Browse Source

Disable PHP, upgrade to NixOS 20.03

master
Sven Slootweg 8 months ago
parent
commit
1096e8dc79
5 changed files with 117 additions and 94 deletions
  1. +96
    -89
      configuration/default.nix
  2. +10
    -2
      configuration/presets/base.nix
  3. +5
    -0
      configuration/presets/nginx/php-disabled.nix
  4. +1
    -1
      configuration/presets/nginx/php.nix
  5. +5
    -2
      data/dummy-configuration.nix

+ 96
- 89
configuration/default.nix View File

@@ -13,15 +13,16 @@ let
})
];
};
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions);
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions);
pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions);
presets = {
base = (import ./presets/base.nix);
kvm = (import ./presets/kvm.nix);
};
nginxPresets = {
php = (import ./presets/nginx/php.nix);
cphpApplication = (import ./presets/nginx/cphp-application.nix);
# php = (import ./presets/nginx/php.nix);
phpDisabled = (import ./presets/nginx/php-disabled.nix);
# cphpApplication = (import ./presets/nginx/cphp-application.nix);
reverseProxy = (import ./presets/nginx/reverse-proxy.nix);
letsEncrypt = (import ./presets/nginx/lets-encrypt.nix);
};
@@ -114,10 +115,10 @@ in {
in lib.mkMerge [
(httpHosts [
# "haless.cryto.net"
"todo.cryto.net"
"books.cryto.net"
"learn.cryto.net"
"vps-list.cryto.net"
# "todo.cryto.net"
# "books.cryto.net"
# "learn.cryto.net"
# "vps-list.cryto.net"
"iomfats.cryto.net"
"castleroland.cryto.net"
"awesomedude.cryto.net"
@@ -126,8 +127,8 @@ in {
])
(httpsHosts [
# "haless.cryto.net"
"books.cryto.net"
"vps-list.cryto.net"
# "books.cryto.net"
# "vps-list.cryto.net"
"iomfats.cryto.net"
"castleroland.cryto.net"
"awesomedude.cryto.net"
@@ -178,71 +179,75 @@ in {
"haless.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
{
locations."/shadow" = {
locations."/shadow/" = {
alias = ./sources/shadow-generator;
};
locations."/knex-mirror" = {
locations."/knex-mirror/" = {
alias = ./sources/knex-mirror;
};
}
];
"books.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
{
root = pkgs.stdenv.mkDerivation {
name = "cryto-books";
src = ./sources/cryto-books;

installPhase = ''
mkdir -p $out/
cp -r $src/* $out/
cp ${../private/cryto-books/credentials.php} $out/credentials.php
'';
};
}
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# {
# root = pkgs.stdenv.mkDerivation {
# name = "cryto-books";
# src = ./sources/cryto-books;

# installPhase = ''
# mkdir -p $out/
# cp -r $src/* $out/
# cp ${../private/cryto-books/credentials.php} $out/credentials.php
# '';
# };
# }
];
"todo.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "cryto-todo";
src = ./sources/cryto-todo;

installPhase = ''
mkdir -p $out/public_html
cp -r $src/* $out/public_html
cp ${../private/cryto-todo/config.json} $out/config.json
'';
}))
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "cryto-todo";
# src = ./sources/cryto-todo;

# installPhase = ''
# mkdir -p $out/public_html
# cp -r $src/* $out/public_html
# cp ${../private/cryto-todo/config.json} $out/config.json
# '';
# }))
];
"learn.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "cryto-learn";
src = ./sources/cryto-learn;

installPhase = ''
mkdir -p $out/public_html
cp -r $src/* $out/public_html
cp ${../private/cryto-learn/config.json} $out/config.json
'';
}))
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "cryto-learn";
# src = ./sources/cryto-learn;

# installPhase = ''
# mkdir -p $out/public_html
# cp -r $src/* $out/public_html
# cp ${../private/cryto-learn/config.json} $out/config.json
# '';
# }))
];
"vps-list.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "vps-list";
src = ./sources/vps-list;

installPhase = ''
mkdir -p $out/public_html
mkdir -p $out/public_html/cphp

cp -r $src/* $out/public_html
cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
'';
}))
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "vps-list";
# src = ./sources/vps-list;

# installPhase = ''
# mkdir -p $out/public_html
# mkdir -p $out/public_html/cphp

# cp -r $src/* $out/public_html
# cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
# '';
# }))
];
"iomfats.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
@@ -263,37 +268,39 @@ in {
};
};

services.mysql = {
enable = true;
package = pkgs.mysql55;
};
# services.mysql = {
# enable = true;
# package = pkgs.mysql55;
# };

services.phpfpm = {
extraConfig = ''
log_level = notice
'';
phpPackage = pkgs1803.php56;
pools = {
main = {
listen = "/var/run/phpfpm-main.sock";
extraConfig = ''
user = nobody
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500

catch_workers_output = yes
'';
};
};
};
# services.phpfpm = {
# settings = {
# "log_level" = "notice";
# };

# phpPackage = pkgs1803.php56;

# pools = {
# main = {
# # listen = "/var/run/phpfpm-main.sock";
# user = "nobody";
# settings = {
# "listen.owner" = "nginx";
# "listen.group" = "nginx";
# "listen.mode" = 0660;

# "pm" = "dynamic";
# "pm.max_children" = 75;
# "pm.start_servers" = 10;
# "pm.min_spare_servers" = 5;
# "pm.max_spare_servers" = 20;
# "pm.max_requests" = 500;

# "catch_workers_output" = true;
# };
# };
# };
# };

users.extraUsers.mobile-proxy = {
description = "mobile-proxy Service User";


+ 10
- 2
configuration/presets/base.nix View File

@@ -1,8 +1,11 @@
{ pkgs, ... }:
{
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};

i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};

@@ -35,4 +38,9 @@
dates = "00:00";
options = "--delete-older-than 14d";
};

security.acme = {
acceptTerms = true;
email = "admin+certs@cryto.net";
};
}

+ 5
- 0
configuration/presets/nginx/php-disabled.nix View File

@@ -0,0 +1,5 @@
{
locations."/" = {
return = "503";
};
}

+ 1
- 1
configuration/presets/nginx/php.nix View File

@@ -6,7 +6,7 @@
locations."~ \.php$" = {
extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.main.listen};
fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
fastcgi_index index.php;
'';
};


+ 5
- 2
data/dummy-configuration.nix View File

@@ -9,9 +9,12 @@
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only

console = {
font = "Lat2-Terminus16";
keyMap = "us";
};

i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};



Loading…
Cancel
Save