From 60e0505f107791d5cf89e1503bbf3b582d5b3941 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Sat, 3 Jun 2023 19:45:27 +0200 Subject: Set SSL_CERT_* variables for php-fpm This should let Nextcloud News fetch feeds when they're added by the user, not just during cron jobs. --- tw/services/nextcloud.scm | 2 +- tw/services/php-fpm.scm | 59 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 tw/services/php-fpm.scm (limited to 'tw') diff --git a/tw/services/nextcloud.scm b/tw/services/nextcloud.scm index 472e0aed..7545474d 100644 --- a/tw/services/nextcloud.scm +++ b/tw/services/nextcloud.scm @@ -87,7 +87,7 @@ Header always set Strict-Transport-Security \"max-age=15552000\" ")))) - (service php-fpm-service-type + (service (@ (tw services php-fpm) php-fpm-service-type) (php-fpm-configuration (user "httpd") (group "httpd") diff --git a/tw/services/php-fpm.scm b/tw/services/php-fpm.scm new file mode 100644 index 00000000..4bdb899e --- /dev/null +++ b/tw/services/php-fpm.scm @@ -0,0 +1,59 @@ +(define-module (tw services php-fpm) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (gnu services admin) + #:use-module (gnu system pam) + #:use-module (gnu system shadow) + #:use-module (gnu packages certs) + #:use-module (guix gexp) + #:use-module ((guix store) #:select (text-file)) + #:use-module ((guix utils) #:select (version-major)) + #:use-module ((guix packages) #:select (package-version)) + #:use-module (ice-9 match) + #:use-module ((gnu services web) #:select (php-fpm-configuration)) + #:export (php-fpm-service-type)) + +(define (@@ (gnu services web) )) +(define default-php-fpm-config (@@ (gnu services web) default-php-fpm-config)) + +(define php-fpm-shepherd-service + (match-lambda + (($ php socket user group socket-user socket-group + pid-file log-file pm display-errors + timezone workers-log-file file php-ini-file) + (list (shepherd-service + (provision '(php-fpm)) + (documentation "Run the php-fpm daemon.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + '(#$(file-append php "/sbin/php-fpm") + "--fpm-config" + #$(or file + (default-php-fpm-config socket user group + socket-user socket-group pid-file log-file + pm display-errors timezone workers-log-file)) + #$@(if php-ini-file + `("-c" ,php-ini-file) + '())) + ;; XXX: this stanza added, for Nextcloud News + #:environment-variables + (cons* + (string-append "SSL_CERT_DIR=" #$(file-append nss-certs "/etc/ssl/certs")) + (default-environment-variables)) + #:pid-file #$pid-file)) + (stop #~(make-kill-destructor))))))) + +(define php-fpm-service-type + (service-type + (name 'php-fpm) + (description + "Run @command{php-fpm} to provide a fastcgi socket for calling php through +a webserver.") + (extensions + (list (service-extension shepherd-root-service-type + php-fpm-shepherd-service) + (service-extension activation-service-type + (@@ (gnu services web) php-fpm-activation)) + (service-extension account-service-type + (@@ (gnu services web) php-fpm-accounts)))) + (default-value (php-fpm-configuration)))) -- cgit v1.2.3