diff --git a/services.nix b/services.nix index f8227fd..d98a47b 100644 --- a/services.nix +++ b/services.nix @@ -17,6 +17,7 @@ in ./services/haproxy-acme.nix ./services/mail-server.nix ./services/lidarr.nix + ./services/site-musique.nix ]; services.haproxy-acme.enable = true; @@ -37,7 +38,6 @@ in calibre = { ip = "127.0.0.1"; port = 8080; auth = false; }; pgmanage = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; max = { ip = "127.0.0.1"; port = max_port; auth = false; }; - musique = { ip = "127.0.0.1"; port = musique_port; auth = false; }; }; services.mailserver.enable = true; @@ -139,21 +139,6 @@ in listen = [ { addr = "127.0.0.1"; port = max_port; } ]; locations = { "/" = { root = pkgs.site-max; }; }; }; - "musique" = { - listen = [ { addr = "127.0.0.1"; port = musique_port; } ]; - locations."/" = { - root = pkgs.site-musique; - index = "index.php"; - extraConfig = '' - location ~* \.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/run/phpfpm/nginx; - include ${pkgs.nginx}/conf/fastcgi_params; - include ${pkgs.nginx}/conf/fastcgi.conf; - } - ''; - }; - }; }; services.phpfpm.poolConfigs.mypool = '' @@ -222,6 +207,9 @@ in localhost = "hostaddr=127.0.0.1 port=5432 dbname=postgres"; }; + services.site-musique.enable = true; + services.site-musique.port = musique_port; + networking.firewall.allowedTCPPorts = [ 111 2049 4000 4001 4002 # NFS 3483 9000 9090 # Slimserver diff --git a/services/haproxy-acme.nix b/services/haproxy-acme.nix index 0310828..7ea4c6e 100644 --- a/services/haproxy-acme.nix +++ b/services/haproxy-acme.nix @@ -22,7 +22,11 @@ in }; services = mkOption { - type = types.attrsOf types.attrs; + type = with types; attrsOf (submodule { options = { + ip = mkOption { type = str; description = "IP address"; }; + port = mkOption { type = int; description = "Port number"; }; + auth = mkOption { type = bool; description = "Enable authentification"; default = false; }; + }; }); example = '' haproxy_backends = { example = { ip = "127.0.0.1"; port = 1234; auth = false; }; diff --git a/services/site-musique.nix b/services/site-musique.nix new file mode 100644 index 0000000..b7c508b --- /dev/null +++ b/services/site-musique.nix @@ -0,0 +1,61 @@ +{ lib, config, pkgs, ... }: + +with lib; + +let + cfg = config.services.site-musique; +in +{ + options.services.site-musique = { + enable = mkEnableOption "Site musique"; + + port = mkOption { + type = types.int; + example = 54321; + description = "Local listening port"; + }; + }; + + config = mkIf cfg.enable { + + services.haproxy-acme.services = { + musique = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; + }; + + services.nginx.virtualHosts = { + "musique" = { + listen = [ { addr = "127.0.0.1"; port = cfg.port; } ]; + locations."/" = { + root = pkgs.site-musique; + index = "index.php"; + extraConfig = '' + location ~* \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/run/phpfpm/musique; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + } + ''; + }; + }; + }; + + services.phpfpm.poolConfigs.musique = '' + listen = /run/phpfpm/musique + listen.owner = nginx + listen.group = nginx + listen.mode = 0660 + user = nginx + pm = dynamic + pm.max_children = 75 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 20 + pm.max_requests = 500 + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + + }; +}