danielsiepmann/nixpkgs
danielsiepmann/nixpkgs
1
0
Code Releases Activity

Resolve some todos for hikari

Browse source 
Use custom options to define some values only once.
This commit is contained in:
Daniel Siepmann 2023-02-05 14:11:22 +01:00
parent 158dc26922
commit 6515fe5e8e
Signed by: Daniel Siepmann
GPG key ID: 33D6629915560EF4
6 changed files with 118 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
systems/hikari/configuration.nix
View file

@ -11,7 +11,7 @@
./cachix.nix
./web-development.nix
./web-development
];
boot = {

83
systems/hikari/web-development.nix
View file

@ -1,83 +0,0 @@
{ pkgs, config, lib, ... }:
# TODO: Find way to define project base path "/var/projects/"
{
imports = [
./web-development/mkcert.nix
./web-development/mailhog.localhost.nix
./web-development/daniel-siepmann.localhost.nix
];
services = {
httpd = {
enable = true;
user = "daniels";
adminAddr = "apache@hikari.localhost";
extraModules = [
"info"
"rewrite"
"proxy"
"proxy_fcgi"
];
virtualHosts."localhost".locations."/server-info" = {
extraConfig = ''
SetHandler server-info
Require local
'';
};
};
mysql = {
enable = true;
package = pkgs.mariadb;
ensureUsers = [
{
name = "daniels";
ensurePermissions = {
"*.*" = "ALL PRIVILEGES";
};
}
{
# INITIALLY once change dev user to be identified by password
name = "dev";
ensurePermissions = {
# TODO: Auto build from defined databases?!
"own_danielsiepmann.*" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [
"testing" # Used by TYPO3 functional tests
"testing_at" # Used by TYPO3 Acceptance tests
];
settings = {
mysqld = {
# sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
general_log = true;
general_log_file = "/var/lib/mysql/query.log";
bind-address = "127.0.0.1";
# = "/var/log/mysql/query.log";
};
};
};
};
systemd.tmpfiles.rules = [
# Would be cool to improve this somehow.
# Current issues: The link is created once against nix store.
# Changes are not reflected until reboot?
"C /var/projects/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.local/share/typo3-configuration"
];
}

6
systems/hikari/web-development/daniel-siepmann.localhost.nix
View file

@ -3,7 +3,7 @@
# TODO: Move to template / function and call with variables
let
domain = "daniel-siepmann.localhost";
documentRoot = "/var/projects/own/daniel-siepmann.de/project/public/";
documentRoot = "${config.custom.web-development.rootPath}/own/daniel-siepmann.de/project/public/";
databaseName = "own_danielsiepmann";
phpPackage = pkgs.php82;
in {
@ -11,8 +11,8 @@ in {
httpd.virtualHosts.${domain} = {
forceSSL = true;
sslServerCert = "/var/projects/own/mkcert/${domain}.pem";
sslServerKey = "/var/projects/own/mkcert/${domain}-key.pem";
sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
inherit documentRoot;

93
systems/hikari/web-development/default.nix Normal file
View file

@ -0,0 +1,93 @@
{ pkgs, config, lib, ... }:
{
imports = [
./mkcert.nix
./mailhog.localhost.nix
./daniel-siepmann.localhost.nix
];
options = {
custom.web-development = {
rootPath = lib.mkOption {
type = lib.types.path;
default = "/var/projects";
};
};
};
config = {
services = {
httpd = {
enable = true;
user = "daniels";
adminAddr = "apache@hikari.localhost";
extraModules = [
"info"
"rewrite"
"proxy"
"proxy_fcgi"
];
virtualHosts."localhost".locations."/server-info" = {
extraConfig = ''
SetHandler server-info
Require local
'';
};
};
mysql = {
enable = true;
package = pkgs.mariadb;
ensureUsers = [
{
name = "daniels";
ensurePermissions = {
"*.*" = "ALL PRIVILEGES";
};
}
{
# INITIALLY once change dev user to be identified by password
name = "dev";
ensurePermissions = {
# TODO: Auto build from defined databases?!
"own_danielsiepmann.*" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [
"testing" # Used by TYPO3 functional tests
"testing_at" # Used by TYPO3 Acceptance tests
];
settings = {
mysqld = {
# sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
general_log = true;
general_log_file = "/var/lib/mysql/query.log";
bind-address = "127.0.0.1";
# = "/var/log/mysql/query.log";
};
};
};
};
systemd.tmpfiles.rules = [
# Would be cool to improve this somehow.
# Current issues: The link is created once against nix store.
# Changes are not reflected until reboot?
"C ${config.custom.web-development.rootPath}/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.local/share/typo3-configuration"
];
};
}

4
systems/hikari/web-development/mailhog.localhost.nix
View file

@ -7,8 +7,8 @@ in {
httpd.virtualHosts.${domain} = {
forceSSL = true;
sslServerCert = "/var/projects/own/mkcert/${domain}.pem";
sslServerKey = "/var/projects/own/mkcert/${domain}-key.pem";
sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
extraConfig = ''
RequestHeader unset Authorization

26
systems/hikari/web-development/mkcert.nix
View file

@ -27,12 +27,24 @@ let
'';
};
in {
# TODO: Run once before httpd service starts?
environment.systemPackages = [
custom-generate-certs
];
options = {
custom.web-development = {
certFolder = lib.mkOption {
type = lib.types.path;
default = "${config.custom.web-development.rootPath}/own/mkcert/";
};
};
};
security.pki.certificateFiles = [
/var/projects/own/mkcert/rootCA.pem
];
config = {
# TODO: Run once before httpd service starts?
environment.systemPackages = [
custom-generate-certs
];
# NOTE: Disable until root certificate is generated, then add again
security.pki.certificates = [
(builtins.readFile "${config.custom.web-development.certFolder}rootCA.pem")
];
};
}