From 9757596363090218f2e01b4f07f3f9fd625b6d50 Mon Sep 17 00:00:00 2001
From: kurogeek <kurogeek@lmvhaus.com>
Date: Wed, 19 Nov 2025 17:35:26 +0700
Subject: [PATCH] mob next [ci-skip] [ci skip] [skip ci]

lastFile:modules/nixos/think-greater-cm.nix
---
 modules/nixos/think-greater-cm.nix | 56 ++++++++++++++++++++++--------
 1 file changed, 42 insertions(+), 14 deletions(-)

diff --git a/modules/nixos/think-greater-cm.nix b/modules/nixos/think-greater-cm.nix
index fb38e94..59e4249 100644
--- a/modules/nixos/think-greater-cm.nix
+++ b/modules/nixos/think-greater-cm.nix
@@ -27,20 +27,10 @@ in
 
     group = lib.mkOption {
       type = lib.types.str;
-      default = if cfg.enableNginx then "nginx" else defaultGroup;
-      defaultText = "If `enableNginx` is true then `nginx` else ${defaultGroup}";
+      default = defaultGroup;
+      defaultText = "${defaultGroup}";
       description = ''
-        Group under which the website runs. It is best to set this to the group
-        of whatever webserver is being used as the frontend.
-      '';
-    };
-
-    enableNginx = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = ''
-        Whether to enable nginx or not. If enabled, an nginx virtual host will
-        be created for access.
+        Group under which the website runs. 
       '';
     };
 
@@ -198,8 +188,46 @@ in
 
   };
   config = lib.mkIf cfg.enable {
-    services.phpfpm.pools.think-greaterchiangmai = {
+    users.users.${cfg.user} = {
+      isSystemUser = true;
+      home = cfg.dataDir;
+      createHome = true;
+      homeMode = "755";
+      group = cfg.group;
+    };
+    users.groups.${cfg.group} = { };
 
+    services.phpfpm.pools.think-greaterchiangmai = {
+      inherit (cfg) user group;
+      settings = {
+        "listen.owner" = config.services.nginx.user;
+        "listen.group" = config.services.nginx.group;
+        "listen.mode" = "0600";
+        "pm" = lib.mkDefault "dynamic";
+        "pm.max_children" = lib.mkDefault 10;
+        "pm.max_requests" = lib.mkDefault 500;
+        "pm.start_servers" = lib.mkDefault 2;
+        "pm.min_spare_servers" = lib.mkDefault 1;
+        "pm.max_spare_servers" = lib.mkDefault 3;
+      };
+      phpOptions = ''
+        error_log = syslog
+        log_errors = on
+      '';
+    };
+    services.nginx = {
+      enable = true;
+      virtualHosts."${cfg.domain}" = {
+        root = "${cfg.stateDir}/public";
+        locations."~ \\.php$".extraConfig = ''
+          fastcgi_pass unix:${config.services.phpfpm.pools.flarum.socket};
+          fastcgi_index site.php;
+        '';
+        extraConfig = ''
+          index index.php;
+          include ${cfg.package}/share/php/flarum/.nginx.conf;
+        '';
+      };
     };
   };
 }