|
|
@@ -13,15 +13,16 @@ let |
|
|
|
}) |
|
|
|
]; |
|
|
|
}; |
|
|
|
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions); |
|
|
|
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions); |
|
|
|
pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions); |
|
|
|
presets = { |
|
|
|
base = (import ./presets/base.nix); |
|
|
|
kvm = (import ./presets/kvm.nix); |
|
|
|
}; |
|
|
|
nginxPresets = { |
|
|
|
php = (import ./presets/nginx/php.nix); |
|
|
|
cphpApplication = (import ./presets/nginx/cphp-application.nix); |
|
|
|
# php = (import ./presets/nginx/php.nix); |
|
|
|
phpDisabled = (import ./presets/nginx/php-disabled.nix); |
|
|
|
# cphpApplication = (import ./presets/nginx/cphp-application.nix); |
|
|
|
reverseProxy = (import ./presets/nginx/reverse-proxy.nix); |
|
|
|
letsEncrypt = (import ./presets/nginx/lets-encrypt.nix); |
|
|
|
}; |
|
|
@@ -114,10 +115,10 @@ in { |
|
|
|
in lib.mkMerge [ |
|
|
|
(httpHosts [ |
|
|
|
# "haless.cryto.net" |
|
|
|
"todo.cryto.net" |
|
|
|
"books.cryto.net" |
|
|
|
"learn.cryto.net" |
|
|
|
"vps-list.cryto.net" |
|
|
|
# "todo.cryto.net" |
|
|
|
# "books.cryto.net" |
|
|
|
# "learn.cryto.net" |
|
|
|
# "vps-list.cryto.net" |
|
|
|
"iomfats.cryto.net" |
|
|
|
"castleroland.cryto.net" |
|
|
|
"awesomedude.cryto.net" |
|
|
@@ -126,8 +127,8 @@ in { |
|
|
|
]) |
|
|
|
(httpsHosts [ |
|
|
|
# "haless.cryto.net" |
|
|
|
"books.cryto.net" |
|
|
|
"vps-list.cryto.net" |
|
|
|
# "books.cryto.net" |
|
|
|
# "vps-list.cryto.net" |
|
|
|
"iomfats.cryto.net" |
|
|
|
"castleroland.cryto.net" |
|
|
|
"awesomedude.cryto.net" |
|
|
@@ -178,71 +179,75 @@ in { |
|
|
|
"haless.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.letsEncrypt) |
|
|
|
{ |
|
|
|
locations."/shadow" = { |
|
|
|
locations."/shadow/" = { |
|
|
|
alias = ./sources/shadow-generator; |
|
|
|
}; |
|
|
|
locations."/knex-mirror" = { |
|
|
|
locations."/knex-mirror/" = { |
|
|
|
alias = ./sources/knex-mirror; |
|
|
|
}; |
|
|
|
} |
|
|
|
]; |
|
|
|
"books.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.letsEncrypt) |
|
|
|
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
{ |
|
|
|
root = pkgs.stdenv.mkDerivation { |
|
|
|
name = "cryto-books"; |
|
|
|
src = ./sources/cryto-books; |
|
|
|
|
|
|
|
installPhase = '' |
|
|
|
mkdir -p $out/ |
|
|
|
cp -r $src/* $out/ |
|
|
|
cp ${../private/cryto-books/credentials.php} $out/credentials.php |
|
|
|
''; |
|
|
|
}; |
|
|
|
} |
|
|
|
(nginxPresets.phpDisabled) |
|
|
|
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
# { |
|
|
|
# root = pkgs.stdenv.mkDerivation { |
|
|
|
# name = "cryto-books"; |
|
|
|
# src = ./sources/cryto-books; |
|
|
|
|
|
|
|
# installPhase = '' |
|
|
|
# mkdir -p $out/ |
|
|
|
# cp -r $src/* $out/ |
|
|
|
# cp ${../private/cryto-books/credentials.php} $out/credentials.php |
|
|
|
# ''; |
|
|
|
# }; |
|
|
|
# } |
|
|
|
]; |
|
|
|
"todo.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
name = "cryto-todo"; |
|
|
|
src = ./sources/cryto-todo; |
|
|
|
|
|
|
|
installPhase = '' |
|
|
|
mkdir -p $out/public_html |
|
|
|
cp -r $src/* $out/public_html |
|
|
|
cp ${../private/cryto-todo/config.json} $out/config.json |
|
|
|
''; |
|
|
|
})) |
|
|
|
(nginxPresets.phpDisabled) |
|
|
|
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
# name = "cryto-todo"; |
|
|
|
# src = ./sources/cryto-todo; |
|
|
|
|
|
|
|
# installPhase = '' |
|
|
|
# mkdir -p $out/public_html |
|
|
|
# cp -r $src/* $out/public_html |
|
|
|
# cp ${../private/cryto-todo/config.json} $out/config.json |
|
|
|
# ''; |
|
|
|
# })) |
|
|
|
]; |
|
|
|
"learn.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
name = "cryto-learn"; |
|
|
|
src = ./sources/cryto-learn; |
|
|
|
|
|
|
|
installPhase = '' |
|
|
|
mkdir -p $out/public_html |
|
|
|
cp -r $src/* $out/public_html |
|
|
|
cp ${../private/cryto-learn/config.json} $out/config.json |
|
|
|
''; |
|
|
|
})) |
|
|
|
(nginxPresets.phpDisabled) |
|
|
|
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
# name = "cryto-learn"; |
|
|
|
# src = ./sources/cryto-learn; |
|
|
|
|
|
|
|
# installPhase = '' |
|
|
|
# mkdir -p $out/public_html |
|
|
|
# cp -r $src/* $out/public_html |
|
|
|
# cp ${../private/cryto-learn/config.json} $out/config.json |
|
|
|
# ''; |
|
|
|
# })) |
|
|
|
]; |
|
|
|
"vps-list.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.letsEncrypt) |
|
|
|
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
name = "vps-list"; |
|
|
|
src = ./sources/vps-list; |
|
|
|
|
|
|
|
installPhase = '' |
|
|
|
mkdir -p $out/public_html |
|
|
|
mkdir -p $out/public_html/cphp |
|
|
|
|
|
|
|
cp -r $src/* $out/public_html |
|
|
|
cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php |
|
|
|
''; |
|
|
|
})) |
|
|
|
(nginxPresets.phpDisabled) |
|
|
|
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ |
|
|
|
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { |
|
|
|
# name = "vps-list"; |
|
|
|
# src = ./sources/vps-list; |
|
|
|
|
|
|
|
# installPhase = '' |
|
|
|
# mkdir -p $out/public_html |
|
|
|
# mkdir -p $out/public_html/cphp |
|
|
|
|
|
|
|
# cp -r $src/* $out/public_html |
|
|
|
# cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php |
|
|
|
# ''; |
|
|
|
# })) |
|
|
|
]; |
|
|
|
"iomfats.cryto.net" = lib.mkMerge [ |
|
|
|
(nginxPresets.letsEncrypt) |
|
|
@@ -263,37 +268,39 @@ in { |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
services.mysql = { |
|
|
|
enable = true; |
|
|
|
package = pkgs.mysql55; |
|
|
|
}; |
|
|
|
# services.mysql = { |
|
|
|
# enable = true; |
|
|
|
# package = pkgs.mysql55; |
|
|
|
# }; |
|
|
|
|
|
|
|
services.phpfpm = { |
|
|
|
extraConfig = '' |
|
|
|
log_level = notice |
|
|
|
''; |
|
|
|
phpPackage = pkgs1803.php56; |
|
|
|
pools = { |
|
|
|
main = { |
|
|
|
listen = "/var/run/phpfpm-main.sock"; |
|
|
|
extraConfig = '' |
|
|
|
user = nobody |
|
|
|
listen.owner = nginx |
|
|
|
listen.group = nginx |
|
|
|
listen.mode = 0660 |
|
|
|
|
|
|
|
pm = dynamic |
|
|
|
pm.max_children = 75 |
|
|
|
pm.start_servers = 10 |
|
|
|
pm.min_spare_servers = 5 |
|
|
|
pm.max_spare_servers = 20 |
|
|
|
pm.max_requests = 500 |
|
|
|
|
|
|
|
catch_workers_output = yes |
|
|
|
''; |
|
|
|
}; |
|
|
|
}; |
|
|
|
}; |
|
|
|
# services.phpfpm = { |
|
|
|
# settings = { |
|
|
|
# "log_level" = "notice"; |
|
|
|
# }; |
|
|
|
|
|
|
|
# phpPackage = pkgs1803.php56; |
|
|
|
|
|
|
|
# pools = { |
|
|
|
# main = { |
|
|
|
# # listen = "/var/run/phpfpm-main.sock"; |
|
|
|
# user = "nobody"; |
|
|
|
# settings = { |
|
|
|
# "listen.owner" = "nginx"; |
|
|
|
# "listen.group" = "nginx"; |
|
|
|
# "listen.mode" = 0660; |
|
|
|
|
|
|
|
# "pm" = "dynamic"; |
|
|
|
# "pm.max_children" = 75; |
|
|
|
# "pm.start_servers" = 10; |
|
|
|
# "pm.min_spare_servers" = 5; |
|
|
|
# "pm.max_spare_servers" = 20; |
|
|
|
# "pm.max_requests" = 500; |
|
|
|
|
|
|
|
# "catch_workers_output" = true; |
|
|
|
# }; |
|
|
|
# }; |
|
|
|
# }; |
|
|
|
# }; |
|
|
|
|
|
|
|
users.extraUsers.mobile-proxy = { |
|
|
|
description = "mobile-proxy Service User"; |
|
|
|