diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-apps/rss-bridge.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/rss-bridge.nix | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/web-apps/rss-bridge.nix b/nixpkgs/nixos/modules/services/web-apps/rss-bridge.nix new file mode 100644 index 00000000000..f1d5b7660f3 --- /dev/null +++ b/nixpkgs/nixos/modules/services/web-apps/rss-bridge.nix @@ -0,0 +1,127 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.rss-bridge; + + poolName = "rss-bridge"; + + whitelist = pkgs.writeText "rss-bridge_whitelist.txt" + (concatStringsSep "\n" cfg.whitelist); +in +{ + options = { + services.rss-bridge = { + enable = mkEnableOption "rss-bridge"; + + user = mkOption { + type = types.str; + default = "nginx"; + example = "nginx"; + description = '' + User account under which both the service and the web-application run. + ''; + }; + + group = mkOption { + type = types.str; + default = "nginx"; + example = "nginx"; + description = '' + Group under which the web-application run. + ''; + }; + + pool = mkOption { + type = types.str; + default = poolName; + description = '' + Name of existing phpfpm pool that is used to run web-application. + If not specified a pool will be created automatically with + default values. + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/rss-bridge"; + description = '' + Location in which cache directory will be created. + You can put <literal>config.ini.php</literal> in here. + ''; + }; + + virtualHost = mkOption { + type = types.nullOr types.str; + default = "rss-bridge"; + description = '' + Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost. + ''; + }; + + whitelist = mkOption { + type = types.listOf types.str; + default = []; + example = options.literalExample '' + [ + "Facebook" + "Instagram" + "Twitter" + ] + ''; + description = '' + List of bridges to be whitelisted. + If the list is empty, rss-bridge will use whitelist.default.txt. + Use <literal>[ "*" ]</literal> to whitelist all. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + services.phpfpm.pools = mkIf (cfg.pool == poolName) { + ${poolName} = { + user = cfg.user; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = cfg.user; + "listen.group" = cfg.user; + "listen.mode" = "0600"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "catch_workers_output" = 1; + }; + }; + }; + systemd.tmpfiles.rules = [ + "d '${cfg.dataDir}/cache' 0750 ${cfg.user} ${cfg.group} - -" + (mkIf (cfg.whitelist != []) "L+ ${cfg.dataDir}/whitelist.txt - - - - ${whitelist}") + "z '${cfg.dataDir}/config.ini.php' 0750 ${cfg.user} ${cfg.group} - -" + ]; + + services.nginx = mkIf (cfg.virtualHost != null) { + enable = true; + virtualHosts = { + ${cfg.virtualHost} = { + root = "${pkgs.rss-bridge}"; + + locations."/" = { + tryFiles = "$uri /index.php$is_args$args"; + }; + + locations."~ ^/index.php(/|$)" = { + extraConfig = '' + include ${pkgs.nginx}/conf/fastcgi_params; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket}; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param RSSBRIDGE_DATA ${cfg.dataDir}; + ''; + }; + }; + }; + }; + }; +} |