ctucx.git: nixfiles

machines/lollo/websites: add `things.home.ctu.cx`

diff --git a/machines/lollo/websites/default.nix b/machines/lollo/websites/default.nix
@@ -5,6 +5,7 @@
   imports = [
     ./wiki.home.ctu.cx.nix
     ./music.home.ctu.cx.nix
+    ./things.home.ctu.cx.nix
     ./storage.home.ctu.cx
 
     ./photos.ctu.cx.nix

diff --git a/machines/lollo/websites/things.home.ctu.cx.nix b/machines/lollo/websites/things.home.ctu.cx.nix
@@ -0,0 +1,50 @@
+{ config, pkgs, ... }:
+
+{
+
+  users.users.things = {
+    isSystemUser = true;
+    home = "/var/lib/things";
+    createHome = true;
+    group = config.services.nginx.group;
+  };
+
+  services = {
+    phpfpm.pools.ctucx-things  = {
+      user  = "things";
+      group = config.services.nginx.group;
+      phpEnv = {
+        THINGS_STORAGE_PATH = "/var/lib/things";
+      };
+      settings = {
+        pm                     = "dynamic";
+        "listen.owner"         = config.services.nginx.user;
+        "pm.max_children"      = 1;
+        "pm.start_servers"     = 1;
+        "pm.min_spare_servers" = 1;
+        "pm.max_spare_servers" = 1;
+        "pm.max_requests"      = 500;
+      };
+    };
+
+    nginx = {
+      enable = true;
+      virtualHosts."things.home.ctu.cx" = {
+        enableACME = true;
+        forceSSL   = true;
+        root       = pkgs.ctucx-things;
+        locations  = {
+        "/".index              = "index.php index.html";
+        "/".tryFiles           = "$uri $uri/ /index.php";
+        "~ \.php$".extraConfig = ''
+          fastcgi_pass  unix:${config.services.phpfpm.pools.ctucx-things.socket};
+          fastcgi_index index.php;
+        '';
+        };
+      };
+    };
+
+  };
+
+}
+