From ca04f5d8c32708577dc17fbd5ded34cada9ff6e2 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 27 Oct 2025 16:37:54 +0100 Subject: [PATCH 1/2] feat: nb add ownstash api project --- hosts/nb/users/configs/project_history | 3 +++ hosts/nb/users/dominik.nix | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hosts/nb/users/configs/project_history b/hosts/nb/users/configs/project_history index 64a3845..0f8fb92 100644 --- a/hosts/nb/users/configs/project_history +++ b/hosts/nb/users/configs/project_history @@ -28,6 +28,8 @@ /home/dominik/projects/cloonar/gbv-aktuell /home/dominik/projects/cloonar/cloonar-technologies-website +/home/dominik/projects/ownstash/ownstash-api + /home/dominik/projects/cloonar/paraclub/paraclub-api /home/dominik/projects/cloonar/paraclub/paraclub-frontend /home/dominik/projects/cloonar/paraclub/paraclub-website @@ -47,6 +49,7 @@ /home/dominik/projects/epicenter.works/epicenter-nixos /home/dominik/projects/epicenter.works/spenden.akvorrat.at /home/dominik/projects/epicenter.works/whoidentifies.me/wim-api +/home/dominik/projects/epicenter.works/whoidentifies.me/wim-frontend /home/dominik/projects/cloonar/lena-schilling-website /home/dominik/projects/cloonar/dialog-relations-website diff --git a/hosts/nb/users/dominik.nix b/hosts/nb/users/dominik.nix index 7682b75..fe344d5 100644 --- a/hosts/nb/users/dominik.nix +++ b/hosts/nb/users/dominik.nix @@ -616,8 +616,7 @@ in git clone gitea@git.cloonar.com:Cloonar/lego-hetzner-bridge.git ${persistHome}/projects/home-automation/lego-hetzner-bridge 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/ghetto-nixos.git ${persistHome}/projects/home-automation/ghetto-nixos 2>/dev/null - - git clone gitea@git.cloonar.com:socialgrow.tech/sgt-api.git ${persistHome}/projects/socialgrow.tech/sgt-api 2>/dev/null + git clone gitea@git.cloonar.com:ownstash/api.git ${persistHome}/projects/ownstash/ownstash-api 2>/dev/null ssh-keygen -R gitlab.epicenter.works ssh-keyscan gitlab.epicenter.works >> ~/.ssh/known_hosts @@ -628,6 +627,7 @@ in git clone git@github.com:AKVorrat/spenden.akvorrat.at.git ${persistHome}/projects/epicenter.works/spenden.akvorrat.at 2>/dev/null git clone git@github.com:AKVorrat/dearmep-website.git ${persistHome}/projects/epicenter.works/dearmep-website 2>/dev/null git clone git@github.com:whoidentifies-me/api.git ${persistHome}/projects/epicenter.works/whoidentifies.me/wim-api 2>/dev/null + git clone git@github.com:whoidentifies-me/frontend.git ${persistHome}/projects/epicenter.works/whoidentifies.me/wim-frontend 2>/dev/null set -eu ''; From 7af4b6a5d181f24fb5273d7deda603cfc6d68959 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Mon, 27 Oct 2025 16:38:12 +0100 Subject: [PATCH 2/2] feat: web stack make php optional --- hosts/web-arm/modules/web/stack.nix | 20 +++++++------------- hosts/web-arm/sites/cloonar.com.nix | 4 ++-- hosts/web-arm/sites/cloonar.dev.nix | 4 ++-- 3 files changed, 11 insertions(+), 17 deletions(-) diff --git a/hosts/web-arm/modules/web/stack.nix b/hosts/web-arm/modules/web/stack.nix index e588cf3..8abe596 100644 --- a/hosts/web-arm/modules/web/stack.nix +++ b/hosts/web-arm/modules/web/stack.nix @@ -53,6 +53,7 @@ let enableMysql = mkEnableOption (lib.mdDoc "MySQL Database"); enableDefaultLocations = mkEnableOption (lib.mdDoc "Create default nginx location directives") // { default = true; }; + enablePhp = mkEnableOption (lib.mdDoc "PHP-FPM support") // { default = true; }; authorizedKeys = mkOption { type = types.listOf types.str; @@ -138,12 +139,12 @@ in BindPaths = "BindPaths=/var/www/${domain}:/var/www/${domain}"; }; } - ) cfg.instances; + ) (lib.filterAttrs (name: opts: opts.enablePhp) cfg.instances); services.phpfpm.pools = mapAttrs' (instance: instanceOpts: let domain = if instanceOpts.domain != null then instanceOpts.domain else instance; - user = if instanceOpts.user != null + user = if instanceOpts.user != null then instanceOps.user else builtins.replaceStrings ["." "-"] ["_" "_"] domain; in @@ -166,7 +167,7 @@ in phpPackage = instanceOpts.phpPackage; phpEnv."PATH" = pkgs.lib.makeBinPath [ instanceOpts.phpPackage ]; } - ) cfg.instances; + ) (lib.filterAttrs (name: opts: opts.enablePhp) cfg.instances); }; @@ -216,7 +217,7 @@ in ''; # Cache Media: images, icons, video, audio, HTC - "~* \\.(?:jpg|jpeg|gif|png|webp|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff2)$".extraConfig = '' + "~* \\.(?:css|js|jpg|jpeg|gif|png|webp|avif|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff2)$".extraConfig = '' expires 1y; access_log off; add_header Cache-Control "public"; @@ -228,19 +229,12 @@ in add_header Cache-Control "public"; ''; - # Cache CSS, Javascript, Images, Icons, Video, Audio, HTC, Fonts - "~* \\.(?:css|js|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff2)$".extraConfig = '' - expires 1y; - access_log off; - add_header Cache-Control "public"; - ''; - "/".extraConfig = '' index index.php index.html; try_files $uri $uri/ /index.php$is_args$args; ''; }) - { + (mkIf instanceOpts.enablePhp { "~ [^/]\\.php(/|$)".extraConfig = '' fastcgi_split_path_info ^(.+?\.php)(/.*)$; if (!-f $document_root$fastcgi_script_name) { @@ -256,7 +250,7 @@ in fastcgi_pass unix:${config.services.phpfpm.pools."${domain}".socket}; fastcgi_index index.php; ''; - } + }) ]; extraConfig = instanceOpts.extraConfig; diff --git a/hosts/web-arm/sites/cloonar.com.nix b/hosts/web-arm/sites/cloonar.com.nix index 2fd691c..e11af1a 100644 --- a/hosts/web-arm/sites/cloonar.com.nix +++ b/hosts/web-arm/sites/cloonar.com.nix @@ -5,6 +5,8 @@ let in { services.webstack.instances."${domain}" = { + enablePhp = false; + authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXKR0AQdP1zn6pL2yjGA/eo9F5Ah2u6+Y5dIk8wR5/I" ]; @@ -67,7 +69,5 @@ in { add_header Pragma "public"; add_header Cache-Control "public"; ''; - - phpPackage = pkgs.php; }; } diff --git a/hosts/web-arm/sites/cloonar.dev.nix b/hosts/web-arm/sites/cloonar.dev.nix index 2a097be..7e02e08 100644 --- a/hosts/web-arm/sites/cloonar.dev.nix +++ b/hosts/web-arm/sites/cloonar.dev.nix @@ -5,6 +5,8 @@ let in { services.webstack.instances."${domain}" = { + enablePhp = false; + authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrxGbJ8vqOLMySIst+e2Qq06bPLPh+7fmPRM27kMBgC" ]; @@ -67,7 +69,5 @@ in { add_header Pragma "public"; add_header Cache-Control "public"; ''; - - phpPackage = pkgs.php; }; }