joepie91/morph-rc
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Disable PHP, upgrade to NixOS 20.03

Browse source
This commit is contained in:
Sven Slootweg 2020-04-26 01:11:24 +02:00
parent ecb2ad9189
commit 1096e8dc79
5 changed files with 110 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

171
configuration/default.nix
View file

@ -13,15 +13,16 @@ let
})
];
};
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions);
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions);
pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions);
presets = {
base = (import ./presets/base.nix);
kvm = (import ./presets/kvm.nix);
};
nginxPresets = {
php = (import ./presets/nginx/php.nix);
cphpApplication = (import ./presets/nginx/cphp-application.nix);
# php = (import ./presets/nginx/php.nix);
phpDisabled = (import ./presets/nginx/php-disabled.nix);
# cphpApplication = (import ./presets/nginx/cphp-application.nix);
reverseProxy = (import ./presets/nginx/reverse-proxy.nix);
letsEncrypt = (import ./presets/nginx/lets-encrypt.nix);
};
@ -114,10 +115,10 @@ in {
in lib.mkMerge [
(httpHosts [
# "haless.cryto.net"
"todo.cryto.net"
"books.cryto.net"
"learn.cryto.net"
"vps-list.cryto.net"
# "todo.cryto.net"
# "books.cryto.net"
# "learn.cryto.net"
# "vps-list.cryto.net"
"iomfats.cryto.net"
"castleroland.cryto.net"
"awesomedude.cryto.net"
@ -126,8 +127,8 @@ in {
])
(httpsHosts [
# "haless.cryto.net"
"books.cryto.net"
"vps-list.cryto.net"
# "books.cryto.net"
# "vps-list.cryto.net"
"iomfats.cryto.net"
"castleroland.cryto.net"
"awesomedude.cryto.net"
@ -178,71 +179,75 @@ in {
"haless.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
{
locations."/shadow" = {
locations."/shadow/" = {
alias = ./sources/shadow-generator;
};
locations."/knex-mirror" = {
locations."/knex-mirror/" = {
alias = ./sources/knex-mirror;
};
}
];
"books.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
{
root = pkgs.stdenv.mkDerivation {
name = "cryto-books";
src = ./sources/cryto-books;
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# {
# root = pkgs.stdenv.mkDerivation {
# name = "cryto-books";
# src = ./sources/cryto-books;
installPhase = ''
mkdir -p $out/
cp -r $src/* $out/
cp ${../private/cryto-books/credentials.php} $out/credentials.php
'';
};
}
# installPhase = ''
# mkdir -p $out/
# cp -r $src/* $out/
# cp ${../private/cryto-books/credentials.php} $out/credentials.php
# '';
# };
# }
];
"todo.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "cryto-todo";
src = ./sources/cryto-todo;
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "cryto-todo";
# src = ./sources/cryto-todo;
installPhase = ''
mkdir -p $out/public_html
cp -r $src/* $out/public_html
cp ${../private/cryto-todo/config.json} $out/config.json
'';
}))
# installPhase = ''
# mkdir -p $out/public_html
# cp -r $src/* $out/public_html
# cp ${../private/cryto-todo/config.json} $out/config.json
# '';
# }))
];
"learn.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "cryto-learn";
src = ./sources/cryto-learn;
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "cryto-learn";
# src = ./sources/cryto-learn;
installPhase = ''
mkdir -p $out/public_html
cp -r $src/* $out/public_html
cp ${../private/cryto-learn/config.json} $out/config.json
'';
}))
# installPhase = ''
# mkdir -p $out/public_html
# cp -r $src/* $out/public_html
# cp ${../private/cryto-learn/config.json} $out/config.json
# '';
# }))
];
"vps-list.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
name = "vps-list";
src = ./sources/vps-list;
(nginxPresets.phpDisabled)
# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
# name = "vps-list";
# src = ./sources/vps-list;
installPhase = ''
mkdir -p $out/public_html
mkdir -p $out/public_html/cphp
# installPhase = ''
# mkdir -p $out/public_html
# mkdir -p $out/public_html/cphp
cp -r $src/* $out/public_html
cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
'';
}))
# cp -r $src/* $out/public_html
# cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
# '';
# }))
];
"iomfats.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt)
@ -263,37 +268,39 @@ in {
};
};
services.mysql = {
enable = true;
package = pkgs.mysql55;
};
# services.mysql = {
# enable = true;
# package = pkgs.mysql55;
# };
services.phpfpm = {
extraConfig = ''
log_level = notice
'';
phpPackage = pkgs1803.php56;
pools = {
main = {
listen = "/var/run/phpfpm-main.sock";
extraConfig = ''
user = nobody
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
# services.phpfpm = {
# settings = {
# "log_level" = "notice";
# };
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
# phpPackage = pkgs1803.php56;
catch_workers_output = yes
'';
};
};
};
# pools = {
# main = {
# # listen = "/var/run/phpfpm-main.sock";
# user = "nobody";
# settings = {
# "listen.owner" = "nginx";
# "listen.group" = "nginx";
# "listen.mode" = 0660;
# "pm" = "dynamic";
# "pm.max_children" = 75;
# "pm.start_servers" = 10;
# "pm.min_spare_servers" = 5;
# "pm.max_spare_servers" = 20;
# "pm.max_requests" = 500;
# "catch_workers_output" = true;
# };
# };
# };
# };
users.extraUsers.mobile-proxy = {
description = "mobile-proxy Service User";

12
configuration/presets/base.nix
View file

@ -1,8 +1,11 @@
{ pkgs, ... }:
{
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
@ -35,4 +38,9 @@
dates = "00:00";
options = "--delete-older-than 14d";
};
security.acme = {
acceptTerms = true;
email = "admin+certs@cryto.net";
};
}

5
configuration/presets/nginx/php-disabled.nix Normal file
View file

@ -0,0 +1,5 @@
{
locations."/" = {
return = "503";
};
}

2
configuration/presets/nginx/php.nix
View file

@ -6,7 +6,7 @@
locations."~ \.php$" = {
extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.main.listen};
fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
fastcgi_index index.php;
'';
};

7
data/dummy-configuration.nix
View file

@ -9,9 +9,12 @@
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};