mirror of
https://git.sr.ht/~magic_rb/cluster
synced 2024-11-22 08:04:20 +01:00
aa143c8d29
Signed-off-by: Magic_RB <magic_rb@redalder.org>
222 lines
7.5 KiB
Nix
222 lines
7.5 KiB
Nix
{ nglib, nixpkgs }:
|
|
nglib.makeSystem {
|
|
inherit nixpkgs;
|
|
system = "x86_64-linux";
|
|
name = "baikal";
|
|
config = ({ pkgs, config, ... }:
|
|
{
|
|
config = {
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = { };
|
|
};
|
|
|
|
init.services.baikal = {
|
|
shutdownOnExit = true;
|
|
enabled = true;
|
|
script =
|
|
let
|
|
baikal =
|
|
pkgs.fetchzip {
|
|
url = "https://github.com/sabre-io/Baikal/releases/download/0.9.2/baikal-0.9.2.zip";
|
|
sha256 = "sha256-Gw7anNA347aYPNrce+unr7QfrOmu249DUlooVzk2fsE=";
|
|
extraPostFetch = ''
|
|
patch -p1 -d "$out" < ${./baikal/baikal-project-uri.patch}
|
|
'';
|
|
};
|
|
in
|
|
pkgs.writeShellScript "baikal-script"
|
|
''
|
|
set -ex
|
|
mkdir -p /var/www
|
|
if ! [ -z "$(ls -A /var/www)" ] ; then
|
|
rm -r /var/www/*
|
|
fi
|
|
|
|
${pkgs.xorg.lndir}/bin/lndir -silent ${baikal} /var/www/
|
|
|
|
rm -r /var/www/config /var/www/Specific
|
|
|
|
mkdir -p /var/baikal/specific /var/baikal/config /var/webdav
|
|
ln -s /var/baikal/specific /var/www/Specific
|
|
ln -s /var/baikal/config /var/www/config
|
|
chown www-data:www-data -R /var/baikal /var/webdav
|
|
|
|
while :; do sleep 2073600; done
|
|
'';
|
|
};
|
|
|
|
init.services.apache2 = {
|
|
shutdownOnExit = true;
|
|
ensureSomething.create."documentRoot" =
|
|
{ dst = "/var/www";
|
|
type = "directory";
|
|
persistent = true;
|
|
};
|
|
};
|
|
|
|
# init.services.php-fpm.shutdownOnExit = true;
|
|
|
|
services.php-fpm = {
|
|
fpmSettings = {
|
|
"error_log" = "/proc/self/fd/1";
|
|
};
|
|
pools = {
|
|
main = {
|
|
createUserGroup = false;
|
|
phpSettings = {
|
|
"user" = "www-data";
|
|
};
|
|
fpmSettings = {
|
|
"pm" = "dynamic";
|
|
"pm.max_children" = 75;
|
|
"pm.start_servers" = 10;
|
|
"pm.min_spare_servers" = 5;
|
|
"pm.max_spare_servers" = 20;
|
|
"pm.max_requests" = 500;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
services.apache2 = {
|
|
enable = true;
|
|
envsubst = true;
|
|
# package =
|
|
# pkgs.apacheHttpd.override
|
|
# { aprutil =
|
|
# pkgs.aprutil.overrideAttrs
|
|
# (old:
|
|
# { configureFlags =
|
|
# old.configureFlags ++
|
|
# [ "--with-sqlite3" ];
|
|
# buildInputs =
|
|
# old.buildInputs ++
|
|
# [ pkgs.sqlite.dev
|
|
# ];
|
|
# } );
|
|
# };
|
|
configuration = [
|
|
{
|
|
LoadModule = [
|
|
[ "mpm_event_module" "modules/mod_mpm_event.so" ]
|
|
[ "log_config_module" "modules/mod_log_config.so" ]
|
|
[ "unixd_module" "modules/mod_unixd.so" ]
|
|
[ "authz_core_module" "modules/mod_authz_core.so" ]
|
|
[ "dir_module" "modules/mod_dir.so" ]
|
|
[ "mime_module" "modules/mod_mime.so" ]
|
|
[ "proxy_module" "modules/mod_proxy.so" ]
|
|
[ "proxy_fcgi_module" "modules/mod_proxy_fcgi.so" ]
|
|
|
|
[ "rewrite_module" "modules/mod_rewrite.so" ]
|
|
[ "alias_module" "modules/mod_alias.so" ]
|
|
|
|
[ "authn_core_module" "modules/mod_authn_core.so" ]
|
|
[ "dav_module" "modules/mod_dav.so" ]
|
|
[ "dav_fs_module" "modules/mod_dav_fs.so" ]
|
|
[ "auth_digest_module" "modules/mod_auth_digest.so" ]
|
|
[ "auth_basic_module" "modules/mod_auth_basic.so" ]
|
|
[ "dbd_module" "modules/mod_dbd.so" ]
|
|
[ "authn_dbd_module" "modules/mod_authn_dbd.so" ]
|
|
[ "authz_user_module" "modules/mod_authz_user.so" ]
|
|
[ "authz_host_module" "modules/mod_authz_host.so" ]
|
|
[ "headers_module" "modules/mod_headers.so" ]
|
|
];
|
|
}
|
|
{
|
|
Listen = "0.0.0.0:80";
|
|
|
|
ServerRoot = "/var/www";
|
|
ServerName = "blowhole";
|
|
PidFile = "/httpd.pid";
|
|
|
|
DocumentRoot = "/var/www";
|
|
|
|
User = "www-data";
|
|
Group = "www-data";
|
|
}
|
|
|
|
{
|
|
ErrorLog = "/dev/stderr";
|
|
TransferLog = "/dev/stdout";
|
|
|
|
LogLevel = "info";
|
|
}
|
|
|
|
{
|
|
AddType = [
|
|
[ "image/svg+xml" "svg" "svgz" ]
|
|
];
|
|
AddEncoding = [ "gzip" "svgz" ];
|
|
|
|
TypesConfig = "${pkgs.apacheHttpd}/conf/mime.types";
|
|
}
|
|
|
|
{
|
|
Directory."/" = {
|
|
Require = [ "all" "denied" ];
|
|
Options = "SymlinksIfOwnerMatch";
|
|
};
|
|
|
|
VirtualHost."*:80" = {
|
|
DocumentRoot = "/var/www/";
|
|
RewriteEngine = "off";
|
|
LogLevel = [ "alert" "rewrite:trace3" ];
|
|
|
|
RewriteRule =
|
|
[ [ "/.well-known/carddav" "/dav.php" "[R=308,L]" ]
|
|
[ "/.well-known/caldav" "/dav.php" "[R=308,L]" ]
|
|
# [ "^/baikal/(.*)\.php$" "unix:${config.services.php-fpm.pools.main.socket}|fcgi:///var/www/html/$0" ]
|
|
# [ "^/dav(.*)$" "/webdav/%{LA-U:REMOTE_USER}" "" ]
|
|
# [ "^/baikal(.*)$" "/var/www/html/$1" "" ]
|
|
];
|
|
|
|
# DBDriver = "sqlite3";
|
|
# DBDParams = "/var/baikal/specific/db.sqlite";
|
|
|
|
# DBDMin = 4;
|
|
# DBDKeep = 8;
|
|
# DBDMax = 20;
|
|
# DBDExptime = 300;
|
|
|
|
# Location."/var/www/html/baikal" = {
|
|
# Require = [ "all" "granted" ];
|
|
# AllowOverride = [ "all" ];
|
|
# Options = [ "-Indexes" "+FollowSymlinks" ];
|
|
# DirectoryIndex = "index.php";
|
|
# RewriteRule = [ "^/baikal/(.*)$" "/" ];
|
|
# };
|
|
|
|
Location."/var/www/html/" = {
|
|
Header =
|
|
[ [ "set" "X-Baikal-Uri" "http://localhost:8088/baikal" ]
|
|
[ "set" "Host" "http://localhost:8088/baikal" ]
|
|
];
|
|
Options = [ "-Indexes" "+FollowSymlinks" ];
|
|
Require = [ "all" "granted" ];
|
|
AllowOverride = [ "all" ];
|
|
# ProxyPass = [ "unix:${config.services.php-fpm.pools.main.socket}|fcgi:///var/www/html/" ];
|
|
};
|
|
|
|
# "/var/webdav" = {
|
|
# DAV = "on";
|
|
# AuthType = "Digest";
|
|
# AuthName = "BaikalDAV";
|
|
|
|
# Require = "valid-user";
|
|
|
|
# AuthDigestProvider = [ "dbd" ];
|
|
# AuthDBDUserRealmQuery = "\"SELECT digesta1 FROM users WHERE username = %s\"";
|
|
# AuthDBDUserPWQuery = "\"SELECT digesta1 FROM users WHERE username = %s\"";
|
|
|
|
# Options = [ "+Indexes" "+FollowSymLinks" "+MultiViews" ];
|
|
# AllowOverride = [ "all" ];
|
|
# };
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
});
|
|
}
|