Home Explore Help
Register Sign In
joepie91
/
morph-rc
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 34 Releases 0 Wiki
Browse Source

Disable PHP, upgrade to NixOS 20.03

Sven Slootweg 5 months ago
parent
ecb2ad9189
commit
1096e8dc79
5 changed files with 117 additions and 94 deletions
Split View Show Diff Stats
  1. 96 89
      configuration/default.nix
  2. 10 2
      configuration/presets/base.nix
  3. 5 0
      configuration/presets/nginx/php-disabled.nix
  4. 1 1
      configuration/presets/nginx/php.nix
  5. 5 2
      data/dummy-configuration.nix

+ 96 - 89
configuration/default.nix
View File 

@ -13,15 +13,16 @@ let
13 13 
			})
14 14 
		];
15 15 
	};
16 
	pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions);
16 
	pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions);
17 17 
	pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions);
18 18 
	presets = {
19 19 
		base = (import ./presets/base.nix);
20 20 
		kvm = (import ./presets/kvm.nix);
21 21 
	};
22 22 
	nginxPresets = {
23 
		php = (import ./presets/nginx/php.nix);
24 
		cphpApplication = (import ./presets/nginx/cphp-application.nix);
23 
		# php = (import ./presets/nginx/php.nix);
24 
		phpDisabled = (import ./presets/nginx/php-disabled.nix);
25 
		# cphpApplication = (import ./presets/nginx/cphp-application.nix);
25 26 
		reverseProxy = (import ./presets/nginx/reverse-proxy.nix);
26 27 
		letsEncrypt = (import ./presets/nginx/lets-encrypt.nix);
27 28 
	};
 
@ -114,10 +115,10 @@ in {
114 115 
		in lib.mkMerge [
115 116 
			(httpHosts [
116 117 
				# "haless.cryto.net"
117 
				"todo.cryto.net"
118 
				"books.cryto.net"
119 
				"learn.cryto.net"
120 
				"vps-list.cryto.net"
118 
				# "todo.cryto.net"
119 
				# "books.cryto.net"
120 
				# "learn.cryto.net"
121 
				# "vps-list.cryto.net"
121 122 
				"iomfats.cryto.net"
122 123 
				"castleroland.cryto.net"
123 124 
				"awesomedude.cryto.net"
 
@ -126,8 +127,8 @@ in {
126 127 
			])
127 128 
			(httpsHosts [
128 129 
				# "haless.cryto.net"
129 
				"books.cryto.net"
130 
				"vps-list.cryto.net"
130 
				# "books.cryto.net"
131 
				# "vps-list.cryto.net"
131 132 
				"iomfats.cryto.net"
132 133 
				"castleroland.cryto.net"
133 134 
				"awesomedude.cryto.net"
 
@ -178,71 +179,75 @@ in {
178 179 
				"haless.cryto.net" = lib.mkMerge [
179 180 
					(nginxPresets.letsEncrypt)
180 181 
					{
181 
						locations."/shadow" = {
182 
						locations."/shadow/" = {
182 183 
							alias = ./sources/shadow-generator;
183 184 
						};
184 
						locations."/knex-mirror" = {
185 
						locations."/knex-mirror/" = {
185 186 
							alias = ./sources/knex-mirror;
186 187 
						};
187 188 
					}
188 189 
				];
189 190 
				"books.cryto.net" = lib.mkMerge [
190 191 
					(nginxPresets.letsEncrypt)
191 
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
192 
					{
193 
						root = pkgs.stdenv.mkDerivation {
194 
							name = "cryto-books";
195 
							src = ./sources/cryto-books;
196
197 
							installPhase = ''
198 
								mkdir -p $out/
199 
								cp -r $src/* $out/
200 
								cp ${../private/cryto-books/credentials.php} $out/credentials.php
201 
							'';
202 
						};
203 
					}
192 
					(nginxPresets.phpDisabled)
193 
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
194 
					# {
195 
					# 	root = pkgs.stdenv.mkDerivation {
196 
					# 		name = "cryto-books";
197 
					# 		src = ./sources/cryto-books;
198
199 
					# 		installPhase = ''
200 
					# 			mkdir -p $out/
201 
					# 			cp -r $src/* $out/
202 
					# 			cp ${../private/cryto-books/credentials.php} $out/credentials.php
203 
					# 		'';
204 
					# 	};
205 
					# }
204 206 
				];
205 207 
				"todo.cryto.net" = lib.mkMerge [
206 
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
207 
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
208 
						name = "cryto-todo";
209 
						src = ./sources/cryto-todo;
210
211 
						installPhase = ''
212 
							mkdir -p $out/public_html
213 
							cp -r $src/* $out/public_html
214 
							cp ${../private/cryto-todo/config.json} $out/config.json
215 
						'';
216 
					}))
208 
					(nginxPresets.phpDisabled)
209 
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
210 
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
211 
					# 	name = "cryto-todo";
212 
					# 	src = ./sources/cryto-todo;
213
214 
					# 	installPhase = ''
215 
					# 		mkdir -p $out/public_html
216 
					# 		cp -r $src/* $out/public_html
217 
					# 		cp ${../private/cryto-todo/config.json} $out/config.json
218 
					# 	'';
219 
					# }))
217 220 
				];
218 221 
				"learn.cryto.net" = lib.mkMerge [
219 
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
220 
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
221 
						name = "cryto-learn";
222 
						src = ./sources/cryto-learn;
223
224 
						installPhase = ''
225 
							mkdir -p $out/public_html
226 
							cp -r $src/* $out/public_html
227 
							cp ${../private/cryto-learn/config.json} $out/config.json
228 
						'';
229 
					}))
222 
					(nginxPresets.phpDisabled)
223 
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
224 
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
225 
					# 	name = "cryto-learn";
226 
					# 	src = ./sources/cryto-learn;
227
228 
					# 	installPhase = ''
229 
					# 		mkdir -p $out/public_html
230 
					# 		cp -r $src/* $out/public_html
231 
					# 		cp ${../private/cryto-learn/config.json} $out/config.json
232 
					# 	'';
233 
					# }))
230 234 
				];
231 235 
				"vps-list.cryto.net" = lib.mkMerge [
232 236 
					(nginxPresets.letsEncrypt)
233 
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
234 
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
235 
						name = "vps-list";
236 
						src = ./sources/vps-list;
237
238 
						installPhase = ''
239 
							mkdir -p $out/public_html
240 
							mkdir -p $out/public_html/cphp
241
242 
							cp -r $src/* $out/public_html
243 
							cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
244 
						'';
245 
					}))
237 
					(nginxPresets.phpDisabled)
238 
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
239 
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
240 
					# 	name = "vps-list";
241 
					# 	src = ./sources/vps-list;
242
243 
					# 	installPhase = ''
244 
					# 		mkdir -p $out/public_html
245 
					# 		mkdir -p $out/public_html/cphp
246
247 
					# 		cp -r $src/* $out/public_html
248 
					# 		cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
249 
					# 	'';
250 
					# }))
246 251 
				];
247 252 
				"iomfats.cryto.net" = lib.mkMerge [
248 253 
					(nginxPresets.letsEncrypt)
 
@ -263,37 +268,39 @@ in {
263 268 
			};
264 269 
		};
265 270
266 
		services.mysql = {
267 
			enable = true;
268 
			package = pkgs.mysql55;
269 
		};
271 
		# services.mysql = {
272 
		# 	enable = true;
273 
		# 	package = pkgs.mysql55;
274 
		# };
270 275
271 
		services.phpfpm = {
272 
			extraConfig = ''
273 
				log_level = notice
274 
			'';
275 
			phpPackage = pkgs1803.php56;
276 
			pools = {
277 
				main = {
278 
					listen = "/var/run/phpfpm-main.sock";
279 
					extraConfig = ''
280 
						user = nobody
281 
						listen.owner = nginx
282 
						listen.group = nginx
283 
						listen.mode = 0660
284
285 
						pm = dynamic
286 
						pm.max_children = 75
287 
						pm.start_servers = 10
288 
						pm.min_spare_servers = 5
289 
						pm.max_spare_servers = 20
290 
						pm.max_requests = 500
291
292 
						catch_workers_output = yes
293 
					'';
294 
				};
295 
			};
296 
		};
276 
		# services.phpfpm = {
277 
		# 	settings = {
278 
		# 		"log_level" = "notice";
279 
		# 	};
280
281 
		# 	phpPackage = pkgs1803.php56;
282
283 
		# 	pools = {
284 
		# 		main = {
285 
		# 			# listen = "/var/run/phpfpm-main.sock";
286 
		# 			user = "nobody";
287 
		# 			settings = {
288 
		# 				"listen.owner" = "nginx";
289 
		# 				"listen.group" = "nginx";
290 
		# 				"listen.mode" = 0660;
291
292 
		# 				"pm" = "dynamic";
293 
		# 				"pm.max_children" = 75;
294 
		# 				"pm.start_servers" = 10;
295 
		# 				"pm.min_spare_servers" = 5;
296 
		# 				"pm.max_spare_servers" = 20;
297 
		# 				"pm.max_requests" = 500;
298
299 
		# 				"catch_workers_output" = true;
300 
		# 			};
301 
		# 		};
302 
		# 	};
303 
		# };
297 304
298 305 
		users.extraUsers.mobile-proxy = {
299 306 
			description = "mobile-proxy Service User";

+ 10 - 2
configuration/presets/base.nix
View File 

@ -1,8 +1,11 @@
1 1 
{ pkgs, ... }:
2 2 
	{
3 
		console = {
4 
			font = "Lat2-Terminus16";
5 
			keyMap = "us";
6 
		};
7
3 8 
		i18n = {
4 
			consoleFont = "Lat2-Terminus16";
5 
			consoleKeyMap = "us";
6 9 
			defaultLocale = "en_US.UTF-8";
7 10 
		};
8 11 
@ -35,4 +38,9 @@
35 38 
			dates = "00:00";
36 39 
			options = "--delete-older-than 14d";
37 40 
		};
41
42 
		security.acme = {
43 
			acceptTerms = true;
44 
			email = "admin+certs@cryto.net";
45 
		};
38 46 
	}

+ 5 - 0
configuration/presets/nginx/php-disabled.nix
View File 

@ -0,0 +1,5 @@
1 
{
2 
	locations."/" = {
3 
		return = "503";
4 
	};
5 
}

+ 1 - 1
configuration/presets/nginx/php.nix
View File 

@ -6,7 +6,7 @@
6 6 
		locations."~ \.php$" = {
7 7 
			extraConfig = ''
8 8 
				fastcgi_split_path_info ^(.+\.php)(/.+)$;
9 
				fastcgi_pass unix:${config.services.phpfpm.pools.main.listen};
9 
				fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
10 10 
				fastcgi_index index.php;
11 11 
			'';
12 12 
		};

+ 5 - 2
data/dummy-configuration.nix
View File 

@ -9,9 +9,12 @@
9 9 
		boot.loader.grub.version = 2;
10 10 
		boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
11 11
12 
		console = {
13 
			font = "Lat2-Terminus16";
14 
			keyMap = "us";
15 
		};
16
12 17 
		i18n = {
13 
			consoleFont = "Lat2-Terminus16";
14 
			consoleKeyMap = "us";
15 18 
			defaultLocale = "en_US.UTF-8";
16 19 
		};
17 20