Browse Source

Disable PHP, upgrade to NixOS 20.03

Sven Slootweg 5 months ago
parent
commit
1096e8dc79

+ 96 - 89
configuration/default.nix

@ -13,15 +13,16 @@ let
13 13
			})
14 14
		];
15 15
	};
16
	pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions);
16
	pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions);
17 17
	pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions);
18 18
	presets = {
19 19
		base = (import ./presets/base.nix);
20 20
		kvm = (import ./presets/kvm.nix);
21 21
	};
22 22
	nginxPresets = {
23
		php = (import ./presets/nginx/php.nix);
24
		cphpApplication = (import ./presets/nginx/cphp-application.nix);
23
		# php = (import ./presets/nginx/php.nix);
24
		phpDisabled = (import ./presets/nginx/php-disabled.nix);
25
		# cphpApplication = (import ./presets/nginx/cphp-application.nix);
25 26
		reverseProxy = (import ./presets/nginx/reverse-proxy.nix);
26 27
		letsEncrypt = (import ./presets/nginx/lets-encrypt.nix);
27 28
	};
@ -114,10 +115,10 @@ in {
114 115
		in lib.mkMerge [
115 116
			(httpHosts [
116 117
				# "haless.cryto.net"
117
				"todo.cryto.net"
118
				"books.cryto.net"
119
				"learn.cryto.net"
120
				"vps-list.cryto.net"
118
				# "todo.cryto.net"
119
				# "books.cryto.net"
120
				# "learn.cryto.net"
121
				# "vps-list.cryto.net"
121 122
				"iomfats.cryto.net"
122 123
				"castleroland.cryto.net"
123 124
				"awesomedude.cryto.net"
@ -126,8 +127,8 @@ in {
126 127
			])
127 128
			(httpsHosts [
128 129
				# "haless.cryto.net"
129
				"books.cryto.net"
130
				"vps-list.cryto.net"
130
				# "books.cryto.net"
131
				# "vps-list.cryto.net"
131 132
				"iomfats.cryto.net"
132 133
				"castleroland.cryto.net"
133 134
				"awesomedude.cryto.net"
@ -178,71 +179,75 @@ in {
178 179
				"haless.cryto.net" = lib.mkMerge [
179 180
					(nginxPresets.letsEncrypt)
180 181
					{
181
						locations."/shadow" = {
182
						locations."/shadow/" = {
182 183
							alias = ./sources/shadow-generator;
183 184
						};
184
						locations."/knex-mirror" = {
185
						locations."/knex-mirror/" = {
185 186
							alias = ./sources/knex-mirror;
186 187
						};
187 188
					}
188 189
				];
189 190
				"books.cryto.net" = lib.mkMerge [
190 191
					(nginxPresets.letsEncrypt)
191
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
192
					{
193
						root = pkgs.stdenv.mkDerivation {
194
							name = "cryto-books";
195
							src = ./sources/cryto-books;
196
197
							installPhase = ''
198
								mkdir -p $out/
199
								cp -r $src/* $out/
200
								cp ${../private/cryto-books/credentials.php} $out/credentials.php
201
							'';
202
						};
203
					}
192
					(nginxPresets.phpDisabled)
193
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
194
					# {
195
					# 	root = pkgs.stdenv.mkDerivation {
196
					# 		name = "cryto-books";
197
					# 		src = ./sources/cryto-books;
198
199
					# 		installPhase = ''
200
					# 			mkdir -p $out/
201
					# 			cp -r $src/* $out/
202
					# 			cp ${../private/cryto-books/credentials.php} $out/credentials.php
203
					# 		'';
204
					# 	};
205
					# }
204 206
				];
205 207
				"todo.cryto.net" = lib.mkMerge [
206
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
207
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
208
						name = "cryto-todo";
209
						src = ./sources/cryto-todo;
210
211
						installPhase = ''
212
							mkdir -p $out/public_html
213
							cp -r $src/* $out/public_html
214
							cp ${../private/cryto-todo/config.json} $out/config.json
215
						'';
216
					}))
208
					(nginxPresets.phpDisabled)
209
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
210
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
211
					# 	name = "cryto-todo";
212
					# 	src = ./sources/cryto-todo;
213
214
					# 	installPhase = ''
215
					# 		mkdir -p $out/public_html
216
					# 		cp -r $src/* $out/public_html
217
					# 		cp ${../private/cryto-todo/config.json} $out/config.json
218
					# 	'';
219
					# }))
217 220
				];
218 221
				"learn.cryto.net" = lib.mkMerge [
219
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
220
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
221
						name = "cryto-learn";
222
						src = ./sources/cryto-learn;
223
224
						installPhase = ''
225
							mkdir -p $out/public_html
226
							cp -r $src/* $out/public_html
227
							cp ${../private/cryto-learn/config.json} $out/config.json
228
						'';
229
					}))
222
					(nginxPresets.phpDisabled)
223
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
224
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
225
					# 	name = "cryto-learn";
226
					# 	src = ./sources/cryto-learn;
227
228
					# 	installPhase = ''
229
					# 		mkdir -p $out/public_html
230
					# 		cp -r $src/* $out/public_html
231
					# 		cp ${../private/cryto-learn/config.json} $out/config.json
232
					# 	'';
233
					# }))
230 234
				];
231 235
				"vps-list.cryto.net" = lib.mkMerge [
232 236
					(nginxPresets.letsEncrypt)
233
					(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
234
					(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
235
						name = "vps-list";
236
						src = ./sources/vps-list;
237
238
						installPhase = ''
239
							mkdir -p $out/public_html
240
							mkdir -p $out/public_html/cphp
241
242
							cp -r $src/* $out/public_html
243
							cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
244
						'';
245
					}))
237
					(nginxPresets.phpDisabled)
238
					# (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
239
					# (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
240
					# 	name = "vps-list";
241
					# 	src = ./sources/vps-list;
242
243
					# 	installPhase = ''
244
					# 		mkdir -p $out/public_html
245
					# 		mkdir -p $out/public_html/cphp
246
247
					# 		cp -r $src/* $out/public_html
248
					# 		cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
249
					# 	'';
250
					# }))
246 251
				];
247 252
				"iomfats.cryto.net" = lib.mkMerge [
248 253
					(nginxPresets.letsEncrypt)
@ -263,37 +268,39 @@ in {
263 268
			};
264 269
		};
265 270
266
		services.mysql = {
267
			enable = true;
268
			package = pkgs.mysql55;
269
		};
271
		# services.mysql = {
272
		# 	enable = true;
273
		# 	package = pkgs.mysql55;
274
		# };
270 275
271
		services.phpfpm = {
272
			extraConfig = ''
273
				log_level = notice
274
			'';
275
			phpPackage = pkgs1803.php56;
276
			pools = {
277
				main = {
278
					listen = "/var/run/phpfpm-main.sock";
279
					extraConfig = ''
280
						user = nobody
281
						listen.owner = nginx
282
						listen.group = nginx
283
						listen.mode = 0660
284
285
						pm = dynamic
286
						pm.max_children = 75
287
						pm.start_servers = 10
288
						pm.min_spare_servers = 5
289
						pm.max_spare_servers = 20
290
						pm.max_requests = 500
291
292
						catch_workers_output = yes
293
					'';
294
				};
295
			};
296
		};
276
		# services.phpfpm = {
277
		# 	settings = {
278
		# 		"log_level" = "notice";
279
		# 	};
280
281
		# 	phpPackage = pkgs1803.php56;
282
283
		# 	pools = {
284
		# 		main = {
285
		# 			# listen = "/var/run/phpfpm-main.sock";
286
		# 			user = "nobody";
287
		# 			settings = {
288
		# 				"listen.owner" = "nginx";
289
		# 				"listen.group" = "nginx";
290
		# 				"listen.mode" = 0660;
291
292
		# 				"pm" = "dynamic";
293
		# 				"pm.max_children" = 75;
294
		# 				"pm.start_servers" = 10;
295
		# 				"pm.min_spare_servers" = 5;
296
		# 				"pm.max_spare_servers" = 20;
297
		# 				"pm.max_requests" = 500;
298
299
		# 				"catch_workers_output" = true;
300
		# 			};
301
		# 		};
302
		# 	};
303
		# };
297 304
298 305
		users.extraUsers.mobile-proxy = {
299 306
			description = "mobile-proxy Service User";

+ 10 - 2
configuration/presets/base.nix

@ -1,8 +1,11 @@
1 1
{ pkgs, ... }:
2 2
	{
3
		console = {
4
			font = "Lat2-Terminus16";
5
			keyMap = "us";
6
		};
7
3 8
		i18n = {
4
			consoleFont = "Lat2-Terminus16";
5
			consoleKeyMap = "us";
6 9
			defaultLocale = "en_US.UTF-8";
7 10
		};
8 11
@ -35,4 +38,9 @@
35 38
			dates = "00:00";
36 39
			options = "--delete-older-than 14d";
37 40
		};
41
42
		security.acme = {
43
			acceptTerms = true;
44
			email = "admin+certs@cryto.net";
45
		};
38 46
	}

+ 5 - 0
configuration/presets/nginx/php-disabled.nix

@ -0,0 +1,5 @@
1
{
2
	locations."/" = {
3
		return = "503";
4
	};
5
}

+ 1 - 1
configuration/presets/nginx/php.nix

@ -6,7 +6,7 @@
6 6
		locations."~ \.php$" = {
7 7
			extraConfig = ''
8 8
				fastcgi_split_path_info ^(.+\.php)(/.+)$;
9
				fastcgi_pass unix:${config.services.phpfpm.pools.main.listen};
9
				fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
10 10
				fastcgi_index index.php;
11 11
			'';
12 12
		};

+ 5 - 2
data/dummy-configuration.nix

@ -9,9 +9,12 @@
9 9
		boot.loader.grub.version = 2;
10 10
		boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
11 11
12
		console = {
13
			font = "Lat2-Terminus16";
14
			keyMap = "us";
15
		};
16
12 17
		i18n = {
13
			consoleFont = "Lat2-Terminus16";
14
			consoleKeyMap = "us";
15 18
			defaultLocale = "en_US.UTF-8";
16 19
		};
17 20