nixos/selfoss: fix work with phpfpm-rootless mode

2024-11-16 23:03:40 +01:00 · 2019-06-15 19:09:31 +03:00 · 2019-06-15 19:09:31 +03:00 · 6290bf9067
commit 6290bf9067
parent d44f759b55
1 changed files with 26 additions and 19 deletions
--- a/nixos/modules/services/web-apps/selfoss.nix
+++ b/nixos/modules/services/web-apps/selfoss.nix
@ -3,9 +3,9 @@ with lib;
 let
  cfg = config.services.selfoss;

-  poolName = "selfoss_pool";
-  phpfpmSocketName = "/run/phpfpm/${poolName}.sock";
-
+  poolName = "selfoss";
+  phpfpmSocketName = "/run/phpfpm-${poolName}/${poolName}.sock";
+  group = "${cfg.user}";
  dataDir = "/var/lib/selfoss";

  selfoss-config =
@ -116,21 +116,25 @@ in

  config = mkIf cfg.enable {

-    services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
-      "${poolName}" = ''
-        listen = "${phpfpmSocketName}";
-        listen.owner = nginx
-        listen.group = nginx
-        listen.mode = 0600
-        user = nginx
-        pm = dynamic
-        pm.max_children = 75
-        pm.start_servers = 10
-        pm.min_spare_servers = 5
-        pm.max_spare_servers = 20
-        pm.max_requests = 500
-        catch_workers_output = 1
-      '';
+    services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
+      "${poolName}" = {
+        socketName = "${poolName}";
+        phpPackage = pkgs.php;
+        user = "${cfg.user}";
+        group = "${group}";
+        extraConfig = ''
+          listen.owner = ${config.services.nginx.user}
+          listen.group = ${config.services.nginx.group}
+          listen.mode = 0600
+          pm = dynamic
+          pm.max_children = 75
+          pm.start_servers = 10
+          pm.min_spare_servers = 5
+          pm.max_spare_servers = 20
+          pm.max_requests = 500
+          catch_workers_output = 1
+        '';
+      };
    };

    systemd.services.selfoss-config = {
@ -145,7 +149,7 @@ in
        # Create the files
        cp -r "${pkgs.selfoss}/"* "${dataDir}"
        ln -sf "${selfoss-config}" "${dataDir}/config.ini"
-        chown -R "${cfg.user}" "${dataDir}"
+        chown -R "${cfg.user}":"${group}" "${dataDir}"
        chmod -R 755 "${dataDir}"
      '';
      wantedBy = [ "multi-user.target" ];
@ -162,5 +166,8 @@ in

    };

+    users.users.nginx = {
+      extraGroups = [ "${group}" ];
+     };
  };
 }