137 lines
3.9 KiB
Nix
137 lines
3.9 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
with lib;
|
|
let
|
|
cfg = config.services.wordpress;
|
|
callPackage = pkgs.callPackage;
|
|
appConfig = (import ./default-app-config.nix).extend (self: super: {
|
|
inherit (cfg) domain;
|
|
wpConfig = super.wpConfig.extend (self: super: {
|
|
secrets = cfg.wpConfigSecrets;
|
|
});
|
|
});
|
|
writeableDataPath = "/var/lib/phpfpm/${appConfig.name}";
|
|
phpFpmListen = "/run/phpfpm/wordpress-pool.sock";
|
|
php = import ./php-config.nix { inherit pkgs config appConfig;
|
|
php = pkgs.php74;
|
|
};
|
|
phpIni = php.phpIni;
|
|
app = callPackage ./app.nix {
|
|
inherit appConfig;
|
|
writeable = {
|
|
sysPath = writeableDataPath;
|
|
owner = config.services.nginx.user;
|
|
};
|
|
};
|
|
in {
|
|
disabledModules = [ "services/web-apps/wordpress.nix" ];
|
|
options.services.wordpress = {
|
|
enable = mkEnableOption "Enable the WordPress module";
|
|
domain = mkOption {
|
|
type = types.str;
|
|
};
|
|
wpConfigSecrets = mkOption {
|
|
type = types.str;
|
|
};
|
|
enablePageSpeed = mkOption {
|
|
type = types.bool;
|
|
default = false; # TODO: backport some patch first, pkgs.stdenv.isLinux && appConfig.googlePageSpeed.enable; - https://github.com/apache/incubator-pagespeed-ngx/issues/1735
|
|
};
|
|
user = mkOption {
|
|
type = types.str;
|
|
default = "wordpress";
|
|
};
|
|
group = mkOption {
|
|
type = types.str;
|
|
default = "wordpress";
|
|
};
|
|
};
|
|
config = mkIf cfg.enable {
|
|
users.users.${cfg.user} = {
|
|
isSystemUser = true;
|
|
inherit (cfg) group;
|
|
};
|
|
users.groups.${cfg.group} = {};
|
|
|
|
environment.systemPackages = [ pkgs.wp-cli ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
additionalModules = with pkgs.nginxModules; [
|
|
dav cache-purge moreheaders
|
|
] ++ optional cfg.enablePageSpeed pagespeed;
|
|
virtualHosts."${cfg.domain}" = {
|
|
root = app.package;
|
|
locations."/" = {
|
|
tryFiles = "$uri/index.html $uri $uri/ /index.php?$query_string";
|
|
};
|
|
# fast cgi conf
|
|
locations."~ [^/]\\.php(/|$)" = {
|
|
extraConfig = ''
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
fastcgi_pass unix:${phpFpmListen};
|
|
fastcgi_index index.php;
|
|
'';
|
|
};
|
|
extraConfig = ''
|
|
index index.html index.htm index.php;
|
|
'';
|
|
};
|
|
};
|
|
|
|
systemd.services.init-writeable-paths = {
|
|
description = "Initialize writeable directories for the app";
|
|
before = [ "phpfpm.service" ];
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" "phpfpm.service" "nginx.service" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = app.initScript;
|
|
};
|
|
};
|
|
|
|
systemd.services.install-wp =
|
|
let deps = [ "init-writeable-paths.service" "mysql.service" ];
|
|
in {
|
|
enable = appConfig.autoInstall.enable;
|
|
description = "Configure WordPress installation with WP-CLI";
|
|
before = [ "nginx.service" ];
|
|
after = deps;
|
|
wants = deps;
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = import ./install-wp.nix {
|
|
inherit pkgs config appConfig writeableDataPath;
|
|
appPackage = app.package;
|
|
};
|
|
};
|
|
environment.PHP_INI_SCAN_DIR =
|
|
let customIni = pkgs.writeTextDir "wp-cli-custom.ini" phpIni;
|
|
in "${pkgs.php}/etc:${customIni}";
|
|
};
|
|
|
|
services.phpfpm = {
|
|
pools.wordpress-pool = import ./phpfpm-conf.nix {
|
|
inherit (cfg) user group;
|
|
inherit pkgs config phpFpmListen;
|
|
phpPackage = php;
|
|
processSettings = appConfig.phpFpmProcessSettings;
|
|
};
|
|
};
|
|
|
|
services.mysql = {
|
|
enable = true;
|
|
package = pkgs.mariadb;
|
|
|
|
ensureDatabases = [ "wordpress" ];
|
|
ensureUsers = [
|
|
{
|
|
name = cfg.user;
|
|
ensurePermissions = {
|
|
"wordpress.*" = "ALL PRIVILEGES";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|