Move nginx-fpm into options
This commit is contained in:
parent
94503458d7
commit
372222e899
|
@ -30,6 +30,7 @@
|
|||
./services/media-share
|
||||
./services/nextcloud
|
||||
./services/nginx-acme-base
|
||||
./nginx-fpm
|
||||
./services/pipewire
|
||||
./services/rclone-webdav
|
||||
./services/rdp
|
||||
|
|
|
@ -1,29 +1,58 @@
|
|||
{ dataDir, documentRoot ? "/var/www/html", domain, port ? "9000", }:
|
||||
{ inputs, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.az-nginx-fpm;
|
||||
in
|
||||
{
|
||||
services = {
|
||||
az-acme-base.enable = true;
|
||||
nginx = {
|
||||
appendHttpConfig = ''
|
||||
index index.php;
|
||||
'';
|
||||
virtualHosts."${domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = dataDir;
|
||||
locations = {
|
||||
"~ \\.php$" = {
|
||||
extraConfig = ''
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
fastcgi_param SCRIPT_FILENAME ${documentRoot}$fastcgi_script_name;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_pass 127.0.0.1:${port};
|
||||
'';
|
||||
options = {
|
||||
services.az-nginx-fpm = {
|
||||
enable = lib.mkEnableOption "Enable Nginx with config for FPM in a container.";
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "The directory where the application lives on the host.";
|
||||
};
|
||||
documentRoot = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "The directory where the FPM expects your code to be.";
|
||||
default = "/var/www/html";
|
||||
};
|
||||
domain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "The domain the service is being run from.";
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.number;
|
||||
description = "The port FPM listens on.";
|
||||
default = 9000;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services = {
|
||||
az-acme-base.enable = true;
|
||||
nginx = {
|
||||
appendHttpConfig = ''
|
||||
index index.php;
|
||||
'';
|
||||
virtualHosts."${cfg.domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = cfg.dataDir;
|
||||
locations = {
|
||||
"~ \\.php$" = {
|
||||
extraConfig = ''
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
fastcgi_param SCRIPT_FILENAME ${cfg.documentRoot}$fastcgi_script_name;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_pass 127.0.0.1:${toString cfg.port};
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -15,26 +15,41 @@ let
|
|||
in
|
||||
{
|
||||
imports = [
|
||||
(import "${inputs.self}/modules/nginx-fpm" {
|
||||
dataDir = "/var/lib/ttrss/html";
|
||||
inherit domain;
|
||||
})
|
||||
"${inputs.self}/modules/postgresql"
|
||||
];
|
||||
age.secrets.ttrssEnv.file = "${inputs.self}/scrts/ttrss_env.age";
|
||||
|
||||
services.postgresql = {
|
||||
authentication = "host ttrssdb ttrss 172.16.0.0/12 scram-sha-256";
|
||||
ensureDatabases = [ "ttrssdb" ];
|
||||
ensureUsers = [{
|
||||
name = "ttrss";
|
||||
ensurePermissions = {
|
||||
"DATABASE ttrssdb " = "ALL PRIVILEGES";
|
||||
};
|
||||
}];
|
||||
services = {
|
||||
az-docker.enable = true;
|
||||
az-nginx-fpm = {
|
||||
enable = true;
|
||||
dataDir = "/var/lib/ttrss/html";
|
||||
domain = domain;
|
||||
};
|
||||
nginx.virtualHosts."${domain}".locations = {
|
||||
"/".extraConfig = ''
|
||||
try_files $uri $uri/ = 404;
|
||||
'';
|
||||
"/tt-rss/cache".extraConfig = ''
|
||||
aio threads;
|
||||
internal;
|
||||
'';
|
||||
"/tt-rss/backups".extraConfig = ''
|
||||
internal;
|
||||
'';
|
||||
};
|
||||
postgresql = {
|
||||
authentication = "host ttrssdb ttrss 172.16.0.0/12 scram-sha-256";
|
||||
ensureDatabases = [ "ttrssdb" ];
|
||||
ensureUsers = [{
|
||||
name = "ttrss";
|
||||
ensurePermissions = {
|
||||
"DATABASE ttrssdb " = "ALL PRIVILEGES";
|
||||
};
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
services.az-docker.enable = true;
|
||||
virtualisation.oci-containers = {
|
||||
backend = "docker";
|
||||
containers."ttrss" = {
|
||||
|
@ -88,18 +103,6 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${domain}".locations = {
|
||||
"/".extraConfig = ''
|
||||
try_files $uri $uri/ = 404;
|
||||
'';
|
||||
"/tt-rss/cache".extraConfig = ''
|
||||
aio threads;
|
||||
internal;
|
||||
'';
|
||||
"/tt-rss/backups".extraConfig = ''
|
||||
internal;
|
||||
'';
|
||||
};
|
||||
systemd.services.${ttrssService}.after = [ "nginx.service" ];
|
||||
systemd.services.postgresql.after = [ "${ttrssService}.service" ];
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue