From 441da8aac378f401625e82caf281fa0e26128310 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Mon, 30 Mar 2020 23:54:00 +0200 Subject: [PATCH] Use pools instead of deprecated poolConfigs for php --- modules/private/tasks/default.nix | 36 ++--- modules/private/websites/leila/production.nix | 22 +-- .../private/websites/tools/dav/davical.nix | 1 - .../private/websites/tools/dav/default.nix | 7 +- .../private/websites/tools/git/default.nix | 7 +- .../private/websites/tools/git/mantisbt.nix | 1 - .../private/websites/tools/mail/default.nix | 5 +- .../private/websites/tools/mail/rainloop.nix | 1 - .../private/websites/tools/tools/adminer.nix | 1 - .../private/websites/tools/tools/default.nix | 127 +++++++++++------- .../private/websites/tools/tools/dokuwiki.nix | 1 - .../private/websites/tools/tools/grocy.nix | 1 - .../private/websites/tools/tools/kanboard.nix | 1 - modules/private/websites/tools/tools/ldap.nix | 1 - .../private/websites/tools/tools/rompr.nix | 1 - .../private/websites/tools/tools/shaarli.nix | 1 - .../private/websites/tools/tools/ttrss.nix | 1 - .../private/websites/tools/tools/wallabag.nix | 1 - .../private/websites/tools/tools/yourls.nix | 1 - 19 files changed, 123 insertions(+), 94 deletions(-) diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix index c0cc87b..78e07c1 100644 --- a/modules/private/tasks/default.nix +++ b/modules/private/tasks/default.nix @@ -170,24 +170,26 @@ in { '') env.taskwarrior-web); }; - services.phpfpm.poolConfigs = { - tasks = '' - listen = /var/run/phpfpm/task.sock - user = ${user} - group = ${group} - listen.owner = wwwrun - listen.group = wwwrun - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 + services.phpfpm.pools = { + tasks = { + listen = "/var/run/phpfpm/task.sock"; + extraConfig = '' + user = ${user} + group = ${group} + listen.owner = wwwrun + listen.group = wwwrun + pm = dynamic + pm.max_children = 60 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 10 - ; Needed to avoid clashes in browser cookies (same domain) - env[PATH] = "/etc/profiles/per-user/${user}/bin" - php_value[session.name] = TaskPHPSESSID - php_admin_value[open_basedir] = "${./www}:/tmp:${server_vardir}:/etc/profiles/per-user/${user}/bin/" - ''; + ; Needed to avoid clashes in browser cookies (same domain) + env[PATH] = "/etc/profiles/per-user/${user}/bin" + php_value[session.name] = TaskPHPSESSID + php_admin_value[open_basedir] = "${./www}:/tmp:${server_vardir}:/etc/profiles/per-user/${user}/bin/" + ''; + }; }; myServices.websites.webappDirs._task = ./www; diff --git a/modules/private/websites/leila/production.nix b/modules/private/websites/leila/production.nix index 4390d59..e8591c8 100644 --- a/modules/private/websites/leila/production.nix +++ b/modules/private/websites/leila/production.nix @@ -6,19 +6,21 @@ in { options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's websites in production"; config = lib.mkIf cfg.enable { - services.phpfpm.poolConfigs.leila = '' - listen = /run/phpfpm/leila.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun + services.phpfpm.pools.leila = { + listen = "/run/phpfpm/leila.sock"; + extraConfig = '' + user = wwwrun + group = wwwrun + listen.owner = wwwrun + listen.group = wwwrun - pm = ondemand - pm.max_children = 5 - pm.process_idle_timeout = 60 + pm = ondemand + pm.max_children = 5 + pm.process_idle_timeout = 60 - php_admin_value[open_basedir] = "${varDir}:/tmp" + php_admin_value[open_basedir] = "${varDir}:/tmp" ''; + }; services.webstats.sites = [ { name = "leila.bouya.org"; } diff --git a/modules/private/websites/tools/dav/davical.nix b/modules/private/websites/tools/dav/davical.nix index 2a02f5e..5eb3fab 100644 --- a/modules/private/websites/tools/dav/davical.nix +++ b/modules/private/websites/tools/dav/davical.nix @@ -113,7 +113,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webapp "/var/secrets/webapps/dav-davical" awl ]; socket = "/var/run/phpfpm/davical.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/dav/default.nix b/modules/private/websites/tools/dav/default.nix index c74930a..0012965 100644 --- a/modules/private/websites/tools/dav/default.nix +++ b/modules/private/websites/tools/dav/default.nix @@ -42,8 +42,11 @@ in { ]; }; - services.phpfpm.poolConfigs = { - davical = davical.phpFpm.pool; + services.phpfpm.pools = { + davical = { + listen = davical.phpFpm.socket; + extraConfig = davical.phpFpm.pool; + }; }; myServices.websites.webappDirs._dav = ./www; diff --git a/modules/private/websites/tools/git/default.nix b/modules/private/websites/tools/git/default.nix index a5f525b..054e47b 100644 --- a/modules/private/websites/tools/git/default.nix +++ b/modules/private/websites/tools/git/default.nix @@ -38,8 +38,11 @@ in { '' ]; }; - services.phpfpm.poolConfigs = { - mantisbt = mantisbt.phpFpm.pool; + services.phpfpm.pools = { + mantisbt = { + listen = mantisbt.phpFpm.socket; + extraConfig = mantisbt.phpFpm.pool; + }; }; }; } diff --git a/modules/private/websites/tools/git/mantisbt.nix b/modules/private/websites/tools/git/mantisbt.nix index 8606819..d75b022 100644 --- a/modules/private/websites/tools/git/mantisbt.nix +++ b/modules/private/websites/tools/git/mantisbt.nix @@ -78,7 +78,6 @@ rec { ++ webRoot.plugins); socket = "/var/run/phpfpm/mantisbt.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix index 6342694..bb36042 100644 --- a/modules/private/websites/tools/mail/default.nix +++ b/modules/private/websites/tools/mail/default.nix @@ -60,8 +60,9 @@ in extraConfig = roundcubemail.phpFpm.pool; phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig; }; - services.phpfpm.poolConfigs = { - rainloop = rainloop.phpFpm.pool; + services.phpfpm.pools.rainloop = { + listen = rainloop.phpFpm.socket; + extraConfig = rainloop.phpFpm.pool; }; system.activationScripts = { roundcubemail = roundcubemail.activationScript; diff --git a/modules/private/websites/tools/mail/rainloop.nix b/modules/private/websites/tools/mail/rainloop.nix index dbf0f24..2dad46e 100644 --- a/modules/private/websites/tools/mail/rainloop.nix +++ b/modules/private/websites/tools/mail/rainloop.nix @@ -39,7 +39,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; socket = "/var/run/phpfpm/rainloop.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/adminer.nix b/modules/private/websites/tools/tools/adminer.nix index e41c488..907e37f 100644 --- a/modules/private/websites/tools/tools/adminer.nix +++ b/modules/private/websites/tools/tools/adminer.nix @@ -11,7 +11,6 @@ rec { phpFpm = rec { socket = "/var/run/phpfpm/adminer.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix index e2a3913..5dc0981 100644 --- a/modules/private/websites/tools/tools/default.nix +++ b/modules/private/websites/tools/tools/default.nix @@ -224,56 +224,87 @@ in { paths = [ "/var/secrets/mpd" ]; }; - services.phpfpm.pools.devtools = { - listen = "/var/run/phpfpm/devtools.sock"; - extraConfig = '' - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 + services.phpfpm.pools = { + tools = { + listen = "/var/run/phpfpm/tools.sock"; + extraConfig = '' + user = wwwrun + group = wwwrun + listen.owner = wwwrun + listen.group = wwwrun + pm = dynamic + pm.max_children = 60 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 10 - php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" - ''; - phpOptions = config.services.phpfpm.phpOptions + '' - extension=${pkgs.php}/lib/php/extensions/mysqli.so - extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so - extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so - zend_extension=${pkgs.php}/lib/php/extensions/opcache.so - ''; - }; - - services.phpfpm.poolConfigs = { - adminer = adminer.phpFpm.pool; - ttrss = ttrss.phpFpm.pool; - wallabag = wallabag.phpFpm.pool; - yourls = yourls.phpFpm.pool; - rompr = rompr.phpFpm.pool; - shaarli = shaarli.phpFpm.pool; - dokuwiki = dokuwiki.phpFpm.pool; - ldap = ldap.phpFpm.pool; - kanboard = kanboard.phpFpm.pool; - grocy = grocy.phpFpm.pool; - tools = '' - listen = /var/run/phpfpm/tools.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 + ; Needed to avoid clashes in browser cookies (same domain) + php_value[session.name] = ToolsPHPSESSID + php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp" + ''; + }; + devtools = { + listen = "/var/run/phpfpm/devtools.sock"; + extraConfig = '' + user = wwwrun + group = wwwrun + listen.owner = wwwrun + listen.group = wwwrun + pm = dynamic + pm.max_children = 60 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 10 - ; Needed to avoid clashes in browser cookies (same domain) - php_value[session.name] = ToolsPHPSESSID - php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp" - ''; + php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" + ''; + phpOptions = config.services.phpfpm.phpOptions + '' + extension=${pkgs.php}/lib/php/extensions/mysqli.so + extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so + extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so + zend_extension=${pkgs.php}/lib/php/extensions/opcache.so + ''; + }; + adminer = { + listen = adminer.phpFpm.socket; + extraConfig = adminer.phpFpm.pool; + }; + ttrss = { + listen = ttrss.phpFpm.socket; + extraConfig = ttrss.phpFpm.pool; + }; + wallabag = { + listen = wallabag.phpFpm.socket; + extraConfig = wallabag.phpFpm.pool; + }; + yourls = { + listen = yourls.phpFpm.socket; + extraConfig = yourls.phpFpm.pool; + }; + rompr = { + listen = rompr.phpFpm.socket; + extraConfig = rompr.phpFpm.pool; + }; + shaarli = { + listen = shaarli.phpFpm.socket; + extraConfig = shaarli.phpFpm.pool; + }; + dokuwiki = { + listen = dokuwiki.phpFpm.socket; + extraConfig = dokuwiki.phpFpm.pool; + }; + ldap = { + listen = ldap.phpFpm.socket; + extraConfig = ldap.phpFpm.pool; + }; + kanboard = { + listen = kanboard.phpFpm.socket; + extraConfig = kanboard.phpFpm.pool; + }; + grocy = { + listen = grocy.phpFpm.socket; + extraConfig = grocy.phpFpm.pool; + }; }; system.activationScripts = { diff --git a/modules/private/websites/tools/tools/dokuwiki.nix b/modules/private/websites/tools/tools/dokuwiki.nix index e40d671..d66e85d 100644 --- a/modules/private/websites/tools/tools/dokuwiki.nix +++ b/modules/private/websites/tools/tools/dokuwiki.nix @@ -46,7 +46,6 @@ rec { [ webRoot varDir ] ++ webRoot.plugins); socket = "/var/run/phpfpm/dokuwiki.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/grocy.nix b/modules/private/websites/tools/tools/grocy.nix index c165030..1b8da20 100644 --- a/modules/private/websites/tools/tools/grocy.nix +++ b/modules/private/websites/tools/tools/grocy.nix @@ -37,7 +37,6 @@ rec { [ grocy grocy.yarnModules varDir ]); socket = "/var/run/phpfpm/grocy.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/kanboard.nix b/modules/private/websites/tools/tools/kanboard.nix index 36a949c..1880cbd 100644 --- a/modules/private/websites/tools/tools/kanboard.nix +++ b/modules/private/websites/tools/tools/kanboard.nix @@ -71,7 +71,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webRoot varDir "/var/secrets/webapps/tools-kanboard" ]; socket = "/var/run/phpfpm/kanboard.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/ldap.nix b/modules/private/websites/tools/tools/ldap.nix index 96bd02c..e58a9bd 100644 --- a/modules/private/websites/tools/tools/ldap.nix +++ b/modules/private/websites/tools/tools/ldap.nix @@ -57,7 +57,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ]; socket = "/var/run/phpfpm/ldap.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/rompr.nix b/modules/private/websites/tools/tools/rompr.nix index 74034f0..75adabe 100644 --- a/modules/private/websites/tools/tools/rompr.nix +++ b/modules/private/websites/tools/tools/rompr.nix @@ -53,7 +53,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; socket = "/var/run/phpfpm/rompr.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix index 0f1ae7b..0a75755 100644 --- a/modules/private/websites/tools/tools/shaarli.nix +++ b/modules/private/websites/tools/tools/shaarli.nix @@ -50,7 +50,6 @@ in rec { basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; socket = "/var/run/phpfpm/shaarli.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/ttrss.nix b/modules/private/websites/tools/tools/ttrss.nix index 4a9b8ca..a8b2a93 100644 --- a/modules/private/websites/tools/tools/ttrss.nix +++ b/modules/private/websites/tools/tools/ttrss.nix @@ -116,7 +116,6 @@ rec { ++ webRoot.plugins); socket = "/var/run/phpfpm/ttrss.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix index 2d152b2..014d8a1 100644 --- a/modules/private/websites/tools/tools/wallabag.nix +++ b/modules/private/websites/tools/tools/wallabag.nix @@ -131,7 +131,6 @@ rec { basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ]; socket = "/var/run/phpfpm/wallabag.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix index 6280e78..466ceae 100644 --- a/modules/private/websites/tools/tools/yourls.nix +++ b/modules/private/websites/tools/tools/yourls.nix @@ -75,7 +75,6 @@ rec { ++ webRoot.plugins); socket = "/var/run/phpfpm/yourls.sock"; pool = '' - listen = ${socket} user = ${apache.user} group = ${apache.group} listen.owner = ${apache.user} -- 2.41.0