From a97118c489a59d723538292214efaa10dfcb96df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Tue, 16 Jun 2020 15:23:20 +0200 Subject: Add status engine website --- modules/private/websites/default.nix | 1 + .../private/websites/tools/performance/default.nix | 89 ++++++++++++++++++++++ 2 files changed, 90 insertions(+) create mode 100644 modules/private/websites/tools/performance/default.nix (limited to 'modules/private/websites') diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index 864d5d9..f84567e 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix @@ -295,6 +295,7 @@ in tools.mastodon.enable = true; tools.mediagoblin.enable = true; tools.peertube.enable = true; + tools.performance.enable = true; tools.tools.enable = true; tools.email.enable = true; diff --git a/modules/private/websites/tools/performance/default.nix b/modules/private/websites/tools/performance/default.nix new file mode 100644 index 0000000..df2b58d --- /dev/null +++ b/modules/private/websites/tools/performance/default.nix @@ -0,0 +1,89 @@ +{ pkgs, lib, config, ... }: +let + env = config.myEnv.tools.status_engine; + package = pkgs.status_engine.interface.override({ config_file = config.secrets.fullPaths."status_engine_ui"; }); + apacheRoot = "${package}/public"; + cfg = config.myServices.websites.tools.performance; +in +{ + options.myServices.websites.tools.performance = { + enable = lib.mkEnableOption "Enable performance website"; + }; + + config = lib.mkIf cfg.enable { + secrets.keys = [ + { + dest = "status_engine_ui"; + permissions = "0400"; + user = "wwwrun"; + group = "wwwrun"; + text = '' + allow_anonymous: 0 + anonymous_can_submit_commands: 0 + urls_without_login: + - login + - loginstate + auth_type: ldap + ldap_server: ${env.ldap.host} + ldap_use_ssl: 1 + ldap_port: 636 + ldap_bind_dn: ${env.ldap.dn} + ldap_bind_password: ${env.ldap.password} + ldap_base_dn: ${env.ldap.base} + ldap_filter: "${env.ldap.filter}" + ldap_attribute: + - memberOf + use_crate: 0 + use_mysql: 1 + mysql: + host: 127.0.0.1 + port: ${env.mysql.port} + username: ${env.mysql.user} + password: ${env.mysql.password} + database: ${env.mysql.database} + display_perfdata: 1 + perfdata_backend: mysql + ''; + } + ]; + + services.websites.env.tools.modules = [ "proxy_fcgi" ]; + + services.websites.env.tools.vhostConfs.performance = { + certName = "eldiron"; + addToCerts = true; + hosts = [ "performance.immae.eu" ]; + root = apacheRoot; + extraConfig = [ + '' + + DirectoryIndex index.html + AllowOverride None + Require all granted + + SetHandler "proxy:unix:${config.services.phpfpm.pools.status_engine.socket}|fcgi://localhost" + + + '' + ]; + }; + + services.phpfpm.pools.status_engine = { + user = "wwwrun"; + group = "wwwrun"; + settings = { + "listen.owner" = "wwwrun"; + "listen.group" = "wwwrun"; + "pm" = "dynamic"; + "pm.max_children" = "60"; + "pm.start_servers" = "2"; + "pm.min_spare_servers" = "1"; + "pm.max_spare_servers" = "10"; + + "php_admin_value[open_basedir]" = "${package}:/tmp:/var/secrets/status_engine_ui"; + }; + phpPackage = pkgs.php74; + }; + + }; +} -- cgit v1.2.3