142 lines
4.0 KiB
Nix
142 lines
4.0 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
common-name = "baikal";
|
|
cfg = config.services.baikal;
|
|
in
|
|
{
|
|
meta.maintainers = [ lib.maintainers.wrvsrx ];
|
|
options = {
|
|
services.baikal = {
|
|
enable = lib.mkEnableOption "baikal";
|
|
user = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = common-name;
|
|
description = ''
|
|
User account under which the web-application run.
|
|
'';
|
|
};
|
|
group = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = common-name;
|
|
description = ''
|
|
Group account under which the web-application run.
|
|
'';
|
|
};
|
|
pool = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = common-name;
|
|
description = ''
|
|
Name of existing phpfpm pool that is used to run web-application.
|
|
If not specified a pool will be created automatically with
|
|
default values.
|
|
'';
|
|
};
|
|
virtualHost = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.str;
|
|
default = common-name;
|
|
description = ''
|
|
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
|
|
'';
|
|
};
|
|
phpPackage = lib.mkOption {
|
|
type = lib.types.package;
|
|
default = pkgs.php;
|
|
defaultText = "pkgs.php";
|
|
description = ''
|
|
php package to use for php fpm daemon.
|
|
'';
|
|
};
|
|
package = lib.mkOption {
|
|
type = lib.types.package;
|
|
default = pkgs.baikal;
|
|
defaultText = "pkgs.baikal";
|
|
description = ''
|
|
Baikal package to use.
|
|
'';
|
|
};
|
|
|
|
};
|
|
};
|
|
config = lib.mkIf cfg.enable {
|
|
services.phpfpm.pools = lib.mkIf (cfg.pool == "${common-name}") {
|
|
${common-name} = {
|
|
inherit (cfg) user phpPackage;
|
|
phpEnv = {
|
|
"BAIKAL_PATH_CONFIG" = "/var/lib/baikal/config/";
|
|
"BAIKAL_PATH_SPECIFIC" = "/var/lib/baikal/specific/";
|
|
};
|
|
settings = lib.mapAttrs (name: lib.mkDefault) {
|
|
"listen.owner" = "nginx";
|
|
"listen.group" = "nginx";
|
|
"listen.mode" = "0600";
|
|
"pm" = "dynamic";
|
|
"pm.max_children" = 75;
|
|
"pm.start_servers" = 1;
|
|
"pm.min_spare_servers" = 1;
|
|
"pm.max_spare_servers" = 4;
|
|
"pm.max_requests" = 500;
|
|
"pm.process_idle_timeout" = 30;
|
|
"catch_workers_output" = 1;
|
|
};
|
|
};
|
|
};
|
|
services.nginx = lib.mkIf (cfg.virtualHost != null) {
|
|
enable = true;
|
|
virtualHosts."${cfg.virtualHost}" = {
|
|
root = "${cfg.package}/share/php/baikal/html";
|
|
locations = {
|
|
"/" = {
|
|
index = "index.php";
|
|
};
|
|
"/.well-known/".extraConfig = ''
|
|
rewrite ^/.well-known/caldav /dav.php redirect;
|
|
rewrite ^/.well-known/carddav /dav.php redirect;
|
|
'';
|
|
"~ /(\.ht|Core|Specific|config)".extraConfig = ''
|
|
deny all;
|
|
return 404;
|
|
'';
|
|
"~ ^(.+\.php)(.*)$".extraConfig = ''
|
|
try_files $fastcgi_script_name =404;
|
|
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
|
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
|
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket};
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
users.users.${cfg.user} = lib.mkIf (cfg.user == common-name) {
|
|
description = "baikal service user";
|
|
isSystemUser = true;
|
|
inherit (cfg) group;
|
|
};
|
|
|
|
users.groups.${cfg.group} = lib.mkIf (cfg.group == common-name) { };
|
|
|
|
systemd.tmpfiles.settings."baikal" = builtins.listToAttrs (
|
|
map
|
|
(x: {
|
|
name = "/var/lib/baikal/${x}";
|
|
value.d = {
|
|
mode = "0700";
|
|
inherit (cfg) user group;
|
|
};
|
|
})
|
|
[
|
|
"config"
|
|
"specific"
|
|
"specific/db"
|
|
]
|
|
);
|
|
};
|
|
}
|