ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-11 04:02:55 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #65706 from aanderse/phpfpm

Browse Source 
nixos/phpfpm: module cleanup
This commit is contained in:
Aaron Andersen 2019-08-24 08:25:24 -04:00 committed by GitHub
commit 825d023c8a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 375 additions and 349 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/rename.nix
View File

@ -178,6 +178,9 @@ with lib;
The starting time can be configured via <literal>services.postgresqlBackup.startAt</literal>.
'')
# phpfpm
(mkRemovedOptionModule [ "services" "phpfpm" "poolConfigs" ] "Use services.phpfpm.pools instead.")
# zabbixServer
(mkRenamedOptionModule [ "services" "zabbixServer" "dbServer" ] [ "services" "zabbixServer" "database" "host" ])

42
nixos/modules/services/mail/roundcube.nix
View File

@ -4,6 +4,7 @@ with lib;
let
cfg = config.services.roundcube;
fpm = config.services.phpfpm.pools.roundcube;
in
{
options.services.roundcube = {
@ -105,7 +106,7 @@ in
extraConfig = ''
location ~* \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/phpfpm/roundcube;
fastcgi_pass unix:${fpm.socket};
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
}
@ -119,24 +120,27 @@ in
enable = true;
};
services.phpfpm.poolConfigs.roundcube = ''
listen = /run/phpfpm/roundcube
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
user = nginx
pm = dynamic
pm.max_children = 75
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 20
pm.max_requests = 500
php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on
php_admin_value[post_max_size] = 25M
php_admin_value[upload_max_filesize] = 25M
catch_workers_output = yes
'';
services.phpfpm.pools.roundcube = {
user = "nginx";
phpOptions = ''
error_log = 'stderr'
log_errors = on
post_max_size = 25M
upload_max_filesize = 25M
'';
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"listen.mode" = "0660";
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"catch_workers_output" = true;
};
};
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
systemd.services.roundcube-setup = let

36
nixos/modules/services/misc/zoneminder.nix
View File

@ -2,6 +2,7 @@
let
cfg = config.services.zoneminder;
fpm = config.services.phpfpm.pools.zoneminder;
pkg = pkgs.zoneminder;
dirName = pkg.dirName;
@ -19,8 +20,6 @@ let
useCustomDir = cfg.storageDir != null;
socket = "/run/phpfpm/${dirName}.sock";
zms = "/cgi-bin/zms";
dirs = dirList: [ dirName ] ++ map (e: "${dirName}/${e}") dirList;
@ -274,7 +273,7 @@ in {
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:${socket};
fastcgi_pass unix:${fpm.socket};
}
}
'';
@ -284,30 +283,27 @@ in {
phpfpm = lib.mkIf useNginx {
pools.zoneminder = {
listen = socket;
inherit user group;
phpOptions = ''
date.timezone = "${config.time.timeZone}"
${lib.concatStringsSep "\n" (map (e:
"extension=${e.pkg}/lib/php/extensions/${e.name}.so") phpExtensions)}
'';
extraConfig = ''
user = ${user}
group = ${group}
settings = lib.mapAttrs (name: lib.mkDefault) {
"listen.owner" = user;
"listen.group" = group;
"listen.mode" = "0660";
listen.owner = ${user}
listen.group = ${group}
listen.mode = 0660
pm = dynamic
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 2
pm.max_requests = 500
pm.max_children = 5
pm.status_path = /$pool-status
ping.path = /$pool-ping
'';
"pm" = "dynamic";
"pm.start_servers" = 1;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 2;
"pm.max_requests" = 500;
"pm.max_children" = 5;
"pm.status_path" = "/$pool-status";
"ping.path" = "/$pool-ping";
};
};
};
};

41
nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
View File

@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }: with lib; let
cfg = config.services.icingaweb2;
fpm = config.services.phpfpm.pools.${poolName};
poolName = "icingaweb2";
phpfpmSocketName = "/var/run/phpfpm/${poolName}.sock";
defaultConfig = {
global = {
@ -164,27 +164,26 @@ in {
};
config = mkIf cfg.enable {
services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
"${poolName}" = ''
listen = "${phpfpmSocketName}"
listen.owner = nginx
listen.group = nginx
listen.mode = 0600
user = icingaweb2
pm = dynamic
pm.max_children = 75
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 10
'';
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
"${poolName}" = {
user = "icingaweb2";
phpOptions = ''
extension = ${pkgs.phpPackages.imagick}/lib/php/extensions/imagick.so
date.timezone = "${cfg.timezone}"
'';
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"listen.mode" = "0600";
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 10;
};
};
};
services.phpfpm.phpOptions = mkIf (cfg.pool == "${poolName}")
''
extension = ${pkgs.phpPackages.imagick}/lib/php/extensions/imagick.so
date.timezone = "${cfg.timezone}"
'';
systemd.services."phpfpm-${poolName}".serviceConfig.ReadWritePaths = [ "/etc/icingaweb2" ];
services.nginx = {
@ -208,7 +207,7 @@ in {
include ${config.services.nginx.package}/conf/fastcgi.conf;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${phpfpmSocketName};
fastcgi_pass unix:${fpm.socket};
fastcgi_param SCRIPT_FILENAME ${pkgs.icingaweb2}/public/index.php;
'';
};

37
nixos/modules/services/web-apps/limesurvey.nix
View File

@ -120,15 +120,15 @@ in
};
poolConfig = mkOption {
type = types.lines;
default = ''
pm = dynamic
pm.max_children = 32
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 500
'';
type = with types; attrsOf (oneOf [ str int bool ]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = ''
Options for the LimeSurvey PHP pool. See the documentation on <literal>php-fpm.conf</literal>
for details on configuration directives.
@ -203,17 +203,12 @@ in
};
services.phpfpm.pools.limesurvey = {
listen = "/run/phpfpm/limesurvey.sock";
extraConfig = ''
listen.owner = ${config.services.httpd.user};
listen.group = ${config.services.httpd.group};
user = ${user};
group = ${group};
env[LIMESURVEY_CONFIG] = ${limesurveyConfig}
${cfg.poolConfig}
'';
inherit user group;
phpEnv.LIMESURVEY_CONFIG = "${limesurveyConfig}";
settings = {
"listen.owner" = config.services.httpd.user;
"listen.group" = config.services.httpd.group;
} // cfg.poolConfig;
};
services.httpd = {
@ -241,7 +236,7 @@ in
<Directory "${pkg}/share/limesurvey">
<FilesMatch "\.php$">
<If "-f %{REQUEST_FILENAME}">
SetHandler "proxy:unix:${fpm.listen}|fcgi://localhost/"
SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/"
</If>
</FilesMatch>

22
nixos/modules/services/web-apps/matomo.nix
View File

@ -225,22 +225,24 @@ in {
serviceConfig.UMask = "0007";
};
services.phpfpm.poolConfigs = let
services.phpfpm.pools = let
# workaround for when both are null and need to generate a string,
# which is illegal, but as assertions apparently are being triggered *after* config generation,
# we have to avoid already throwing errors at this previous stage.
socketOwner = if (cfg.nginx != null) then config.services.nginx.user
else if (cfg.webServerUser != null) then cfg.webServerUser else "";
in {
${pool} = ''
listen = "${phpSocket}"
listen.owner = ${socketOwner}
listen.group = root
listen.mode = 0600
user = ${user}
env[PIWIK_USER_PATH] = ${dataDir}
${cfg.phpfpmProcessManagerConfig}
'';
${pool} = {
listen = phpSocket;
extraConfig = ''
listen.owner = ${socketOwner}
listen.group = root
listen.mode = 0600
user = ${user}
env[PIWIK_USER_PATH] = ${dataDir}
${cfg.phpfpmProcessManagerConfig}
'';
};
};

39
nixos/modules/services/web-apps/mediawiki.nix
View File

@ -312,17 +312,17 @@ in
};
poolConfig = mkOption {
type = types.lines;
default = ''
pm = dynamic
pm.max_children = 32
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 500
'';
type = with types; attrsOf (oneOf [ str int bool ]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = ''
Options for MediaWiki's PHP pool. See the documentation on <literal>php-fpm.conf</literal>
Options for the MediaWiki PHP pool. See the documentation on <literal>php-fpm.conf</literal>
for details on configuration directives.
'';
};
@ -379,17 +379,12 @@ in
};
services.phpfpm.pools.mediawiki = {
listen = "/run/phpfpm/mediawiki.sock";
extraConfig = ''
listen.owner = ${config.services.httpd.user}
listen.group = ${config.services.httpd.group}
user = ${user}
group = ${group}
env[MEDIAWIKI_CONFIG] = ${mediawikiConfig}
${cfg.poolConfig}
'';
inherit user group;
phpEnv.MEDIAWIKI_CONFIG = "${mediawikiConfig}";
settings = {
"listen.owner" = config.services.httpd.user;
"listen.group" = config.services.httpd.group;
} // cfg.poolConfig;
};
services.httpd = {
@ -403,7 +398,7 @@ in
<Directory "${pkg}/share/mediawiki">
<FilesMatch "\.php$">
<If "-f %{REQUEST_FILENAME}">
SetHandler "proxy:unix:${fpm.listen}|fcgi://localhost/"
SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/"
</If>
</FilesMatch>

34
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -4,6 +4,7 @@ with lib;
let
cfg = config.services.nextcloud;
fpm = config.services.phpfpm.pools.nextcloud;
phpPackage = pkgs.php73;
phpPackages = pkgs.php73Packages;
@ -410,25 +411,20 @@ in {
};
services.phpfpm = {
pools.nextcloud = let
phpAdminValues = (toKeyValue
(foldr (a: b: a // b) {}
(mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; })
phpOptions)));
in {
phpOptions = phpOptionsExtensions;
pools.nextcloud = {
user = "nextcloud";
group = "nginx";
phpOptions = phpOptionsExtensions + phpOptionsStr;
phpPackage = phpPackage;
listen = "/run/phpfpm/nextcloud";
extraConfig = ''
listen.owner = nginx
listen.group = nginx
user = nextcloud
group = nginx
${cfg.poolConfig}
env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config
env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin
${phpAdminValues}
'';
phpEnv = {
NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config";
PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
};
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
};
extraConfig = cfg.poolConfig;
};
};
@ -489,7 +485,7 @@ in {
fastcgi_param HTTPS ${if cfg.https then "on" else "off"};
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass unix:/run/phpfpm/nextcloud;
fastcgi_pass unix:${fpm.socket};
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 120s;

32
nixos/modules/services/web-apps/restya-board.nix
View File

@ -9,11 +9,11 @@ with lib;
let
cfg = config.services.restya-board;
fpm = config.services.phpfpm.pools.${poolName};
runDir = "/run/restya-board";
poolName = "restya-board";
phpfpmSocketName = "/run/phpfpm/${poolName}.sock";
in
@ -180,7 +180,7 @@ in
services.phpfpm.pools = {
"${poolName}" = {
listen = phpfpmSocketName;
inherit (cfg) user group;
phpOptions = ''
date.timezone = "CET"
@ -191,20 +191,18 @@ in
auth_password = ${cfg.email.password}
''}
'';
extraConfig = ''
listen.owner = nginx
listen.group = nginx
listen.mode = 0600
user = ${cfg.user}
group = ${cfg.group}
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
catch_workers_output = 1
'';
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"listen.mode" = "0600";
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"catch_workers_output" = 1;
};
};
};
@ -241,7 +239,7 @@ in
tryFiles = "$uri =404";
extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${phpfpmSocketName};
fastcgi_pass unix:${fpm.socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "upload_max_filesize=9G \n post_max_size=9G \n max_execution_time=200 \n max_input_time=200 \n memory_limit=256M";

32
nixos/modules/services/web-apps/selfoss.nix
View File

@ -4,7 +4,6 @@ let
cfg = config.services.selfoss;
poolName = "selfoss_pool";
phpfpmSocketName = "/run/phpfpm/${poolName}.sock";
dataDir = "/var/lib/selfoss";
@ -116,21 +115,22 @@ in
config = mkIf cfg.enable {
services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
"${poolName}" = ''
listen = "${phpfpmSocketName}";
listen.owner = nginx
listen.group = nginx
listen.mode = 0600
user = nginx
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
catch_workers_output = 1
'';
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
"${poolName}" = {
user = "nginx";
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"listen.mode" = "0600";
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"catch_workers_output" = 1;
};
};
};
systemd.services.selfoss-config = {

29
nixos/modules/services/web-apps/tt-rss.nix
View File

@ -521,20 +521,19 @@ let
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
"${poolName}" = {
listen = "/var/run/phpfpm/${poolName}.sock";
extraConfig = ''
listen.owner = nginx
listen.group = nginx
listen.mode = 0600
user = ${cfg.user}
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
catch_workers_output = 1
'';
inherit (cfg) user;
settings = mapAttrs (name: mkDefault) {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"listen.mode" = "0600";
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"catch_workers_output" = 1;
};
};
};
@ -552,7 +551,7 @@ let
locations."~ \.php$" = {
extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.listen};
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket};
fastcgi_index index.php;
'';
};

34
nixos/modules/services/web-apps/wordpress.nix
View File

@ -216,15 +216,15 @@ let
};
poolConfig = mkOption {
type = types.lines;
default = ''
pm = dynamic
pm.max_children = 32
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 500
'';
type = with types; attrsOf (oneOf [ str int bool ]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = ''
Options for the WordPress PHP pool. See the documentation on <literal>php-fpm.conf</literal>
for details on configuration directives.
@ -280,15 +280,11 @@ in
services.phpfpm.pools = mapAttrs' (hostName: cfg: (
nameValuePair "wordpress-${hostName}" {
listen = "/run/phpfpm/wordpress-${hostName}.sock";
extraConfig = ''
listen.owner = ${config.services.httpd.user}
listen.group = ${config.services.httpd.group}
user = ${user}
group = ${group}
${cfg.poolConfig}
'';
inherit user group;
settings = {
"listen.owner" = config.services.httpd.user;
"listen.group" = config.services.httpd.group;
} // cfg.poolConfig;
}
)) eachSite;
@ -303,7 +299,7 @@ in
<Directory "${pkg hostName cfg}/share/wordpress">
<FilesMatch "\.php$">
<If "-f %{REQUEST_FILENAME}">
SetHandler "proxy:unix:/run/phpfpm/wordpress-${hostName}.sock|fcgi://localhost/"
SetHandler "proxy:unix:${config.services.phpfpm.pools."wordpress-${hostName}".socket}|fcgi://localhost/"
</If>
</FilesMatch>

34
nixos/modules/services/web-apps/zabbix.nix
View File

@ -133,15 +133,15 @@ in
};
poolConfig = mkOption {
type = types.lines;
default = ''
pm = dynamic
pm.max_children = 32
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 500
'';
type = with types; attrsOf (oneOf [ str int bool ]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = ''
Options for the Zabbix PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives.
'';
@ -160,6 +160,8 @@ in
];
services.phpfpm.pools.zabbix = {
inherit user;
group = config.services.httpd.group;
phpOptions = ''
# https://www.zabbix.com/documentation/current/manual/installation/install
memory_limit = 128M
@ -177,15 +179,11 @@ in
'' + optionalString (cfg.database.type == "oracle") ''
extension=${pkgs.phpPackages.oci8}/lib/php/extensions/oci8.so
'';
listen = "/run/phpfpm/zabbix.sock";
extraConfig = ''
listen.owner = ${config.services.httpd.user};
listen.group = ${config.services.httpd.group};
user = ${user};
group = ${config.services.httpd.group};
env[ZABBIX_CONFIG] = ${zabbixConfig}
${cfg.poolConfig}
'';
phpEnv.ZABBIX_CONFIG = zabbixConfig;
settings = {
"listen.owner" = config.services.httpd.user;
"listen.group" = config.services.httpd.group;
} // cfg.poolConfig;
};
services.httpd = {

252
nixos/modules/services/web-servers/phpfpm/default.nix
View File

@ -4,41 +4,27 @@ with lib;
let
cfg = config.services.phpfpm;
enabled = cfg.poolConfigs != {} || cfg.pools != {};
stateDir = "/run/phpfpm";
runtimeDir = "/run/phpfpm";
poolConfigs =
(mapAttrs mapPoolConfig cfg.poolConfigs) //
(mapAttrs mapPool cfg.pools);
toStr = value:
if true == value then "yes"
else if false == value then "no"
else toString value;
mapPoolConfig = n: p: {
phpPackage = cfg.phpPackage;
phpOptions = cfg.phpOptions;
config = p;
};
mapPool = n: p: {
phpPackage = p.phpPackage;
phpOptions = p.phpOptions;
config = ''
listen = ${p.listen}
${p.extraConfig}
'';
};
fpmCfgFile = pool: conf: pkgs.writeText "phpfpm-${pool}.conf" ''
fpmCfgFile = pool: poolOpts: pkgs.writeText "phpfpm-${pool}.conf" ''
[global]
error_log = syslog
daemonize = no
${cfg.extraConfig}
${concatStringsSep "\n" (mapAttrsToList (n: v: "${n} = ${toStr v}") cfg.settings)}
${optionalString (cfg.extraConfig != null) cfg.extraConfig}
[${pool}]
${conf}
${concatStringsSep "\n" (mapAttrsToList (n: v: "${n} = ${toStr v}") poolOpts.settings)}
${concatStringsSep "\n" (mapAttrsToList (n: v: "env[${n}] = ${toStr v}") poolOpts.phpEnv)}
${optionalString (poolOpts.extraConfig != null) poolOpts.extraConfig}
'';
phpIni = pool: pkgs.runCommand "php.ini" {
inherit (pool) phpPackage phpOptions;
phpIni = poolOpts: pkgs.runCommand "php.ini" {
inherit (poolOpts) phpPackage phpOptions;
preferLocalBuild = true;
nixDefaults = ''
sendmail_path = "/run/wrappers/bin/sendmail -t -i"
@ -48,13 +34,138 @@ let
cat $phpPackage/etc/php.ini $nixDefaultsPath $phpOptionsPath > $out
'';
poolOpts = { name, ... }:
let
poolOpts = cfg.pools."${name}";
in
{
options = {
socket = mkOption {
type = types.str;
readOnly = true;
description = ''
Path to the unix socket file on which to accept FastCGI requests.
<note><para>This option is read-only and managed by NixOS.</para></note>
'';
};
listen = mkOption {
type = types.str;
default = "";
example = "/path/to/unix/socket";
description = ''
The address on which to accept FastCGI requests.
'';
};
phpPackage = mkOption {
type = types.package;
default = cfg.phpPackage;
defaultText = "config.services.phpfpm.phpPackage";
description = ''
The PHP package to use for running this PHP-FPM pool.
'';
};
phpOptions = mkOption {
type = types.lines;
default = cfg.phpOptions;
defaultText = "config.services.phpfpm.phpOptions";
description = ''
"Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool."
'';
};
phpEnv = lib.mkOption {
type = with types; attrsOf str;
default = {};
description = ''
Environment variables used for this PHP-FPM pool.
'';
example = literalExample ''
{
HOSTNAME = "$HOSTNAME";
TMP = "/tmp";
TMPDIR = "/tmp";
TEMP = "/tmp";
}
'';
};
user = mkOption {
type = types.str;
description = "User account under which this pool runs.";
};
group = mkOption {
type = types.str;
description = "Group account under which this pool runs.";
};
settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {};
description = ''
PHP-FPM pool directives. Refer to the "List of pool directives" section of
<link xlink:href="https://www.php.net/manual/en/install.fpm.configuration.php"/>
for details. Note that settings names must be enclosed in quotes (e.g.
<literal>"pm.max_children"</literal> instead of <literal>pm.max_children</literal>).
'';
example = literalExample ''
{
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
}
'';
};
extraConfig = mkOption {
type = with types; nullOr lines;
default = null;
description = ''
Extra lines that go into the pool configuration.
See the documentation on <literal>php-fpm.conf</literal> for
details on configuration directives.
'';
};
};
config = {
socket = if poolOpts.listen == "" then "${runtimeDir}/${name}.sock" else poolOpts.listen;
group = mkDefault poolOpts.user;
settings = mapAttrs (name: mkDefault){
listen = poolOpts.socket;
user = poolOpts.user;
group = poolOpts.group;
};
};
};
in {
options = {
services.phpfpm = {
settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {};
description = ''
PHP-FPM global directives. Refer to the "List of global php-fpm.conf directives" section of
<link xlink:href="https://www.php.net/manual/en/install.fpm.configuration.php"/>
for details. Note that settings names must be enclosed in quotes (e.g.
<literal>"pm.max_children"</literal> instead of <literal>pm.max_children</literal>).
You need not specify the options <literal>error_log</literal> or
<literal>daemonize</literal> here, since they are generated by NixOS.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
type = with types; nullOr lines;
default = null;
description = ''
Extra configuration that should be put in the global section of
the PHP-FPM configuration file. Do not specify the options
@ -80,64 +191,56 @@ in {
''
date.timezone = "CET"
'';
description =
"Options appended to the PHP configuration file <filename>php.ini</filename>.";
};
poolConfigs = mkOption {
default = {};
type = types.attrsOf types.lines;
example = literalExample ''
{ mypool = '''
listen = /run/phpfpm/mypool
user = nobody
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
''';
}
'';
description = ''
A mapping between PHP-FPM pool names and their configurations.
See the documentation on <literal>php-fpm.conf</literal> for
details on configuration directives. If no pools are defined,
the phpfpm service is disabled.
Options appended to the PHP configuration file <filename>php.ini</filename>.
'';
};
pools = mkOption {
type = types.attrsOf (types.submodule (import ./pool-options.nix {
inherit lib config;
}));
type = types.attrsOf (types.submodule poolOpts);
default = {};
example = literalExample ''
{
mypool = {
listen = "/path/to/unix/socket";
user = "php";
group = "php";
phpPackage = pkgs.php;
extraConfig = '''
user = nobody
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
settings = '''
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
''';
}
}'';
description = ''
PHP-FPM pools. If no pools or poolConfigs are defined, the PHP-FPM
PHP-FPM pools. If no pools are defined, the PHP-FPM
service is disabled.
'';
};
};
};
config = mkIf enabled {
config = mkIf (cfg.pools != {}) {
warnings =
mapAttrsToList (pool: poolOpts: ''
Using config.services.phpfpm.pools.${pool}.listen is deprecated and will become unsupported in a future release. Please reference the read-only option config.services.phpfpm.pools.${pool}.socket to access the path of your socket.
'') (filterAttrs (pool: poolOpts: poolOpts.listen != "") cfg.pools) ++
mapAttrsToList (pool: poolOpts: ''
Using config.services.phpfpm.pools.${pool}.extraConfig is deprecated and will become unsupported in a future release. Please migrate your configuration to config.services.phpfpm.pools.${pool}.settings.
'') (filterAttrs (pool: poolOpts: poolOpts.extraConfig != null) cfg.pools) ++
optional (cfg.extraConfig != null) ''
Using config.services.phpfpm.extraConfig is deprecated and will become unsupported in a future release. Please migrate your configuration to config.services.phpfpm.settings.
''
;
services.phpfpm.settings = {
error_log = "syslog";
daemonize = false;
};
systemd.slices.phpfpm = {
description = "PHP FastCGI Process manager pools slice";
@ -148,18 +251,15 @@ in {
wantedBy = [ "multi-user.target" ];
};
systemd.services = flip mapAttrs' poolConfigs (pool: poolConfig:
systemd.services = mapAttrs' (pool: poolOpts:
nameValuePair "phpfpm-${pool}" {
description = "PHP FastCGI Process Manager service for pool ${pool}";
after = [ "network.target" ];
wantedBy = [ "phpfpm.target" ];
partOf = [ "phpfpm.target" ];
preStart = ''
mkdir -p ${stateDir}
'';
serviceConfig = let
cfgFile = fpmCfgFile pool poolConfig.config;
iniFile = phpIni poolConfig;
cfgFile = fpmCfgFile pool poolOpts;
iniFile = phpIni poolOpts;
in {
Slice = "phpfpm.slice";
PrivateDevices = true;
@ -168,10 +268,12 @@ in {
# XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK";
Type = "notify";
ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}";
ExecStart = "${poolOpts.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}";
ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
RuntimeDirectory = "phpfpm";
RuntimeDirectoryPreserve = true; # Relevant when multiple processes are running
};
}
);
) cfg.pools;
};
}

57
nixos/modules/services/web-servers/phpfpm/pool-options.nix
View File

@ -1,57 +0,0 @@
{ lib, config }:
let
fpmCfg = config.services.phpfpm;
in
with lib; {
options = {
listen = mkOption {
type = types.str;
example = "/path/to/unix/socket";
description = ''
The address on which to accept FastCGI requests.
'';
};
phpPackage = mkOption {
type = types.package;
default = fpmCfg.phpPackage;
defaultText = "config.services.phpfpm.phpPackage";
description = ''
The PHP package to use for running this PHP-FPM pool.
'';
};
phpOptions = mkOption {
type = types.lines;
default = fpmCfg.phpOptions;
defaultText = "config.services.phpfpm.phpOptions";
description = ''
"Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool."
'';
};
extraConfig = mkOption {
type = types.lines;
example = ''
user = nobody
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
'';
description = ''
Extra lines that go into the pool configuration.
See the documentation on <literal>php-fpm.conf</literal> for
details on configuration directives.
'';
};
};
}