From 8eded9ecb6220bb26599419a4aaea1743d3d187e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sun, 21 Apr 2019 19:31:06 +0200 Subject: Move cache clearing of php applications to preStart systemd --- nixops/modules/websites/aten/aten.nix | 19 +++++++++++------- nixops/modules/websites/aten/default.nix | 2 ++ .../websites/connexionswing/connexionswing.nix | 19 +++++++++++------- nixops/modules/websites/connexionswing/default.nix | 2 ++ nixops/modules/websites/ludivine/default.nix | 2 ++ .../modules/websites/ludivine/ludivinecassal.nix | 19 +++++++++++------- nixops/modules/websites/phpfpm/default.nix | 16 ++++++++++++++- nixops/modules/websites/piedsjaloux/default.nix | 2 ++ .../modules/websites/piedsjaloux/piedsjaloux.nix | 19 +++++++++++------- nixops/modules/websites/tellesflorian/default.nix | 1 + .../websites/tellesflorian/tellesflorian.nix | 19 +++++++++++------- nixops/modules/websites/tools/tools/default.nix | 3 +++ nixops/modules/websites/tools/tools/wallabag.nix | 23 +++++++++++++--------- 13 files changed, 101 insertions(+), 45 deletions(-) diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix index 6059eb6..567dcd1 100644 --- a/nixops/modules/websites/aten/aten.nix +++ b/nixops/modules/websites/aten/aten.nix @@ -4,6 +4,18 @@ let environment = config.environment; varDir = "/var/lib/aten_${environment}"; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/${environment}-aten > ${varDir}/currentKey + fi + ''; serviceDeps = [ "postgresql.service" "${environment}-aten-key.service" ]; socket = "/var/run/phpfpm/aten-${environment}.sock"; pool = '' @@ -90,13 +102,6 @@ let text = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; yarnModules = let diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix index 58228ed..b0f7fdb 100644 --- a/nixops/modules/websites/aten/default.nix +++ b/nixops/modules/websites/aten/default.nix @@ -41,6 +41,7 @@ in { }; }; + services.myPhpfpm.preStart.aten_prod = aten_prod.phpFpm.preStart; services.myPhpfpm.serviceDependencies.aten_prod = aten_prod.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool; system.activationScripts.aten_prod = aten_prod.activationScript; @@ -60,6 +61,7 @@ in { (lib.mkIf cfg.integration.enable { deployment.keys = aten_dev.keys; security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null; + services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart; services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool; system.activationScripts.aten_dev = aten_dev.activationScript; diff --git a/nixops/modules/websites/connexionswing/connexionswing.nix b/nixops/modules/websites/connexionswing/connexionswing.nix index 2960c6a..13d4fba 100644 --- a/nixops/modules/websites/connexionswing/connexionswing.nix +++ b/nixops/modules/websites/connexionswing/connexionswing.nix @@ -33,6 +33,18 @@ let ''; }; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/${environment}-connexionswing > ${varDir}/currentKey + fi + ''; serviceDeps = [ "mysql.service" "${environment}-connexionswing-key.service" ]; socket = "/var/run/phpfpm/connexionswing-${environment}.sock"; phpConfig = '' @@ -151,13 +163,6 @@ let ${varDir}/uploads \ ${varDir}/var install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; webappDir = composerEnv.buildPackage ( diff --git a/nixops/modules/websites/connexionswing/default.nix b/nixops/modules/websites/connexionswing/default.nix index 9c74f02..ccbaa02 100644 --- a/nixops/modules/websites/connexionswing/default.nix +++ b/nixops/modules/websites/connexionswing/default.nix @@ -43,6 +43,7 @@ in { }; }; + services.myPhpfpm.preStart.connexionswing_prod = connexionswing_prod.phpFpm.preStart; services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing_prod.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing_prod.phpFpm.pool; services.myPhpfpm.poolPhpConfigs.connexionswing_prod = connexionswing_prod.phpFpm.phpConfig; @@ -63,6 +64,7 @@ in { deployment.keys = connexionswing_dev.keys; security.acme.certs."eldiron".extraDomains."sandetludo.immae.eu" = null; security.acme.certs."eldiron".extraDomains."connexionswing.immae.eu" = null; + services.myPhpfpm.preStart.connexionswing_dev = connexionswing_dev.phpFpm.preStart; services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing_dev.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing_dev.phpFpm.pool; services.myPhpfpm.poolPhpConfigs.connexionswing_dev = connexionswing_dev.phpFpm.phpConfig; diff --git a/nixops/modules/websites/ludivine/default.nix b/nixops/modules/websites/ludivine/default.nix index c5a904b..814764f 100644 --- a/nixops/modules/websites/ludivine/default.nix +++ b/nixops/modules/websites/ludivine/default.nix @@ -37,6 +37,7 @@ in { }; }; + services.myPhpfpm.preStart.ludivinecassal_prod = ludivinecassal_prod.phpFpm.preStart; services.myPhpfpm.serviceDependencies.ludivinecassal_prod = ludivinecassal_prod.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.ludivinecassal_prod = ludivinecassal_prod.phpFpm.pool; system.activationScripts.ludivinecassal_prod = ludivinecassal_prod.activationScript; @@ -56,6 +57,7 @@ in { deployment.keys = ludivinecassal_dev.keys; security.acme.certs."eldiron".extraDomains."ludivine.immae.eu" = null; + services.myPhpfpm.preStart.ludivinecassal_dev = ludivinecassal_dev.phpFpm.preStart; services.myPhpfpm.serviceDependencies.ludivinecassal_dev = ludivinecassal_dev.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.ludivinecassal_dev = ludivinecassal_dev.phpFpm.pool; system.activationScripts.ludivinecassal_dev = ludivinecassal_dev.activationScript; diff --git a/nixops/modules/websites/ludivine/ludivinecassal.nix b/nixops/modules/websites/ludivine/ludivinecassal.nix index 423bbda..439d3c9 100644 --- a/nixops/modules/websites/ludivine/ludivinecassal.nix +++ b/nixops/modules/websites/ludivine/ludivinecassal.nix @@ -40,6 +40,18 @@ let ''; }; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/${environment}-ludivinecassal > ${varDir}/currentKey + fi + ''; serviceDeps = [ "mysql.service" "${environment}-ludivinecassal-key.service" ]; socket = "/var/run/phpfpm/ludivinecassal-${environment}.sock"; pool = '' @@ -141,13 +153,6 @@ let install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/tmp install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; webappDir = composerEnv.buildPackage ( diff --git a/nixops/modules/websites/phpfpm/default.nix b/nixops/modules/websites/phpfpm/default.nix index 9c068bf..60959e0 100644 --- a/nixops/modules/websites/phpfpm/default.nix +++ b/nixops/modules/websites/phpfpm/default.nix @@ -95,6 +95,20 @@ in { ''; }; + preStart = mkOption { + default = {}; + type = types.attrsOf types.lines; + example = literalExample '' + { mypool = ''' + touch foo + '''; + } + ''; + description = '' + Extra lines that will go into the preStart systemd service + ''; + }; + poolPhpConfigs = mkOption { default = {}; type = types.attrsOf types.lines; @@ -181,7 +195,7 @@ in { partOf = [ "phpfpm.target" ]; preStart = '' mkdir -p ${stateDir} - ''; + '' + (cfg.preStart.${pool} or ""); serviceConfig = let cfgFile = fpmCfgFile pool poolConfig; poolPhpIni = cfg.poolPhpConfigs.${pool} or ""; diff --git a/nixops/modules/websites/piedsjaloux/default.nix b/nixops/modules/websites/piedsjaloux/default.nix index 7552db4..57849a3 100644 --- a/nixops/modules/websites/piedsjaloux/default.nix +++ b/nixops/modules/websites/piedsjaloux/default.nix @@ -41,6 +41,7 @@ in { }; }; + services.myPhpfpm.preStart.piedsjaloux_prod = piedsjaloux_prod.phpFpm.preStart; services.myPhpfpm.serviceDependencies.piedsjaloux_prod = piedsjaloux_prod.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.piedsjaloux_prod = piedsjaloux_prod.phpFpm.pool; system.activationScripts.piedsjaloux_prod = piedsjaloux_prod.activationScript; @@ -59,6 +60,7 @@ in { (lib.mkIf cfg.integration.enable { deployment.keys = piedsjaloux_dev.keys; security.acme.certs."eldiron".extraDomains."piedsjaloux.immae.eu" = null; + services.myPhpfpm.preStart.piedsjaloux_dev = piedsjaloux_dev.phpFpm.preStart; services.myPhpfpm.serviceDependencies.piedsjaloux_dev = piedsjaloux_dev.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.piedsjaloux_dev = piedsjaloux_dev.phpFpm.pool; system.activationScripts.piedsjaloux_dev = piedsjaloux_dev.activationScript; diff --git a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix index 1c7e983..87699db 100644 --- a/nixops/modules/websites/piedsjaloux/piedsjaloux.nix +++ b/nixops/modules/websites/piedsjaloux/piedsjaloux.nix @@ -28,6 +28,18 @@ let ''; }; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/${environment}-piedsjaloux > ${varDir}/currentKey + fi + ''; serviceDeps = [ "mysql.service" "${environment}-piedsjaloux-key.service" ]; socket = "/var/run/phpfpm/piedsjaloux-${environment}.sock"; pool = '' @@ -130,13 +142,6 @@ let install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/tmp install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; webappDir = composerEnv.buildPackage ( diff --git a/nixops/modules/websites/tellesflorian/default.nix b/nixops/modules/websites/tellesflorian/default.nix index 171d2e7..9bf4a48 100644 --- a/nixops/modules/websites/tellesflorian/default.nix +++ b/nixops/modules/websites/tellesflorian/default.nix @@ -18,6 +18,7 @@ in { config = lib.mkIf cfg.integration.enable { deployment.keys = tellesflorian_dev.keys; security.acme.certs."eldiron".extraDomains."app.tellesflorian.com" = null; + services.myPhpfpm.preStart.tellesflorian_dev = tellesflorian_dev.phpFpm.preStart; services.myPhpfpm.serviceDependencies.tellesflorian_dev = tellesflorian_dev.phpFpm.serviceDeps; services.myPhpfpm.poolConfigs.tellesflorian_dev = tellesflorian_dev.phpFpm.pool; system.activationScripts.tellesflorian_dev = tellesflorian_dev.activationScript; diff --git a/nixops/modules/websites/tellesflorian/tellesflorian.nix b/nixops/modules/websites/tellesflorian/tellesflorian.nix index a8e741e..ba46c0c 100644 --- a/nixops/modules/websites/tellesflorian/tellesflorian.nix +++ b/nixops/modules/websites/tellesflorian/tellesflorian.nix @@ -24,6 +24,18 @@ let ''; }; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/${environment}-tellesflorian > ${varDir}/currentKey + fi + ''; serviceDeps = [ "mysql.service" "${environment}-tellesflorian-passwords-key.service" @@ -141,13 +153,6 @@ let install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/var install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun ./bin/console --env=${environment} cache:clear --no-warmup - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; }; webappDir = composerEnv.buildPackage ( diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix index fc5b48d..1aa70b8 100644 --- a/nixops/modules/websites/tools/tools/default.nix +++ b/nixops/modules/websites/tools/tools/default.nix @@ -175,6 +175,9 @@ in { ''; roundcubemail = roundcubemail.phpFpm.phpConfig; }; + services.myPhpfpm.preStart = { + wallabag = wallabag.phpFpm.preStart; + }; services.myPhpfpm.poolConfigs = { adminer = adminer.phpFpm.pool; ttrss = ttrss.phpFpm.pool; diff --git a/nixops/modules/websites/tools/tools/wallabag.nix b/nixops/modules/websites/tools/tools/wallabag.nix index 0cacad3..f145bf3 100644 --- a/nixops/modules/websites/tools/tools/wallabag.nix +++ b/nixops/modules/websites/tools/tools/wallabag.nix @@ -119,15 +119,6 @@ let activationScript = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/var ${varDir}/data/db ${varDir}/assets/images - if [ ! -f "${varDir}/currentWebappDir" -o \ - "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then - pushd ${webappDir} > /dev/null - $wrapperDir/sudo -u wwwrun ./bin/console --env=prod cache:clear - rm -rf /var/lib/wallabag/var/cache/pro_ - $wrapperDir/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction - popd > /dev/null - echo -n "${webappDir}" > ${varDir}/currentWebappDir - fi ''; webRoot = "${webappDir}/web"; # Domain migration: Table wallabag_entry contains whole @@ -169,6 +160,20 @@ let ''; }; phpFpm = rec { + preStart = '' + if [ ! -f "${varDir}/currentWebappDir" -o \ + ! -f "${varDir}/currentKey" -o \ + "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ] \ + || ! sha512sum -c --status ${varDir}/currentKey; then + pushd ${webappDir} > /dev/null + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod cache:clear + rm -rf /var/lib/wallabag/var/cache/pro_ + /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction + popd > /dev/null + echo -n "${webappDir}" > ${varDir}/currentWebappDir + sha512sum /run/keys/webapps/tools-wallabag > ${varDir}/currentKey + fi + ''; serviceDeps = [ "postgresql.service" "openldap.service" "tools-wallabag-key.service" ]; basedir = builtins.concatStringsSep ":" [ webappDir "/run/keys/webapps/tools-wallabag" varDir ]; socket = "/var/run/phpfpm/wallabag.sock"; -- cgit v1.2.3