|
8 | 8 | inputs.nixpkgs.follows = "nixpkgs"; |
9 | 9 | url = "github:john-shaffer/hyperfine-flake"; |
10 | 10 | }; |
11 | | - microvm = { |
12 | | - url = "github:microvm-nix/microvm.nix"; |
13 | | - inputs.nixpkgs.follows = "nixpkgs"; |
14 | | - }; |
15 | 11 | process-compose-flake.url = "github:Platonic-Systems/process-compose-flake"; |
16 | 12 | services-flake.url = "github:juspay/services-flake"; |
17 | 13 | wordpress-flake = { |
|
52 | 48 | opcache.jit_buffer_size = 8M |
53 | 49 | upload_max_filesize=1024M |
54 | 50 | ''; |
55 | | - nixosModules = { |
56 | | - wordpress-server = { |
57 | | - security.sudo.extraRules = [ |
58 | | - { |
59 | | - users = [ "www" ]; |
60 | | - commands = [ |
61 | | - { |
62 | | - command = "ALL"; |
63 | | - options = [ "NOPASSWD" ]; |
64 | | - } |
65 | | - ]; |
66 | | - } |
67 | | - ]; |
68 | | - services.memcached = memcachedConfig; |
69 | | - services.mysql = mysqlConfig; |
70 | | - # Create the home dir on the volume |
71 | | - systemd.tmpfiles.rules = [ "d /home/www 0755 www www -" ]; |
72 | | - users.users.nginx = { |
73 | | - extraGroups = [ "www" ]; |
74 | | - }; |
75 | | - users.users.php = { |
76 | | - extraGroups = [ "www" ]; |
77 | | - isSystemUser = true; |
78 | | - group = "php"; |
79 | | - }; |
80 | | - users.users.www = { |
81 | | - extraGroups = [ |
82 | | - "network" |
83 | | - "wheel" |
84 | | - ]; |
85 | | - group = "www"; |
86 | | - home = "/home/www"; |
87 | | - isNormalUser = true; |
88 | | - password = ""; |
89 | | - }; |
90 | | - users.groups.php = { }; |
91 | | - users.groups.www = { }; |
92 | | - }; |
93 | | - }; |
94 | 51 | in |
95 | 52 | inputs.flake-parts.lib.mkFlake { inherit inputs; } { |
96 | 53 | systems = import inputs.systems; |
|
264 | 221 | wp plugin install --activate ${wpPluginCheck} |
265 | 222 | ''; |
266 | 223 | }; |
267 | | - wordpress-firecracker = inputs.nixpkgs.lib.nixosSystem { |
268 | | - inherit system; |
269 | | - pkgs = finalPkgs; |
270 | | - modules = with finalPkgs; [ |
271 | | - inputs.microvm.nixosModules.microvm |
272 | | - nixosModules.wordpress-server |
273 | | - ./services/wordpress-installer.nix |
274 | | - ( |
275 | | - { config, ... }: |
276 | | - { |
277 | | - environment.systemPackages = [ |
278 | | - mariadb |
279 | | - memcached |
280 | | - nginx |
281 | | - php |
282 | | - vim |
283 | | - wp-cli |
284 | | - ]; |
285 | | - services.mysql.package = mariadb; |
286 | | - services.nginx = { |
287 | | - enable = true; |
288 | | - httpConfig = nginxHttpConfig "/home/www/wordpress" config.services.phpfpm.pools.default.socket; |
289 | | - port = serverPort; |
290 | | - }; |
291 | | - services.phpfpm = { |
292 | | - pools = { |
293 | | - default = { |
294 | | - settings = { |
295 | | - "catch_workers_output" = "yes"; |
296 | | - "listen.owner" = config.services.nginx.user; |
297 | | - "php_admin_value[error_log]" = "stderr"; |
298 | | - "php_admin_flag[log_errors]" = true; |
299 | | - "pm" = "ondemand"; |
300 | | - "pm.max_children" = "5"; |
301 | | - }; |
302 | | - group = "php"; |
303 | | - user = "php"; |
304 | | - }; |
305 | | - }; |
306 | | - phpOptions = phpOptions; |
307 | | - }; |
308 | | - services.wordpress-installer = { |
309 | | - enable = true; |
310 | | - package = (wpInstaller "localhost" "www" "/home/www/wordpress"); |
311 | | - user = "www"; |
312 | | - }; |
313 | | - systemd.services.nginx.serviceConfig.ProtectHome = false; |
314 | | - systemd.services.phpfpm-default.serviceConfig.ProtectHome = lib.mkForce false; |
315 | | - systemd.services.wordpress-installer = { |
316 | | - after = [ "mysql.service" ]; |
317 | | - wants = [ "mysql.service" ]; |
318 | | - }; |
319 | | - } |
320 | | - ) |
321 | | - { |
322 | | - networking.hostName = "wordpress-firecracker"; |
323 | | - users.users.root.password = ""; |
324 | | - microvm = { |
325 | | - hypervisor = "firecracker"; |
326 | | - socket = "control.socket"; |
327 | | - volumes = [ |
328 | | - { |
329 | | - mountPoint = "/home"; |
330 | | - image = "home.img"; |
331 | | - size = 8096; |
332 | | - } |
333 | | - { |
334 | | - mountPoint = "/var"; |
335 | | - image = "var.img"; |
336 | | - size = 8096; |
337 | | - } |
338 | | - ]; |
339 | | - }; |
340 | | - } |
341 | | - ]; |
342 | | - }; |
343 | 224 | localstackImage = "docker.io/localstack/localstack:4.9.2"; |
344 | 225 | in |
345 | 226 | with finalPkgs; |
|
452 | 333 | inputs.hyperfine-flake.packages.${system}.scripts |
453 | 334 | jq |
454 | 335 | just |
455 | | - inputs.microvm.packages.${system}.microvm |
456 | 336 | nixfmt-rfc-style |
457 | 337 | omnix |
458 | 338 | parallel |
|
466 | 346 | ]; |
467 | 347 | inputsFrom = [ config.process-compose."default".services.outputs.devShell ]; |
468 | 348 | }; |
469 | | - packages = { |
470 | | - #wordpress-firecracker = |
471 | | - # wordpress-firecracker.config.microvm.declaredRunner; |
472 | | - }; |
473 | 349 | }; |
474 | | - } |
475 | | - // { |
476 | | - inherit nixosModules; |
477 | 350 | }; |
478 | 351 | } |
0 commit comments