summaryrefslogtreecommitdiffstats
path: root/lass/2configs/websites
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs/websites')
-rw-r--r--lass/2configs/websites/lassulus.nix54
-rw-r--r--lass/2configs/websites/util.nix98
2 files changed, 60 insertions, 92 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 526909e8a..f04f312d0 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -21,29 +21,6 @@ in {
krebs.tinc_graphs.enable = true;
- users.users.lass-stuff = {
- uid = genid_uint31 "lass-stuff";
- description = "lassul.us blog cgi stuff";
- home = "/var/empty";
- };
-
- services.phpfpm.poolConfigs."lass-stuff" = ''
- listen = /var/run/lass-stuff.socket
- user = lass-stuff
- group = nginx
- pm = dynamic
- pm.max_children = 5
- pm.start_servers = 1
- pm.min_spare_servers = 1
- pm.max_spare_servers = 1
- listen.owner = lass-stuff
- listen.group = nginx
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- security.limit_extensions =
- '';
-
users.groups.lasscert.members = [
"dovecot2"
"ejabberd"
@@ -60,48 +37,33 @@ in {
locations."= /retiolum-hosts.tar.bz2".extraConfig = ''
alias ${config.krebs.tinc.retiolum.hostsArchive};
'';
+ locations."= /hosts".extraConfig = ''
+ alias ${pkgs.krebs-hosts_combined};
+ '';
locations."= /retiolum.hosts".extraConfig = ''
alias ${pkgs.krebs-hosts-retiolum};
'';
locations."= /wireguard-key".extraConfig = ''
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
'';
- locations."/tinc".extraConfig = ''
+ locations."/tinc/".extraConfig = ''
alias ${config.krebs.tinc_graphs.workingDir}/external;
'';
- locations."/krebspage".extraConfig = ''
+ locations."= /krebspage".extraConfig = ''
default_type "text/html";
alias ${pkgs.krebspage}/index.html;
'';
- # TODO make this work!
- locations."= /ddate".extraConfig = let
- script = pkgs.writeBash "test" ''
- echo "hello world"
- '';
- #script = pkgs.exec "ddate-wrapper" {
- # filename = "${pkgs.ddate}/bin/ddate";
- # argv = [];
- #};
- in ''
- gzip off;
- fastcgi_pass unix:/var/run/lass-stuff.socket;
- include ${pkgs.nginx}/conf/fastcgi_params;
- fastcgi_param DOCUMENT_ROOT /var/empty;
- fastcgi_param SCRIPT_FILENAME ${script};
- fastcgi_param SCRIPT_NAME ${script};
- '';
-
- locations."/init".extraConfig = let
+ locations."= /init".extraConfig = let
initscript = pkgs.init.override {
pubkey = config.krebs.users.lass.pubkey;
};
in ''
alias ${initscript};
'';
- locations."/pub".extraConfig = ''
+ locations."= /pub".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
'';
- locations."/pub1".extraConfig = ''
+ locations."= /pub1".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
'';
};
diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix
index a807f7160..bffa1036b 100644
--- a/lass/2configs/websites/util.nix
+++ b/lass/2configs/websites/util.nix
@@ -60,21 +60,23 @@ rec {
expires max;
'';
};
- services.phpfpm.poolConfigs."${domain}" = ''
- listen = /srv/http/${domain}/phpfpm.pool
- user = nginx
- group = nginx
- pm = dynamic
- pm.max_children = 25
- pm.start_servers = 5
- pm.min_spare_servers = 3
- pm.max_spare_servers = 20
- listen.owner = nginx
- listen.group = nginx
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- '';
+ services.phpfpm.pools."${domain}" = {
+ user = "nginx";
+ group = "nginx";
+ extraConfig = ''
+ listen = /srv/http/${domain}/phpfpm.pool
+ pm = dynamic
+ pm.max_children = 25
+ pm.start_servers = 5
+ pm.min_spare_servers = 3
+ pm.max_spare_servers = 20
+ listen.owner = nginx
+ listen.group = nginx
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ '';
+ };
};
serveOwncloud = domains:
@@ -169,22 +171,24 @@ rec {
access_log off;
'';
};
- services.phpfpm.poolConfigs."${domain}" = ''
- listen = /srv/http/${domain}/phpfpm.pool
- user = nginx
- group = nginx
- pm = dynamic
- pm.max_children = 32
- pm.max_requests = 500
- pm.start_servers = 2
- pm.min_spare_servers = 2
- pm.max_spare_servers = 5
- listen.owner = nginx
- listen.group = nginx
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- '';
+ services.phpfpm.pools."${domain}" = {
+ user = "nginx";
+ group = "nginx";
+ extraConfig = ''
+ listen = /srv/http/${domain}/phpfpm.pool
+ pm = dynamic
+ pm.max_children = 32
+ pm.max_requests = 500
+ pm.start_servers = 2
+ pm.min_spare_servers = 2
+ pm.max_spare_servers = 5
+ listen.owner = nginx
+ listen.group = nginx
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ '';
+ };
};
serveWordpress = domains:
@@ -220,21 +224,23 @@ rec {
expires max;
'';
};
- services.phpfpm.poolConfigs."${domain}" = ''
- listen = /srv/http/${domain}/phpfpm.pool
- user = nginx
- group = nginx
- pm = dynamic
- pm.max_children = 25
- pm.start_servers = 5
- pm.min_spare_servers = 3
- pm.max_spare_servers = 20
- listen.owner = nginx
- listen.group = nginx
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- '';
+ services.phpfpm.pools."${domain}" = {
+ user = "nginx";
+ group = "nginx";
+ extraConfig = ''
+ listen = /srv/http/${domain}/phpfpm.pool
+ pm = dynamic
+ pm.max_children = 25
+ pm.start_servers = 5
+ pm.min_spare_servers = 3
+ pm.max_spare_servers = 20
+ listen.owner = nginx
+ listen.group = nginx
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ '';
+ };
};
}