From 7c3ecbdce9e5f054e32e5d58c86399d5f2375a6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Tue, 14 Nov 2023 20:38:23 +0100 Subject: [PATCH] nixos/invoiceplane: add nginx as a webserver option for invoiceplane Getting the vhost to play nice with phpfpm was done by following this community post: https://community.invoiceplane.com/t/topic/2654 --- .../services/web-apps/invoiceplane.nix | 40 ++++++- nixos/tests/invoiceplane.nix | 104 +++++++++++------- 2 files changed, 101 insertions(+), 43 deletions(-) diff --git a/nixos/modules/services/web-apps/invoiceplane.nix b/nixos/modules/services/web-apps/invoiceplane.nix index 429520470a0d..618bd848ebcb 100644 --- a/nixos/modules/services/web-apps/invoiceplane.nix +++ b/nixos/modules/services/web-apps/invoiceplane.nix @@ -252,11 +252,11 @@ in }; options.webserver = mkOption { - type = types.enum [ "caddy" ]; + type = types.enum [ "caddy" "nginx" ]; default = "caddy"; + example = "nginx"; description = lib.mdDoc '' - Which webserver to use for virtual host management. Currently only - caddy is supported. + Which webserver to use for virtual host management. ''; }; }; @@ -390,5 +390,39 @@ in }; }) + (mkIf (cfg.webserver == "nginx") { + services.nginx = { + enable = true; + virtualHosts = mapAttrs' (hostName: cfg: ( + nameValuePair hostName { + root = pkg hostName cfg; + extraConfig = '' + index index.php index.html index.htm; + + if (!-e $request_filename){ + rewrite ^(.*)$ /index.php break; + } + ''; + + locations = { + "/setup".extraConfig = '' + rewrite ^(.*)$ http://${hostName}/ redirect; + ''; + + "~ .php$" = { + extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}; + include ${config.services.nginx.package}/conf/fastcgi_params; + include ${config.services.nginx.package}/conf/fastcgi.conf; + ''; + }; + }; + } + )) eachSite; + }; + }) + ]); } diff --git a/nixos/tests/invoiceplane.nix b/nixos/tests/invoiceplane.nix index 70ed96ee39f3..0b5170717199 100644 --- a/nixos/tests/invoiceplane.nix +++ b/nixos/tests/invoiceplane.nix @@ -27,56 +27,80 @@ import ./make-test-python.nix ({ pkgs, ... }: networking.firewall.allowedTCPPorts = [ 80 ]; networking.hosts."127.0.0.1" = [ "site1.local" "site2.local" ]; }; + + invoiceplane_nginx = { ... }: { + services.invoiceplane.webserver = "nginx"; + services.invoiceplane.sites = { + "site1.local" = { + database.name = "invoiceplane1"; + database.createLocally = true; + enable = true; + }; + "site2.local" = { + database.name = "invoiceplane2"; + database.createLocally = true; + enable = true; + }; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; + networking.hosts."127.0.0.1" = [ "site1.local" "site2.local" ]; + }; }; testScript = '' start_all() invoiceplane_caddy.wait_for_unit("caddy") - invoiceplane_caddy.wait_for_open_port(80) - invoiceplane_caddy.wait_for_open_port(3306) + invoiceplane_nginx.wait_for_unit("nginx") site_names = ["site1.local", "site2.local"] - for site_name in site_names: - machine.wait_for_unit(f"phpfpm-invoiceplane-{site_name}") + machines = [invoiceplane_caddy, invoiceplane_nginx] - with subtest("Website returns welcome screen"): - assert "Please install InvoicePlane" in machine.succeed(f"curl -L {site_name}") + for machine in machines: + machine.wait_for_open_port(80) + machine.wait_for_open_port(3306) - with subtest("Finish InvoicePlane setup"): - machine.succeed( - f"curl -sSfL --cookie-jar cjar {site_name}/setup/language" - ) - csrf_token = machine.succeed( - "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" - ) - machine.succeed( - f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&ip_lang=english&btn_continue=Continue' {site_name}/setup/language" - ) - csrf_token = machine.succeed( - "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" - ) - machine.succeed( - f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/prerequisites" - ) - csrf_token = machine.succeed( - "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" - ) - machine.succeed( - f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/configure_database" - ) - csrf_token = machine.succeed( - "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" - ) - machine.succeed( - f"curl -sSfl --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/install_tables" - ) - csrf_token = machine.succeed( - "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" - ) - machine.succeed( - f"curl -sSfl --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/upgrade_tables" - ) + for site_name in site_names: + machine.wait_for_unit(f"phpfpm-invoiceplane-{site_name}") + + with subtest("Website returns welcome screen"): + assert "Please install InvoicePlane" in machine.succeed(f"curl -L {site_name}") + + with subtest("Finish InvoicePlane setup"): + machine.succeed( + f"curl -sSfL --cookie-jar cjar {site_name}/setup/language" + ) + csrf_token = machine.succeed( + "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" + ) + machine.succeed( + f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&ip_lang=english&btn_continue=Continue' {site_name}/setup/language" + ) + csrf_token = machine.succeed( + "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" + ) + machine.succeed( + f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/prerequisites" + ) + csrf_token = machine.succeed( + "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" + ) + machine.succeed( + f"curl -sSfL --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/configure_database" + ) + csrf_token = machine.succeed( + "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" + ) + machine.succeed( + f"curl -sSfl --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/install_tables" + ) + csrf_token = machine.succeed( + "grep ip_csrf_cookie cjar | cut -f 7 | tr -d '\n'" + ) + machine.succeed( + f"curl -sSfl --cookie cjar --cookie-jar cjar -d '_ip_csrf={csrf_token}&btn_continue=Continue' {site_name}/setup/upgrade_tables" + ) ''; })