Disable PHP, upgrade to NixOS 20.03

master
Sven Slootweg 4 years ago
parent ecb2ad9189
commit 1096e8dc79

@ -13,15 +13,16 @@ let
}) })
]; ];
}; };
pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz") nixpkgsOptions); pkgs = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-20.03.tar.gz") nixpkgsOptions);
pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions); pkgs1803 = (import (fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz") nixpkgsOptions);
presets = { presets = {
base = (import ./presets/base.nix); base = (import ./presets/base.nix);
kvm = (import ./presets/kvm.nix); kvm = (import ./presets/kvm.nix);
}; };
nginxPresets = { nginxPresets = {
php = (import ./presets/nginx/php.nix); # php = (import ./presets/nginx/php.nix);
cphpApplication = (import ./presets/nginx/cphp-application.nix); phpDisabled = (import ./presets/nginx/php-disabled.nix);
# cphpApplication = (import ./presets/nginx/cphp-application.nix);
reverseProxy = (import ./presets/nginx/reverse-proxy.nix); reverseProxy = (import ./presets/nginx/reverse-proxy.nix);
letsEncrypt = (import ./presets/nginx/lets-encrypt.nix); letsEncrypt = (import ./presets/nginx/lets-encrypt.nix);
}; };
@ -114,10 +115,10 @@ in {
in lib.mkMerge [ in lib.mkMerge [
(httpHosts [ (httpHosts [
# "haless.cryto.net" # "haless.cryto.net"
"todo.cryto.net" # "todo.cryto.net"
"books.cryto.net" # "books.cryto.net"
"learn.cryto.net" # "learn.cryto.net"
"vps-list.cryto.net" # "vps-list.cryto.net"
"iomfats.cryto.net" "iomfats.cryto.net"
"castleroland.cryto.net" "castleroland.cryto.net"
"awesomedude.cryto.net" "awesomedude.cryto.net"
@ -126,8 +127,8 @@ in {
]) ])
(httpsHosts [ (httpsHosts [
# "haless.cryto.net" # "haless.cryto.net"
"books.cryto.net" # "books.cryto.net"
"vps-list.cryto.net" # "vps-list.cryto.net"
"iomfats.cryto.net" "iomfats.cryto.net"
"castleroland.cryto.net" "castleroland.cryto.net"
"awesomedude.cryto.net" "awesomedude.cryto.net"
@ -178,71 +179,75 @@ in {
"haless.cryto.net" = lib.mkMerge [ "haless.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt) (nginxPresets.letsEncrypt)
{ {
locations."/shadow" = { locations."/shadow/" = {
alias = ./sources/shadow-generator; alias = ./sources/shadow-generator;
}; };
locations."/knex-mirror" = { locations."/knex-mirror/" = {
alias = ./sources/knex-mirror; alias = ./sources/knex-mirror;
}; };
} }
]; ];
"books.cryto.net" = lib.mkMerge [ "books.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt) (nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ (nginxPresets.phpDisabled)
{ # (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
root = pkgs.stdenv.mkDerivation { # {
name = "cryto-books"; # root = pkgs.stdenv.mkDerivation {
src = ./sources/cryto-books; # name = "cryto-books";
# src = ./sources/cryto-books;
installPhase = ''
mkdir -p $out/ # installPhase = ''
cp -r $src/* $out/ # mkdir -p $out/
cp ${../private/cryto-books/credentials.php} $out/credentials.php # cp -r $src/* $out/
''; # cp ${../private/cryto-books/credentials.php} $out/credentials.php
}; # '';
} # };
# }
]; ];
"todo.cryto.net" = lib.mkMerge [ "todo.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ (nginxPresets.phpDisabled)
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { # (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
name = "cryto-todo"; # (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
src = ./sources/cryto-todo; # name = "cryto-todo";
# src = ./sources/cryto-todo;
installPhase = ''
mkdir -p $out/public_html # installPhase = ''
cp -r $src/* $out/public_html # mkdir -p $out/public_html
cp ${../private/cryto-todo/config.json} $out/config.json # cp -r $src/* $out/public_html
''; # cp ${../private/cryto-todo/config.json} $out/config.json
})) # '';
# }))
]; ];
"learn.cryto.net" = lib.mkMerge [ "learn.cryto.net" = lib.mkMerge [
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ (nginxPresets.phpDisabled)
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { # (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
name = "cryto-learn"; # (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
src = ./sources/cryto-learn; # name = "cryto-learn";
# src = ./sources/cryto-learn;
installPhase = ''
mkdir -p $out/public_html # installPhase = ''
cp -r $src/* $out/public_html # mkdir -p $out/public_html
cp ${../private/cryto-learn/config.json} $out/config.json # cp -r $src/* $out/public_html
''; # cp ${../private/cryto-learn/config.json} $out/config.json
})) # '';
# }))
]; ];
"vps-list.cryto.net" = lib.mkMerge [ "vps-list.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt) (nginxPresets.letsEncrypt)
(nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */ (nginxPresets.phpDisabled)
(nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation { # (nginxPresets.php args) /* Temporary hack until I can figure out the mkMerge evaluation order issue */
name = "vps-list"; # (nginxPresets.cphpApplication (pkgs.stdenv.mkDerivation {
src = ./sources/vps-list; # name = "vps-list";
# src = ./sources/vps-list;
installPhase = ''
mkdir -p $out/public_html # installPhase = ''
mkdir -p $out/public_html/cphp # mkdir -p $out/public_html
# mkdir -p $out/public_html/cphp
cp -r $src/* $out/public_html
cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php # cp -r $src/* $out/public_html
''; # cp ${../private/vps-list/config.php} $out/public_html/cphp/config.php
})) # '';
# }))
]; ];
"iomfats.cryto.net" = lib.mkMerge [ "iomfats.cryto.net" = lib.mkMerge [
(nginxPresets.letsEncrypt) (nginxPresets.letsEncrypt)
@ -263,37 +268,39 @@ in {
}; };
}; };
services.mysql = { # services.mysql = {
enable = true; # enable = true;
package = pkgs.mysql55; # package = pkgs.mysql55;
}; # };
services.phpfpm = { # services.phpfpm = {
extraConfig = '' # settings = {
log_level = notice # "log_level" = "notice";
''; # };
phpPackage = pkgs1803.php56;
pools = { # phpPackage = pkgs1803.php56;
main = {
listen = "/var/run/phpfpm-main.sock"; # pools = {
extraConfig = '' # main = {
user = nobody # # listen = "/var/run/phpfpm-main.sock";
listen.owner = nginx # user = "nobody";
listen.group = nginx # settings = {
listen.mode = 0660 # "listen.owner" = "nginx";
# "listen.group" = "nginx";
pm = dynamic # "listen.mode" = 0660;
pm.max_children = 75
pm.start_servers = 10 # "pm" = "dynamic";
pm.min_spare_servers = 5 # "pm.max_children" = 75;
pm.max_spare_servers = 20 # "pm.start_servers" = 10;
pm.max_requests = 500 # "pm.min_spare_servers" = 5;
# "pm.max_spare_servers" = 20;
catch_workers_output = yes # "pm.max_requests" = 500;
'';
}; # "catch_workers_output" = true;
}; # };
}; # };
# };
# };
users.extraUsers.mobile-proxy = { users.extraUsers.mobile-proxy = {
description = "mobile-proxy Service User"; description = "mobile-proxy Service User";

@ -1,8 +1,11 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
i18n = { i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8"; defaultLocale = "en_US.UTF-8";
}; };
@ -35,4 +38,9 @@
dates = "00:00"; dates = "00:00";
options = "--delete-older-than 14d"; options = "--delete-older-than 14d";
}; };
security.acme = {
acceptTerms = true;
email = "admin+certs@cryto.net";
};
} }

@ -0,0 +1,5 @@
{
locations."/" = {
return = "503";
};
}

@ -6,7 +6,7 @@
locations."~ \.php$" = { locations."~ \.php$" = {
extraConfig = '' extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.main.listen}; fastcgi_pass unix:${config.services.phpfpm.pools.main.socket};
fastcgi_index index.php; fastcgi_index index.php;
''; '';
}; };

@ -9,9 +9,12 @@
boot.loader.grub.version = 2; boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
i18n = { i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8"; defaultLocale = "en_US.UTF-8";
}; };

Loading…
Cancel
Save