diff --git a/systems/LoutreOS/web.nix b/systems/LoutreOS/web.nix index 506760d..2d5518e 100644 --- a/systems/LoutreOS/web.nix +++ b/systems/LoutreOS/web.nix @@ -48,11 +48,29 @@ in acceptTerms = true; }; + users.groups.work = {}; + users.users.work = { + isSystemUser = true; + group = config.users.groups.work.name; + }; + services = { + phpfpm.pools.work = { + user = config.users.users.work.name; + settings = { + "listen.owner" = config.services.nginx.user; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + }; + }; nginx = { enable = true; package = pkgs.nginx.override { - modules = with pkgs.nginxModules; [ rtmp ]; + modules = with pkgs.nginxModules; [ rtmp dav ]; }; recommendedGzipSettings = true; recommendedOptimisation = true; @@ -189,6 +207,22 @@ in proxyWebsockets = true; }; }; + "work.rezom.eu" = base { + "/" = { + index = "/_h5ai/public/index.php"; + extraConfig = '' + dav_ext_methods PROPFIND OPTIONS; + ''; + }; + "/_h5ai/public/index.php" = { + extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:${config.services.phpfpm.pools.work.socket}; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + ''; + }; + } // { root = "/mnt/medias/iso_linux"; }; }; appendConfig = let rootLocation = config.services.nginx.virtualHosts."stream.nyanlout.re".locations."/".root; @@ -278,6 +312,11 @@ in ReadWritePaths = "/var/www/hls"; }; + systemd.services.phpfpm-work.serviceConfig = { + ReadOnlyPaths = "/mnt/medias/iso_linux"; + ReadWritePaths = "/mnt/medias/iso_linux/_h5ai"; + }; + systemd.services.site-musique = let djangoEnv =(pkgs.python3.withPackages (ps: with ps; [ gunicorn django_2_2 pillow setuptools ])); in {