ctucx.git: nixfiles

machines/websites/things.home.ctu.cx: use nixosModules from flake

diff --git a/flake.lock b/flake.lock
@@ -97,11 +97,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1684173595,
-        "narHash": "sha256-oKQiy18kXFNH564k2InmPEDjug/y1dtXDOpdwh5Sg+M=",
+        "lastModified": 1686768224,
+        "narHash": "sha256-nf/b+YP9aWQ66EmAWUeI3xlAPijWgmo9X1A9vfRvxQg=",
         "ref": "main",
-        "rev": "71e9e3b4feb9f691bd2670086c69ad2cb862eeb4",
-        "revCount": 4,
+        "rev": "7e5e220348e8ab834f4791472d4dc4f181c7c9e4",
+        "revCount": 5,
         "type": "git",
         "url": "https://git.ctu.cx/ctucx.things"
       },

diff --git a/machines/briefkasten/websites/things.home.ctu.cx.nix b/machines/briefkasten/websites/things.home.ctu.cx.nix
@@ -1,7 +1,11 @@
-{ config, pkgs, lib, ... }:
+{ inputs, config, pkgs, lib, ... }:
 
 {
 
+  imports = [
+    inputs.ctucx-things.nixosModule
+  ];
+
   dns.zones."ctu.cx".subdomains."things.home".CNAME = lib.mkIf config.networking.usePBBUplink [ "${config.networking.fqdn}." ];
 
   age.secrets.restic-ctucx-things.file = ./. + "/../../../secrets/${config.networking.hostName}/restic/ctucx-things.age";

@@ -12,50 +16,12 @@
     paths           = [ "/var/lib/ctucx-things" ];
   };
 
-
-  users.users.ctucx-things = {
-    isSystemUser = true;
-    home = "/var/lib/ctucx-things";
-    createHome = true;
-    group = config.services.nginx.group;
-  };
-
-  services = {
-    phpfpm.pools.ctucx-things  = {
-      user  = "ctucx-things";
-      group = config.services.nginx.group;
-      phpEnv = {
-        THINGS_STORAGE_PATH = "/var/lib/ctucx-things";
-      };
-      settings = {
-        pm                     = "dynamic";
-        "listen.owner"         = config.services.nginx.user;
-        "pm.max_children"      = 1;
-        "pm.start_servers"     = 1;
-        "pm.min_spare_servers" = 1;
-        "pm.max_spare_servers" = 1;
-        "pm.max_requests"      = 500;
-      };
-    };
-
-    nginx = {
-      enable = true;
-      virtualHosts."things.home.ctu.cx" = {
-        enableACME = lib.mkIf config.networking.usePBBUplink true;
-        forceSSL   = lib.mkIf config.networking.usePBBUplink true;
-        kTLS       = lib.mkIf config.networking.usePBBUplink true;
-        root       = pkgs.ctucx-things;
-        locations  = {
-          "/".index              = "index.php index.html";
-          "/".tryFiles           = "$uri $uri/ /index.php";
-          "~ \.php$".extraConfig = ''
-            fastcgi_pass  unix:${config.services.phpfpm.pools.ctucx-things.socket};
-            fastcgi_index index.php;
-          '';
-        };
-      };
-    };
-
+  services.ctucx-things = {
+    enable      = true;
+    storagePath = "/var/lib/ctucx-things";
+    nginx.enable     = true;
+    nginx.enableACME = true;
+    nginx.domain     = "things.home.ctu.cx";
   };
 
 }