubemail = roundcubemail.phpFpm.phpConfig;
- };
- services.myPhpfpm.preStart = {
- wallabag = wallabag.phpFpm.preStart;
};
- services.myPhpfpm.poolConfigs = {
+
+ services.phpfpm.poolConfigs = {
adminer = adminer.phpFpm.pool;
ttrss = ttrss.phpFpm.pool;
- roundcubemail = roundcubemail.phpFpm.pool;
wallabag = wallabag.phpFpm.pool;
yourls = yourls.phpFpm.pool;
rompr = rompr.phpFpm.pool;
ldap = ldap.phpFpm.pool;
rainloop = rainloop.phpFpm.pool;
kanboard = kanboard.phpFpm.pool;
- devtools = ''
- listen = /var/run/phpfpm/devtools.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
-
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
- '';
tools = ''
listen = /var/run/phpfpm/tools.sock
user = wwwrun
ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName}
'';
- systemd.services.tt-rss = {
- description = "Tiny Tiny RSS feeds update daemon";
- serviceConfig = {
- User = "wwwrun";
- ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
- StandardOutput = "syslog";
- StandardError = "syslog";
- PermissionsStartOnly = true;
- };
-
- wantedBy = [ "multi-user.target" ];
- requires = ["postgresql.service"];
- after = ["network.target" "postgresql.service"];
- };
-
};
}
'';
socket = "/var/run/phpfpm/roundcubemail.sock";
pool = ''
- listen = ${socket}
user = ${apache.user}
group = ${apache.group}
listen.owner = ${apache.user}
projects / perso / Immae / Config / Nix.git / commitdiff
