cluster/containers/baikal.nix
Magic_RB aa143c8d29 Fix changed baikal hash...
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2022-10-27 11:41:39 +02:00

221 lines
7.5 KiB
Nix

{ nglib, nixpkgs }:
nglib.makeSystem {
inherit nixpkgs;
system = "x86_64-linux";
name = "baikal";
config = ({ pkgs, config, ... }:
{
config = {
dumb-init = {
enable = true;
type.services = { };
};
init.services.baikal = {
shutdownOnExit = true;
enabled = true;
script =
let
baikal =
pkgs.fetchzip {
url = "https://github.com/sabre-io/Baikal/releases/download/0.9.2/baikal-0.9.2.zip";
sha256 = "sha256-Gw7anNA347aYPNrce+unr7QfrOmu249DUlooVzk2fsE=";
extraPostFetch = ''
patch -p1 -d "$out" < ${./baikal/baikal-project-uri.patch}
'';
};
in
pkgs.writeShellScript "baikal-script"
''
set -ex
mkdir -p /var/www
if ! [ -z "$(ls -A /var/www)" ] ; then
rm -r /var/www/*
fi
${pkgs.xorg.lndir}/bin/lndir -silent ${baikal} /var/www/
rm -r /var/www/config /var/www/Specific
mkdir -p /var/baikal/specific /var/baikal/config /var/webdav
ln -s /var/baikal/specific /var/www/Specific
ln -s /var/baikal/config /var/www/config
chown www-data:www-data -R /var/baikal /var/webdav
while :; do sleep 2073600; done
'';
};
init.services.apache2 = {
shutdownOnExit = true;
ensureSomething.create."documentRoot" =
{ dst = "/var/www";
type = "directory";
persistent = true;
};
};
# init.services.php-fpm.shutdownOnExit = true;
services.php-fpm = {
fpmSettings = {
"error_log" = "/proc/self/fd/1";
};
pools = {
main = {
createUserGroup = false;
phpSettings = {
"user" = "www-data";
};
fpmSettings = {
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
};
};
};
};
services.apache2 = {
enable = true;
envsubst = true;
# package =
# pkgs.apacheHttpd.override
# { aprutil =
# pkgs.aprutil.overrideAttrs
# (old:
# { configureFlags =
# old.configureFlags ++
# [ "--with-sqlite3" ];
# buildInputs =
# old.buildInputs ++
# [ pkgs.sqlite.dev
# ];
# } );
# };
configuration = [
{
LoadModule = [
[ "mpm_event_module" "modules/mod_mpm_event.so" ]
[ "log_config_module" "modules/mod_log_config.so" ]
[ "unixd_module" "modules/mod_unixd.so" ]
[ "authz_core_module" "modules/mod_authz_core.so" ]
[ "dir_module" "modules/mod_dir.so" ]
[ "mime_module" "modules/mod_mime.so" ]
[ "proxy_module" "modules/mod_proxy.so" ]
[ "proxy_fcgi_module" "modules/mod_proxy_fcgi.so" ]
[ "rewrite_module" "modules/mod_rewrite.so" ]
[ "alias_module" "modules/mod_alias.so" ]
[ "authn_core_module" "modules/mod_authn_core.so" ]
[ "dav_module" "modules/mod_dav.so" ]
[ "dav_fs_module" "modules/mod_dav_fs.so" ]
[ "auth_digest_module" "modules/mod_auth_digest.so" ]
[ "auth_basic_module" "modules/mod_auth_basic.so" ]
[ "dbd_module" "modules/mod_dbd.so" ]
[ "authn_dbd_module" "modules/mod_authn_dbd.so" ]
[ "authz_user_module" "modules/mod_authz_user.so" ]
[ "authz_host_module" "modules/mod_authz_host.so" ]
[ "headers_module" "modules/mod_headers.so" ]
];
}
{
Listen = "0.0.0.0:80";
ServerRoot = "/var/www";
ServerName = "blowhole";
PidFile = "/httpd.pid";
DocumentRoot = "/var/www";
User = "www-data";
Group = "www-data";
}
{
ErrorLog = "/dev/stderr";
TransferLog = "/dev/stdout";
LogLevel = "info";
}
{
AddType = [
[ "image/svg+xml" "svg" "svgz" ]
];
AddEncoding = [ "gzip" "svgz" ];
TypesConfig = "${pkgs.apacheHttpd}/conf/mime.types";
}
{
Directory."/" = {
Require = [ "all" "denied" ];
Options = "SymlinksIfOwnerMatch";
};
VirtualHost."*:80" = {
DocumentRoot = "/var/www/";
RewriteEngine = "off";
LogLevel = [ "alert" "rewrite:trace3" ];
RewriteRule =
[ [ "/.well-known/carddav" "/dav.php" "[R=308,L]" ]
[ "/.well-known/caldav" "/dav.php" "[R=308,L]" ]
# [ "^/baikal/(.*)\.php$" "unix:${config.services.php-fpm.pools.main.socket}|fcgi:///var/www/html/$0" ]
# [ "^/dav(.*)$" "/webdav/%{LA-U:REMOTE_USER}" "" ]
# [ "^/baikal(.*)$" "/var/www/html/$1" "" ]
];
# DBDriver = "sqlite3";
# DBDParams = "/var/baikal/specific/db.sqlite";
# DBDMin = 4;
# DBDKeep = 8;
# DBDMax = 20;
# DBDExptime = 300;
# Location."/var/www/html/baikal" = {
# Require = [ "all" "granted" ];
# AllowOverride = [ "all" ];
# Options = [ "-Indexes" "+FollowSymlinks" ];
# DirectoryIndex = "index.php";
# RewriteRule = [ "^/baikal/(.*)$" "/" ];
# };
Location."/var/www/html/" = {
Header =
[ [ "set" "X-Baikal-Uri" "http://localhost:8088/baikal" ]
[ "set" "Host" "http://localhost:8088/baikal" ]
];
Options = [ "-Indexes" "+FollowSymlinks" ];
Require = [ "all" "granted" ];
AllowOverride = [ "all" ];
# ProxyPass = [ "unix:${config.services.php-fpm.pools.main.socket}|fcgi:///var/www/html/" ];
};
# "/var/webdav" = {
# DAV = "on";
# AuthType = "Digest";
# AuthName = "BaikalDAV";
# Require = "valid-user";
# AuthDigestProvider = [ "dbd" ];
# AuthDBDUserRealmQuery = "\"SELECT digesta1 FROM users WHERE username = %s\"";
# AuthDBDUserPWQuery = "\"SELECT digesta1 FROM users WHERE username = %s\"";
# Options = [ "+Indexes" "+FollowSymLinks" "+MultiViews" ];
# AllowOverride = [ "all" ];
# };
};
}
];
};
};
});
}