diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index e32fa6fded4..65014b4beed 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -178,6 +178,9 @@ with lib;
The starting time can be configured via services.postgresqlBackup.startAt.
'')
+ # phpfpm
+ (mkRemovedOptionModule [ "services" "phpfpm" "poolConfigs" ] "Use services.phpfpm.pools instead.")
+
# zabbixServer
(mkRenamedOptionModule [ "services" "zabbixServer" "dbServer" ] [ "services" "zabbixServer" "database" "host" ])
diff --git a/nixos/modules/services/mail/roundcube.nix b/nixos/modules/services/mail/roundcube.nix
index e8b2e11bf72..3bc1cf807ac 100644
--- a/nixos/modules/services/mail/roundcube.nix
+++ b/nixos/modules/services/mail/roundcube.nix
@@ -119,24 +119,26 @@ in
enable = true;
};
- services.phpfpm.poolConfigs.roundcube = ''
- listen = /run/phpfpm/roundcube
- listen.owner = nginx
- listen.group = nginx
- listen.mode = 0660
- user = nginx
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 20
- pm.max_requests = 500
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- php_admin_value[post_max_size] = 25M
- php_admin_value[upload_max_filesize] = 25M
- catch_workers_output = yes
- '';
+ services.phpfpm.pools.roundcube = {
+ listen = "/run/phpfpm/roundcube";
+ extraConfig = ''
+ listen.owner = nginx
+ listen.group = nginx
+ listen.mode = 0660
+ user = nginx
+ pm = dynamic
+ pm.max_children = 75
+ pm.start_servers = 2
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 20
+ pm.max_requests = 500
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ php_admin_value[post_max_size] = 25M
+ php_admin_value[upload_max_filesize] = 25M
+ catch_workers_output = yes
+ '';
+ };
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
systemd.services.roundcube-setup = let
diff --git a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
index 6740131dccd..4c7736b8887 100644
--- a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
+++ b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
@@ -164,19 +164,21 @@ in {
};
config = mkIf cfg.enable {
- services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
- "${poolName}" = ''
- listen = "${phpfpmSocketName}"
- listen.owner = nginx
- listen.group = nginx
- listen.mode = 0600
- user = icingaweb2
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 2
- pm.min_spare_servers = 2
- pm.max_spare_servers = 10
- '';
+ services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
+ "${poolName}" = {
+ listen = phpfpmSocketName;
+ extraConfig = ''
+ listen.owner = nginx
+ listen.group = nginx
+ listen.mode = 0600
+ user = icingaweb2
+ pm = dynamic
+ pm.max_children = 75
+ pm.start_servers = 2
+ pm.min_spare_servers = 2
+ pm.max_spare_servers = 10
+ '';
+ };
};
services.phpfpm.phpOptions = mkIf (cfg.pool == "${poolName}")
diff --git a/nixos/modules/services/web-apps/matomo.nix b/nixos/modules/services/web-apps/matomo.nix
index 14aca45a342..bf8b9dbcc21 100644
--- a/nixos/modules/services/web-apps/matomo.nix
+++ b/nixos/modules/services/web-apps/matomo.nix
@@ -225,22 +225,24 @@ in {
serviceConfig.UMask = "0007";
};
- services.phpfpm.poolConfigs = let
+ services.phpfpm.pools = let
# workaround for when both are null and need to generate a string,
# which is illegal, but as assertions apparently are being triggered *after* config generation,
# we have to avoid already throwing errors at this previous stage.
socketOwner = if (cfg.nginx != null) then config.services.nginx.user
else if (cfg.webServerUser != null) then cfg.webServerUser else "";
in {
- ${pool} = ''
- listen = "${phpSocket}"
- listen.owner = ${socketOwner}
- listen.group = root
- listen.mode = 0600
- user = ${user}
- env[PIWIK_USER_PATH] = ${dataDir}
- ${cfg.phpfpmProcessManagerConfig}
- '';
+ ${pool} = {
+ listen = phpSocket;
+ extraConfig = ''
+ listen.owner = ${socketOwner}
+ listen.group = root
+ listen.mode = 0600
+ user = ${user}
+ env[PIWIK_USER_PATH] = ${dataDir}
+ ${cfg.phpfpmProcessManagerConfig}
+ '';
+ };
};
diff --git a/nixos/modules/services/web-apps/selfoss.nix b/nixos/modules/services/web-apps/selfoss.nix
index cd0f743a5fb..348febe661b 100644
--- a/nixos/modules/services/web-apps/selfoss.nix
+++ b/nixos/modules/services/web-apps/selfoss.nix
@@ -116,21 +116,23 @@ in
config = mkIf cfg.enable {
- services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
- "${poolName}" = ''
- listen = "${phpfpmSocketName}";
- listen.owner = nginx
- listen.group = nginx
- listen.mode = 0600
- user = nginx
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 10
- pm.min_spare_servers = 5
- pm.max_spare_servers = 20
- pm.max_requests = 500
- catch_workers_output = 1
- '';
+ services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
+ "${poolName}" = {
+ listen = phpfpmSocketName;
+ extraConfig = ''
+ listen.owner = nginx
+ listen.group = nginx
+ listen.mode = 0600
+ user = nginx
+ pm = dynamic
+ pm.max_children = 75
+ pm.start_servers = 10
+ pm.min_spare_servers = 5
+ pm.max_spare_servers = 20
+ pm.max_requests = 500
+ catch_workers_output = 1
+ '';
+ };
};
systemd.services.selfoss-config = {
diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix
index ffafbc5e92f..9db3a058d6d 100644
--- a/nixos/modules/services/web-servers/phpfpm/default.nix
+++ b/nixos/modules/services/web-servers/phpfpm/default.nix
@@ -4,41 +4,22 @@ with lib;
let
cfg = config.services.phpfpm;
- enabled = cfg.poolConfigs != {} || cfg.pools != {};
stateDir = "/run/phpfpm";
- poolConfigs =
- (mapAttrs mapPoolConfig cfg.poolConfigs) //
- (mapAttrs mapPool cfg.pools);
-
- mapPoolConfig = n: p: {
- phpPackage = cfg.phpPackage;
- phpOptions = cfg.phpOptions;
- config = p;
- };
-
- mapPool = n: p: {
- phpPackage = p.phpPackage;
- phpOptions = p.phpOptions;
- config = ''
- listen = ${p.listen}
- ${p.extraConfig}
- '';
- };
-
- fpmCfgFile = pool: conf: pkgs.writeText "phpfpm-${pool}.conf" ''
+ fpmCfgFile = pool: poolOpts: pkgs.writeText "phpfpm-${pool}.conf" ''
[global]
error_log = syslog
daemonize = no
${cfg.extraConfig}
[${pool}]
- ${conf}
+ listen = ${poolOpts.listen}
+ ${poolOpts.extraConfig}
'';
- phpIni = pool: pkgs.runCommand "php.ini" {
- inherit (pool) phpPackage phpOptions;
+ phpIni = poolOpts: pkgs.runCommand "php.ini" {
+ inherit (poolOpts) phpPackage phpOptions;
preferLocalBuild = true;
nixDefaults = ''
sendmail_path = "/run/wrappers/bin/sendmail -t -i"
@@ -84,30 +65,6 @@ in {
"Options appended to the PHP configuration file php.ini.";
};
- poolConfigs = mkOption {
- default = {};
- type = types.attrsOf types.lines;
- example = literalExample ''
- { mypool = '''
- listen = /run/phpfpm/mypool
- user = nobody
- pm = dynamic
- pm.max_children = 75
- pm.start_servers = 10
- pm.min_spare_servers = 5
- pm.max_spare_servers = 20
- pm.max_requests = 500
- ''';
- }
- '';
- description = ''
- A mapping between PHP-FPM pool names and their configurations.
- See the documentation on php-fpm.conf for
- details on configuration directives. If no pools are defined,
- the phpfpm service is disabled.
- '';
- };
-
pools = mkOption {
type = types.attrsOf (types.submodule (import ./pool-options.nix {
inherit lib config;
@@ -130,14 +87,14 @@ in {
}
}'';
description = ''
- PHP-FPM pools. If no pools or poolConfigs are defined, the PHP-FPM
+ PHP-FPM pools. If no pools are defined, the PHP-FPM
service is disabled.
'';
};
};
};
- config = mkIf enabled {
+ config = mkIf (cfg.pools != {}) {
systemd.slices.phpfpm = {
description = "PHP FastCGI Process manager pools slice";
@@ -148,7 +105,7 @@ in {
wantedBy = [ "multi-user.target" ];
};
- systemd.services = flip mapAttrs' poolConfigs (pool: poolConfig:
+ systemd.services = mapAttrs' (pool: poolOpts:
nameValuePair "phpfpm-${pool}" {
description = "PHP FastCGI Process Manager service for pool ${pool}";
after = [ "network.target" ];
@@ -158,8 +115,8 @@ in {
mkdir -p ${stateDir}
'';
serviceConfig = let
- cfgFile = fpmCfgFile pool poolConfig.config;
- iniFile = phpIni poolConfig;
+ cfgFile = fpmCfgFile pool poolOpts;
+ iniFile = phpIni poolOpts;
in {
Slice = "phpfpm.slice";
PrivateDevices = true;
@@ -168,10 +125,10 @@ in {
# XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK";
Type = "notify";
- ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}";
+ ExecStart = "${poolOpts.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}";
ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
};
}
- );
+ ) cfg.pools;
};
}