-
Notifications
You must be signed in to change notification settings - Fork 2
/
default.nix
79 lines (73 loc) · 2.31 KB
/
default.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
{ config, lib, pkgs, ... }:
let
myLib = import ../../lib.nix { inherit lib config; };
inherit (myLib) enablePHP mkVirtualHost mkPhpPool;
in {
services = {
nginx = {
enable = true;
virtualHosts = {
"pechar.fan-club-penguin.cz" = mkVirtualHost {
acme = "fan-club-penguin.cz";
root =
pkgs.runCommand "pechar" {
src = pkgs.fetchFromGitHub {
owner = "ogioncz";
repo = "pechar";
rev = "48f3d48ad0111b38132afa59bda9a1be0a76da73";
sha256 = "r8oDLZz8b0M3Fpf3BfhOnpQouOvmtrPLlTjGmv5DcJc=";
};
} ''
cp -r "$src" "$out"
chmod -R +w "$out"
sed -i "s#var mediaServer = 'mediacache';#var mediaServer = 'https://mediacache.fan-club-penguin.cz';#" $out/main.js
'';
config = ''
index index.html;
location / {
try_files $uri $uri/ =404;
}
location ~ /data/composed/get\.php$ {
${enablePHP "pechar"}
}
location ~ /data/composed/(.+)\.png {
root /var/cache/pechar;
try_files /$1.png /data/composed/get.php?path=$1;
}
'';
};
};
};
phpfpm = rec {
pools = {
pechar = mkPhpPool {
user = "pechar";
phpPackage = pkgs.php74;
phpOptions = ''
; Set up $_ENV superglobal.
; http://php.net/request-order
variables_order = "EGPCS"
'';
phpEnv = {
MEDIA_SERVER_LOCAL_DIRECTORY = "/var/www/fan-club-penguin.cz/mediacache/from-fcp";
};
settings = {
# Accept settings from the systemd service.
clear_env = false;
};
};
};
};
};
systemd.services.phpfpm-pechar = {
serviceConfig = {
CacheDirectory = "pechar";
ExecStartPost= [
# The service starts under “root” user and the phpfpm daemon then lowers the euid to “pechar”.
# But because systemd is not aware of that, the cache directory it creates does not have correct ownership.
"${pkgs.coreutils}/bin/chmod -R 700 %C/pechar"
"${pkgs.coreutils}/bin/chown -R pechar:pechar %C/pechar"
];
};
};
}