nixos/fcgiwrap: adapt consumer modules and tests
This also fixes the gitolite-fcgiwrap test by running git through fcgiwrap as the proper user.
This commit is contained in:
parent
41419ca288
commit
bf2ad6f48c
@ -202,8 +202,7 @@ in {
|
||||
];
|
||||
|
||||
services = {
|
||||
fcgiwrap = lib.mkIf useNginx {
|
||||
enable = true;
|
||||
fcgiwrap.zoneminder = lib.mkIf useNginx {
|
||||
preforkProcesses = cfg.cameras;
|
||||
inherit user group;
|
||||
};
|
||||
@ -225,9 +224,7 @@ in {
|
||||
default = true;
|
||||
root = "${pkg}/share/zoneminder/www";
|
||||
listen = [ { addr = "0.0.0.0"; inherit (cfg) port; } ];
|
||||
extraConfig = let
|
||||
fcgi = config.services.fcgiwrap;
|
||||
in ''
|
||||
extraConfig = ''
|
||||
index index.php;
|
||||
|
||||
location / {
|
||||
@ -257,7 +254,7 @@ in {
|
||||
fastcgi_param HTTP_PROXY "";
|
||||
fastcgi_intercept_errors on;
|
||||
|
||||
fastcgi_pass ${fcgi.socketType}:${fcgi.socketAddress};
|
||||
fastcgi_pass unix:${config.services.fcgiwrap.zoneminder.socketAddress};
|
||||
}
|
||||
|
||||
location /cache/ {
|
||||
|
@ -25,14 +25,14 @@ let
|
||||
|
||||
regexLocation = cfg: regexEscape (stripLocation cfg);
|
||||
|
||||
mkFastcgiPass = cfg: ''
|
||||
mkFastcgiPass = name: cfg: ''
|
||||
${if cfg.nginx.location == "/" then ''
|
||||
fastcgi_param PATH_INFO $uri;
|
||||
'' else ''
|
||||
fastcgi_split_path_info ^(${regexLocation cfg})(/.+)$;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
''
|
||||
}fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
|
||||
}fastcgi_pass unix:${config.services.fcgiwrap."cgit-${name}".socketAddress};
|
||||
'';
|
||||
|
||||
cgitrcLine = name: value: "${name}=${
|
||||
@ -165,18 +165,21 @@ in
|
||||
message = "Exactly one of services.cgit.${vhost}.scanPath or services.cgit.${vhost}.repos must be set.";
|
||||
}) cfgs;
|
||||
|
||||
services.fcgiwrap.enable = true;
|
||||
services.fcgiwrap = flip mapAttrs' cfgs (name: cfg:
|
||||
nameValuePair "cgit-${name}" {
|
||||
}
|
||||
);
|
||||
|
||||
services.nginx.enable = true;
|
||||
|
||||
services.nginx.virtualHosts = mkMerge (mapAttrsToList (_: cfg: {
|
||||
services.nginx.virtualHosts = mkMerge (mapAttrsToList (name: cfg: {
|
||||
${cfg.nginx.virtualHost} = {
|
||||
locations = (
|
||||
genAttrs'
|
||||
[ "cgit.css" "cgit.png" "favicon.ico" "robots.txt" ]
|
||||
(name: nameValuePair "= ${stripLocation cfg}/${name}" {
|
||||
(fileName: nameValuePair "= ${stripLocation cfg}/${fileName}" {
|
||||
extraConfig = ''
|
||||
alias ${cfg.package}/cgit/${name};
|
||||
alias ${cfg.package}/cgit/${fileName};
|
||||
'';
|
||||
})
|
||||
) // {
|
||||
@ -187,7 +190,7 @@ in
|
||||
GIT_PROJECT_ROOT = mkCgitReposDir cfg;
|
||||
HOME = GIT_PROJECT_ROOT;
|
||||
};
|
||||
extraConfig = mkFastcgiPass cfg;
|
||||
extraConfig = mkFastcgiPass name cfg;
|
||||
};
|
||||
"${stripLocation cfg}/" = {
|
||||
fastcgiParams = {
|
||||
@ -196,7 +199,7 @@ in
|
||||
HTTP_HOST = "$server_name";
|
||||
CGIT_CONFIG = mkCgitrc cfg;
|
||||
};
|
||||
extraConfig = mkFastcgiPass cfg;
|
||||
extraConfig = mkFastcgiPass name cfg;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -337,7 +337,10 @@ in
|
||||
};
|
||||
|
||||
# use nginx to serve the smokeping web service
|
||||
services.fcgiwrap.enable = mkIf cfg.webService true;
|
||||
services.fcgiwrap.smokeping = mkIf cfg.webService {
|
||||
user = cfg.user;
|
||||
group = cfg.user;
|
||||
};
|
||||
services.nginx = mkIf cfg.webService {
|
||||
enable = true;
|
||||
virtualHosts."smokeping" = {
|
||||
@ -349,7 +352,7 @@ in
|
||||
locations."/smokeping.fcgi" = {
|
||||
extraConfig = ''
|
||||
include ${config.services.nginx.package}/conf/fastcgi_params;
|
||||
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
|
||||
fastcgi_pass unix:${config.services.fcgiwrap.smokeping.socketAddress};
|
||||
fastcgi_param SCRIPT_FILENAME ${smokepingHome}/smokeping.fcgi;
|
||||
fastcgi_param DOCUMENT_ROOT ${smokepingHome};
|
||||
'';
|
||||
|
@ -24,7 +24,11 @@ import ./make-test-python.nix (
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
|
||||
services.fcgiwrap.enable = true;
|
||||
services.fcgiwrap.gitolite = {
|
||||
user = "gitolite";
|
||||
group = "gitolite";
|
||||
};
|
||||
|
||||
services.gitolite = {
|
||||
enable = true;
|
||||
adminPubkey = adminPublicKey;
|
||||
@ -59,7 +63,7 @@ import ./make-test-python.nix (
|
||||
fastcgi_param SCRIPT_FILENAME ${pkgs.gitolite}/bin/gitolite-shell;
|
||||
|
||||
# use Unix domain socket or inet socket
|
||||
fastcgi_pass unix:/run/fcgiwrap.sock;
|
||||
fastcgi_pass unix:${config.services.fcgiwrap.gitolite.socketAddress};
|
||||
'';
|
||||
};
|
||||
|
||||
@ -82,7 +86,7 @@ import ./make-test-python.nix (
|
||||
|
||||
server.wait_for_unit("gitolite-init.service")
|
||||
server.wait_for_unit("nginx.service")
|
||||
server.wait_for_file("/run/fcgiwrap.sock")
|
||||
server.wait_for_file("/run/fcgiwrap-gitolite.sock")
|
||||
|
||||
client.wait_for_unit("multi-user.target")
|
||||
client.succeed(
|
||||
|
Loading…
Reference in New Issue
Block a user