self-hosting/modules/stb.nix

{
  pkgs,
  config,
  lib,
  ...
}:
let
  cfg = config.custom.services.stb;
  uploadWordpressConfig = pkgs.writeText "upload.ini" ''
    file_uploads = On
    memory_limit = 64M
    upload_max_filesize = 64M
    post_max_size = 64M
    max_execution_time = 600
  '';
in
{
  options.custom.services.stb = {
    enable = lib.mkEnableOption "stb";
  };

  config = lib.mkIf cfg.enable {

    virtualisation.podman.defaultNetwork.settings = {
      dns_enabled = true;
    };
    systemd.services.init-stb-network = {
      description = "Create the network bridge stb-br for wordpress.";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig.Type = "oneshot";
      script =
        let
          podmancli = "${pkgs.podman}/bin/podman";
        in
        ''
          # Put a true at the end to prevent getting non-zero return code, which will
          # crash the whole service.
          check=$(${podmancli} pod ps | grep "stb" || true)
          if [ -z "$check" ]; then
            ${podmancli} pod create --publish 8180:80 stb
          else
            echo "stb pod already exists"
          fi
        '';
    };

    virtualisation.oci-containers.containers = {
      "stb-mariadb" = {
        image = "mariadb:10.7";
        environment = {
          "MYSQL_ROOT_PASSWORD" = "root";
          "MYSQL_USER" = "stb";
          "MYSQL_PASSWORD" = "stb";
          "MYSQL_DATABASE" = "stb";
        };
        volumes = [ "/var/lib/mariadb/stb:/var/lib/mysql" ];
        extraOptions = [ "--pod=stb" ];
        autoStart = true;
      };

      "stb-wordpress" = {
        image = "wordpress:5.8-php7.4-apache";
        volumes = [
          "/nix/var/data/stb-wordpress:/var/www/html"
          "${uploadWordpressConfig}:/usr/local/etc/php/conf.d/uploads.ini"
        ];
        extraOptions = [ "--pod=stb" ];
        autoStart = true;
      };
    };

    services.nginx.virtualHosts."www.societe-de-tir-bertrix.com" = {
      serverAliases = [ "societe-de-tir-bertrix.com" ];
      forceSSL = true;
      enableACME = true;

      locations."/" = {
        proxyPass = "http://127.0.0.1:8180";
      };
    };
  };
}
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`{`
			`pkgs,`
			`config,`
			`lib,`
			`...`
			`}:`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00			`let`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`cfg = config.custom.services.stb;`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00			`uploadWordpressConfig = pkgs.writeText "upload.ini" ''`
			`file_uploads = On`
			`memory_limit = 64M`
			`upload_max_filesize = 64M`
			`post_max_size = 64M`
			`max_execution_time = 600`
			`'';`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`in`
			`{`
			`options.custom.services.stb = {`
			`enable = lib.mkEnableOption "stb";`
			`};`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`config = lib.mkIf cfg.enable {`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00
			`virtualisation.podman.defaultNetwork.settings = {`
			`dns_enabled = true;`
			`};`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`systemd.services.init-stb-network = {`
			`description = "Create the network bridge stb-br for wordpress.";`
			`after = [ "network.target" ];`
			`wantedBy = [ "multi-user.target" ];`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`serviceConfig.Type = "oneshot";`
			`script =`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`let`
			`podmancli = "${pkgs.podman}/bin/podman";`
			`in`
			`''`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`# Put a true at the end to prevent getting non-zero return code, which will`
			`# crash the whole service.`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`check=$(${podmancli} pod ps \| grep "stb" \|\| true)`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`if [ -z "$check" ]; then`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`${podmancli} pod create --publish 8180:80 stb`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`else`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`echo "stb pod already exists"`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`fi`
			`'';`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`virtualisation.oci-containers.containers = {`
			`"stb-mariadb" = {`
			`image = "mariadb:10.7";`
			`environment = {`
			`"MYSQL_ROOT_PASSWORD" = "root";`
			`"MYSQL_USER" = "stb";`
			`"MYSQL_PASSWORD" = "stb";`
			`"MYSQL_DATABASE" = "stb";`
			`};`
			`volumes = [ "/var/lib/mariadb/stb:/var/lib/mysql" ];`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`extraOptions = [ "--pod=stb" ];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`autoStart = true;`
			`};`

			`"stb-wordpress" = {`
			`image = "wordpress:5.8-php7.4-apache";`
			`volumes = [`
			`"/nix/var/data/stb-wordpress:/var/www/html"`
			`"${uploadWordpressConfig}:/usr/local/etc/php/conf.d/uploads.ini"`
			`];`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`extraOptions = [ "--pod=stb" ];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`autoStart = true;`
			`};`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`services.nginx.virtualHosts."www.societe-de-tir-bertrix.com" = {`
			`serverAliases = [ "societe-de-tir-bertrix.com" ];`
			`forceSSL = true;`
			`enableACME = true;`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:8180";`
			`};`
Migrate stb-wordpress 2021-12-08 01:03:24 +01:00			`};`
			`};`
			`}`