path:
/nixosModule.nix
2.08 KB | plain1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
{ options, config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.ctucx-things;
in {
options = {
services.ctucx-things = with lib; {
enable = mkEnableOption "ctucx-things - simple inventory management web-app";
nginx = {
enable = mkEnableOption "";
enableACME = mkEnableOption "";
domain = mkOption {
type = types.str;
};
};
package = mkOption {
type = types.package;
default = pkgs.ctucx-things;
};
user = mkOption {
type = types.str;
default = "ctucx-things";
};
group = mkOption {
type = types.str;
default = "ctucx-things";
};
storagePath = mkOption {
type = types.str;
default = "/var/lib/ctucx-things";
};
};
};
config = lib.mkIf cfg.enable {
users.groups."${cfg.group}" = {};
users.users."${cfg.user}" = {
isSystemUser = true;
home = cfg.storagePath;
createHome = true;
group = cfg.group;
};
services.phpfpm.pools.ctucx-things = {
user = cfg.user;
group = cfg.group;
phpEnv = {
THINGS_STORAGE_PATH = cfg.storagePath;
};
settings = {
pm = "dynamic";
"listen.owner" = config.services.nginx.user;
"pm.max_children" = 1;
"pm.start_servers" = 1;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 1;
"pm.max_requests" = 500;
};
};
services.nginx = lib.mkIf cfg.nginx.enable {
virtualHosts."${cfg.nginx.domain}" = {
enableACME = lib.mkIf cfg.nginx.enableACME true;
forceSSL = lib.mkIf cfg.nginx.enableACME true;
root = cfg.package;
locations = {
"/".index = "index.php";
"/".tryFiles = "$uri $uri/ /index.php";
"~ \.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.ctucx-things.socket};
fastcgi_index index.php;
'';
};
};
};
};
}