{ config, pkgs, lib, ... }: let cfg = config.services.think-greaterchiangmai; defaultUser = "gtcm"; defaultGroup = "gtcm"; in { options.services.think-greaterchiangmai = { enable = lib.mkEnableOption "To enable think.greaterchiangmai.com"; dataDir = lib.mkOption { type = lib.types.path; default = "/var/lib/think.greaterchiangmai.com"; description = ''A place where to store states''; }; user = lib.mkOption { type = lib.types.str; default = defaultUser; description = "User account under which this runs."; }; group = lib.mkOption { type = lib.types.str; default = defaultGroup; defaultText = "${defaultGroup}"; description = '' Group under which the website runs. ''; }; package = lib.mkPackageOption pkgs "think-gtcm" { }; packageBackend = lib.mkPackageOption pkgs "think-backend-gtcm" { }; domain = lib.mkOption { type = lib.types.str; default = "think.greaterchiangmai.com"; example = "forum.example.com"; description = "Domain to serve on."; }; backendDomain = lib.mkOption { type = lib.types.str; default = "think-backend.greaterchiangmai.com"; example = "forum.example.com"; description = "Backend Domain to serve on."; }; settings = lib.mkOption { default = { }; description = '' Options for settings environment variables ''; example = lib.literalExpression '' { APP_NAME=Laravel APP_ENV=local APP_KEY= APP_DEBUG=true APP_URL=http://localhost LOG_CHANNEL=stack LOG_DEPRECATIONS_CHANNEL=null LOG_LEVEL=debug DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=laravel DB_USERNAME=root DB_PASSWORD= BROADCAST_DRIVER=log CACHE_DRIVER=file FILESYSTEM_DISK=local QUEUE_CONNECTION=sync SESSION_DRIVER=file SESSION_LIFETIME=120 MEMCACHED_HOST=127.0.0.1 REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 MAIL_MAILER=smtp MAIL_HOST=mailpit MAIL_PORT=1025 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null MAIL_FROM_ADDRESS="hello@example.com" MAIL_FROM_NAME="''${APP_NAME}" AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_DEFAULT_REGION=us-east-1 AWS_BUCKET= AWS_USE_PATH_STYLE_ENDPOINT=false PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET= PUSHER_HOST= PUSHER_PORT=443 PUSHER_SCHEME=https PUSHER_APP_CLUSTER=mt1 VITE_APP_NAME="''${APP_NAME}" VITE_PUSHER_APP_KEY="''${PUSHER_APP_KEY}" VITE_PUSHER_HOST="''${PUSHER_HOST}" VITE_PUSHER_PORT="''${PUSHER_PORT}" VITE_PUSHER_SCHEME="''${PUSHER_SCHEME}" VITE_PUSHER_APP_CLUSTER="''${PUSHER_APP_CLUSTER}" } ''; type = lib.types.submodule { freeformType = lib.types.attrsOf ( lib.types.oneOf [ lib.types.str lib.types.int lib.types.bool ] ); options = { DB_CONNECTION = lib.mkOption { type = lib.types.enum [ "mysql" ]; default = "mysql"; example = "mysql"; description = '' The type of database you wish to use. only "mysql". ''; }; DB_HOST = lib.mkOption { type = lib.types.str; default = if cfg.settings.DB_CONNECTION == "pgsql" then "/run/postgresql" else "localhost"; defaultText = '' "localhost" if DB_CONNECTION is "sqlite" or "mysql", "/run/postgresql" if "pgsql". ''; description = '' The machine which hosts your database. This is left at the default value for "mysql" because we use the "DB_SOCKET" option to connect to a unix socket instead. "pgsql" requires that the unix socket location be specified here instead of at "DB_SOCKET". This option does not affect "sqlite". ''; }; DB_PORT = lib.mkOption { type = lib.types.nullOr lib.types.int; default = if cfg.settings.DB_CONNECTION == "pgsql" then 5432 else if cfg.settings.DB_CONNECTION == "mysql" then 3306 else null; defaultText = '' `null` if DB_CONNECTION is "sqlite", `3306` if "mysql", `5432` if "pgsql" ''; description = '' The port your database is listening at. sqlite does not require this value to be filled. ''; }; DB_DATABASE = lib.mkOption { type = lib.types.str; default = "thinkgreatercm"; }; DB_USERNAME = lib.mkOption { type = lib.types.str; default = "thinkgreatercm"; }; DB_PASSWORD = lib.mkOption { type = lib.types.str; default = "thinkgreatercm"; }; }; }; }; }; config = lib.mkIf cfg.enable { users.users.${cfg.user} = { isSystemUser = true; home = cfg.dataDir; createHome = true; homeMode = "755"; group = cfg.group; }; users.groups.${cfg.group} = { }; services.phpfpm.pools.think-greaterchiangmai = { inherit (cfg) user group; settings = { "listen.owner" = config.services.nginx.user; "listen.group" = config.services.nginx.group; "listen.mode" = "0600"; "pm" = lib.mkDefault "dynamic"; "pm.max_children" = lib.mkDefault 10; "pm.max_requests" = lib.mkDefault 500; "pm.start_servers" = lib.mkDefault 2; "pm.min_spare_servers" = lib.mkDefault 1; "pm.max_spare_servers" = lib.mkDefault 3; }; phpOptions = '' error_log = syslog log_errors = on ''; }; services.nginx = { enable = true; virtualHosts."${cfg.domain}" = { root = "${cfg.package}/public"; locations."~ \\.php$".extraConfig = '' fastcgi_pass unix:${config.services.phpfpm.pools.think-greaterchiangmai.socket}; fastcgi_index site.php; ''; extraConfig = '' index index.php; include ${cfg.package}/share/php/flarum/.nginx.conf; ''; }; }; services.mysql = { enable = true; package = pkgs.mariadb; ensureDatabases = [ cfg.settings.DB_DATABASE ]; ensureUsers = [ { name = cfg.settings.DB_USERNAME; ensurePermissions = { "${cfg.settings.DB_DATABASE}.*" = "ALL PRIVILEGES"; }; } ]; }; }; }