nixos/icingaweb2: fix work with phpfpm-rootless mode

author: Izorkin <izorkin@elven.pw> 2019-06-15 16:36:20 +0300
committer: Izorkin <izorkin@elven.pw> 2019-06-16 12:33:51 +0300
commit: 2172419101c08b68652c37b38eb03b453fb252fa (patch)
tree: 94add91b82a8896f5b8424713d744d54d87e7734 /nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
parent: d49857a885e86ed1b910b8bc550b9a4e5ded783a (diff)
download: nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.gz
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.bz2
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.lz
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.xz
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.zst
nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.zip
1 files changed, 21 insertions, 15 deletions
diff --git a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
index 910e1d937bf..e83270fda5c 100644
--- a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
+++ b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
@@ -1,7 +1,6 @@
 { config, lib, pkgs, ... }: with lib; let
   cfg = config.services.icingaweb2;
   poolName = "icingaweb2";
-  phpfpmSocketName = "/var/run/phpfpm/${poolName}.sock";
 
   defaultConfig = {
     global = {
@@ -162,19 +161,23 @@ in {
   };
 
   config = mkIf cfg.enable {
-    services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
-      "${poolName}" = ''
-        listen = "${phpfpmSocketName}"
-        listen.owner = nginx
-        listen.group = nginx
-        listen.mode = 0600
-        user = icingaweb2
-        pm = dynamic
-        pm.max_children = 75
-        pm.start_servers = 2
-        pm.min_spare_servers = 2
-        pm.max_spare_servers = 10
-      '';
+    services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
+      "${poolName}" = {
+        socketName = "${poolName}";
+        phpPackage = pkgs.php;
+        user = "icingaweb2";
+        group = "icingaweb2";
+        extraConfig = ''
+          listen.owner = ${config.services.nginx.user}
+          listen.group = ${config.services.nginx.group}
+          listen.mode = 0600
+          pm = dynamic
+          pm.max_children = 75
+          pm.start_servers = 2
+          pm.min_spare_servers = 2
+          pm.max_spare_servers = 10
+        '';
+      };
     };
 
     services.phpfpm.phpOptions = mkIf (cfg.pool == "${poolName}")
@@ -206,7 +209,7 @@ in {
             include ${config.services.nginx.package}/conf/fastcgi.conf;
             try_files $uri =404;
             fastcgi_split_path_info ^(.+\.php)(/.+)$;
-            fastcgi_pass unix:${phpfpmSocketName};
+            fastcgi_pass unix:/run/phpfpm-${poolName}/${poolName}.sock;
             fastcgi_param SCRIPT_FILENAME ${pkgs.icingaweb2}/public/index.php;
           '';
         };
@@ -239,5 +242,8 @@ in {
       group = "icingaweb2";
       isSystemUser = true;
     };
+    users.users.nginx = {
+      extraGroups = [ "icingaweb2" ];
+    };
   };
 }
author	Izorkin <izorkin@elven.pw>	2019-06-15 16:36:20 +0300
committer	Izorkin <izorkin@elven.pw>	2019-06-16 12:33:51 +0300
commit	2172419101c08b68652c37b38eb03b453fb252fa (patch)
tree	94add91b82a8896f5b8424713d744d54d87e7734 /nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
parent	d49857a885e86ed1b910b8bc550b9a4e5ded783a (diff)
download	nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.gz nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.bz2 nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.lz nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.xz nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.tar.zst nixpkgs-2172419101c08b68652c37b38eb03b453fb252fa.zip