l 2 websites lass: add some experimental stuff

1 files changed, 47 insertions, 0 deletions

diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index b8342e148..29374e97d 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -37,6 +37,31 @@ in {
     };
   };
 
+  krebs.tinc_graphs.enable = true;
+
+  users.users.lass-stuff = {
+    uid = genid "lass-stuff";
+    description = "lassul.us blog cgi stuff";
+    home = "/var/empty";
+  };
+
+  services.phpfpm.poolConfigs."lass-stuff" = ''
+    listen = /var/run/lass-stuff.socket
+    user = lass-stuff
+    group = nginx
+    pm = dynamic
+    pm.max_children = 5
+    pm.start_servers = 1
+    pm.min_spare_servers = 1
+    pm.max_spare_servers = 1
+    listen.owner = lass-stuff
+    listen.group = nginx
+    php_admin_value[error_log] = 'stderr'
+    php_admin_flag[log_errors] = on
+    catch_workers_output = yes
+    security.limit_extensions =
+  '';
+
   users.groups.lasscert.members = [
     "dovecot2"
     "ejabberd"
@@ -53,6 +78,28 @@ in {
       (nameValuePair "/.well-known/acme-challenge" ''
         root /var/lib/acme/challenges/lassul.us/;
       '')
+      (nameValuePair "= /retiolum-hosts.tar.bz2" ''
+        alias ${config.krebs.tinc.retiolum.hostsArchive};
+      '')
+      (nameValuePair "/tinc" ''
+        alias ${config.krebs.tinc_graphs.workingDir}/external;
+      '')
+      (let
+        script = pkgs.writeBash "test" ''
+          echo "hello world"
+        '';
+        #script = pkgs.execve "ddate-wrapper" {
+        #  filename = "${pkgs.ddate}/bin/ddate";
+        #  argv = [];
+        #};
+      in nameValuePair "= /ddate" ''
+        gzip off;
+        fastcgi_pass unix:/var/run/lass-stuff.socket;
+        include ${pkgs.nginx}/conf/fastcgi_params;
+        fastcgi_param DOCUMENT_ROOT /var/empty;
+        fastcgi_param SCRIPT_FILENAME ${script};
+        fastcgi_param SCRIPT_NAME ${script};
+      '')
     ];
     ssl = {
       enable = true;