phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add testing instance for collaborative grocery store software

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-09-29 05:07:18 +02:00
parent c0d929be0b
commit 5932ae89c2
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
3 changed files with 130 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
dns.tf
View file

@ -88,6 +88,14 @@ resource "hetznerdns_record" "jitsi_a" {
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "elefan-test_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id
name = "elefan-test"
value = local.storage1_ip
type = "A"
ttl = 600
}
resource "hetznerdns_record" "transmission_a" { resource "hetznerdns_record" "transmission_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone_id = data.hetznerdns_zone.banditlair_zone.id
name = "transmission" name = "transmission"

121
modules/elefan.nix Normal file
View file

@ -0,0 +1,121 @@
{ config, lib, pkgs, ... }:
let
composer = pkgs.php81Packages.composer.overrideDerivation (old: {
version = "2.2.18";
src = pkgs.fetchurl {
url = "https://getcomposer.org/download/2.2.18/composer.phar";
sha256 = "sha256-KKjZdA1hUTeowB0yrvkYTbFvVD/KNtsDhQGilNjpWyQ=";
};
});
in
{
containers.elefan-test = {
ephemeral = false;
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.101.1";
localAddress = "192.168.101.2";
config = {
time.timeZone = "Europe/Amsterdam";
environment.systemPackages = with pkgs; [ php74 git composer tmux vim ];
networking.firewall.allowedTCPPorts = [ 80 ];
users.groups.php = { };
users.users.php = {
isNormalUser = true;
group = config.containers.elefan-test.config.users.groups.php.name;
};
services.mysql = {
enable = true;
package = pkgs.mariadb_108;
initialDatabases = [{
name = "symfony";
}];
ensureUsers = [
{
name = "symfony";
ensurePermissions = {
"symfony.*" = "ALL PRIVILEGES";
};
}
{
name = "root";
ensurePermissions = {
"*.*" = "ALL PRIVILEGES";
};
}
];
};
services.nginx = {
enable = true;
virtualHosts."elefan-test.froidmont.org" = {
default = true;
root = "/var/www/elefan-test/web";
locations."/" = {
extraConfig = ''
try_files $uri /app.php$is_args$args;
'';
};
locations."~ ^/app\\.php(/|$)" = {
extraConfig = ''
fastcgi_pass unix:${config.containers.elefan-test.config.services.phpfpm.pools.elefan-test.socket};
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include ${config.services.nginx.package}/conf/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
'';
};
locations."~* ^/sw/(.*)/(qr|br)\\.png$" = {
extraConfig = ''
rewrite ^/sw/(.*)/(qr|br)\.png$ /app.php/sw/$1/$2.png last;
'';
};
extraConfig = ''
location ~ \.php$ {
return 404;
}
'';
};
};
services.phpfpm.pools.elefan-test = {
user = "nginx";
settings = {
pm = "dynamic";
"listen.owner" = config.containers.elefan-test.config.services.nginx.user;
"pm.max_children" = 5;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 3;
"pm.max_requests" = 500;
};
};
system.stateVersion = "22.05";
};
};
services.nginx.virtualHosts."elefan-test.froidmont.org" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://192.168.101.2";
};
};
}

1
profiles/storage.nix
View file

@ -15,6 +15,7 @@
../modules/binary-cache.nix ../modules/binary-cache.nix
../modules/grafana.nix ../modules/grafana.nix
../modules/monitoring-exporters.nix ../modules/monitoring-exporters.nix
../modules/elefan.nix
]; ];
sops.secrets = { sops.secrets = {