Restructure web development for hikari

Nix is not needed, it is generated. Try to find a better structure for web development setup. The initial steps with httpd and php fpm work now.
2023-02-02 15:24:17 +01:00 · 2023-02-02 15:24:17 +01:00 · 1aa49f0eff
parent 0ece6835b6
commit 1aa49f0eff
9 changed files with 118 additions and 2 deletions
--- a/systems/hikari/nixos/cachix.nix
+++ b/systems/hikari/nixos/cachix.nix
--- a/systems/hikari/nixos/cachix/fossar.nix
+++ b/systems/hikari/nixos/cachix/fossar.nix
--- a/systems/hikari/nixos/configuration.nix
+++ b/systems/hikari/nixos/configuration.nix
@ -10,6 +10,8 @@
    ./hardware-configuration.nix

    ./cachix.nix
+
+    ./web-development.nix
  ];

  boot = {
--- a/systems/hikari/nixos/hardware-configuration.nix
+++ b/systems/hikari/nixos/hardware-configuration.nix
--- a/systems/hikari/nix/nix.conf
+++ b/systems/hikari/nix/nix.conf
@ -1 +0,0 @@
-/etc/static/nix/nix.conf
--- a/systems/hikari/nix/registry.json
+++ b/systems/hikari/nix/registry.json
@ -1 +0,0 @@
-/etc/static/nix/registry.json
--- a/systems/hikari/nixos/readme.rst
+++ b/systems/hikari/nixos/readme.rst
--- a/systems/hikari/web-development.nix
+++ b/systems/hikari/web-development.nix
@ -0,0 +1,31 @@
+{ pkgs, lib, ... }:
+
+{
+  imports = [
+    ./web-development/daniel-siepmann.localhost.nix
+  ];
+
+  services = {
+    httpd = {
+      enable = true;
+
+      user = "daniels";
+
+      adminAddr = "apache@hikari.localhost";
+
+      extraModules = [
+        "info"
+        "rewrite"
+        "proxy"
+        "proxy_fcgi"
+      ];
+
+      virtualHosts."localhost".locations."/server-info" = {
+        extraConfig = ''
+          SetHandler server-info
+          Require local
+        '';
+      };
+    };
+  };
+}
--- a/systems/hikari/web-development/daniel-siepmann.localhost.nix
+++ b/systems/hikari/web-development/daniel-siepmann.localhost.nix
@ -0,0 +1,85 @@
+{ pkgs, lib, config, ... }:
+
+let
+  domain = "daniel-siepmann.localhost";
+  documentRoot = "/var/projects/own/daniel-siepmann.de/project/public/";
+in {
+  services = {
+    httpd.virtualHosts.${domain} = {
+      # TODO: Add SSL
+      # forceSSL = true;
+      # addSSL = true;
+      inherit documentRoot;
+      extraConfig = ''
+        <Directory ${documentRoot}>
+            AllowOverride None
+            Require all granted
+            DirectoryIndex index.php
+
+            RewriteEngine On
+
+            # Store the current location in an environment variable CWD to use
+            # mod_rewrite in .htaccess files without knowing the RewriteBase
+            RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
+            RewriteRule ^.*$ - [E=CWD:%2]
+
+            # Rule for versioned static files, configured through:
+            # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
+            # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
+            # IMPORTANT: This rule has to be the very first RewriteCond in order to work!
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
+
+            # Access block for folders
+            RewriteRule _(?:recycler|temp)_/ - [F]
+            RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
+            RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
+            RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
+
+            # Block access to all hidden files and directories with the exception of
+            # the visible content from within the `/.well-known/` hidden directory (RFC 5785).
+            RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
+            RewriteCond %{SCRIPT_FILENAME} -d [OR]
+            RewriteCond %{SCRIPT_FILENAME} -f
+            RewriteRule (?:^|/)\. - [F]
+
+            # Stop rewrite processing, if we are in any other known directory
+            # NOTE: Add your additional local storages here
+            RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
+
+            # If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteCond %{REQUEST_FILENAME} !-l
+            RewriteCond %{REQUEST_URI} ^/typo3/.*$
+            RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
+
+            # If the file/symlink/directory does not exist => Redirect to index.php.
+            # For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteCond %{REQUEST_FILENAME} !-l
+            RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
+        </Directory>
+
+        <FilesMatch "\.php$">
+            SetHandler  "proxy:unix:${config.services.phpfpm.pools."${domain}".socket}|fcgi://${domain}/"
+        </FilesMatch>
+      '';
+    };
+    phpfpm.pools.${domain} = {
+      inherit (config.services.httpd) user group;
+      phpPackage = pkgs.php82;
+      settings = {
+        "listen.owner" = config.services.httpd.user;
+        "listen.group" = config.services.httpd.group;
+        "pm" = "static";
+        "pm.max_children" = 15;
+      };
+      phpEnv = {
+        TYPO3_CONTEXT = "Development/dsiepmann";
+      };
+    };
+  };
+}