summaryrefslogtreecommitdiffstats
path: root/lass/2configs/websites/lassulus.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-11-11 13:44:55 +0100
committermakefu <github@syntax-fehler.de>2016-11-11 13:44:55 +0100
commit4d7f0e6c5bcd8b586711ad2394fac73ebbd3312d (patch)
treea21db730913e0915ec1e319af70673e7cf4e5001 /lass/2configs/websites/lassulus.nix
parent6c092cd20ca256b1cefa92aa779380cdb71c1313 (diff)
parent0e13a4e2373d891e6a895e4b6ad2b42da028ba12 (diff)
Merge remote-tracking branch 'prism/lassulus'
Diffstat (limited to 'lass/2configs/websites/lassulus.nix')
-rw-r--r--lass/2configs/websites/lassulus.nix47
1 files changed, 47 insertions, 0 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index b8342e148..29374e97d 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -37,6 +37,31 @@ in {
};
};
+ krebs.tinc_graphs.enable = true;
+
+ users.users.lass-stuff = {
+ uid = genid "lass-stuff";
+ description = "lassul.us blog cgi stuff";
+ home = "/var/empty";
+ };
+
+ services.phpfpm.poolConfigs."lass-stuff" = ''
+ listen = /var/run/lass-stuff.socket
+ user = lass-stuff
+ group = nginx
+ pm = dynamic
+ pm.max_children = 5
+ pm.start_servers = 1
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 1
+ listen.owner = lass-stuff
+ listen.group = nginx
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ security.limit_extensions =
+ '';
+
users.groups.lasscert.members = [
"dovecot2"
"ejabberd"
@@ -53,6 +78,28 @@ in {
(nameValuePair "/.well-known/acme-challenge" ''
root /var/lib/acme/challenges/lassul.us/;
'')
+ (nameValuePair "= /retiolum-hosts.tar.bz2" ''
+ alias ${config.krebs.tinc.retiolum.hostsArchive};
+ '')
+ (nameValuePair "/tinc" ''
+ alias ${config.krebs.tinc_graphs.workingDir}/external;
+ '')
+ (let
+ script = pkgs.writeBash "test" ''
+ echo "hello world"
+ '';
+ #script = pkgs.execve "ddate-wrapper" {
+ # filename = "${pkgs.ddate}/bin/ddate";
+ # argv = [];
+ #};
+ in nameValuePair "= /ddate" ''
+ gzip off;
+ fastcgi_pass unix:/var/run/lass-stuff.socket;
+ include ${pkgs.nginx}/conf/fastcgi_params;
+ fastcgi_param DOCUMENT_ROOT /var/empty;
+ fastcgi_param SCRIPT_FILENAME ${script};
+ fastcgi_param SCRIPT_NAME ${script};
+ '')
];
ssl = {
enable = true;