diff --git a/nix/image/bootstrap.sh b/nix/image/bootstrap.sh index a00a950..c8842f9 100755 --- a/nix/image/bootstrap.sh +++ b/nix/image/bootstrap.sh @@ -28,8 +28,6 @@ echo "{}" > /var/www/html/build/integration/composer.lock echo "Starting server using $SQL database…" -# tail --follow --retry /var/log/nginx/*.log /var/log/cron/owncloud.log & - chmod +sx /sbin/sudo mkdir -p /var/log/nginx /tmp /var/run/blackfire @@ -57,23 +55,15 @@ fi if [ -n "${REDIS_TLS:-}" ] then - redis-server --protected-mode no \ - --tls-port 6379 --port 0 \ - --tls-cert-file /certificates/redis/server.crt \ - --tls-key-file /certificates/redis/server.key \ - --tls-ca-cert-file /certificates/redis/ca.crt & + cp /etc/supervisor/redis-tls.conf /etc/supervisor/enabled/ else - redis-server --protected-mode no & + cp /etc/supervisor/redis-plain.conf /etc/supervisor/enabled/ fi if [ -n "${BLACKFIRE_SERVER_ID:-}" ] then - sh -c ' - yes | blackfire agent:config --server-id=$BLACKFIRE_SERVER_ID --server-token=$BLACKFIRE_SERVER_TOKEN - BLACKFIRE_LOG_LEVEL=4 BLACKFIRE_LOG_FILE=/var/log/agent.log blackfire agent & - '& + blackfire agent:config --server-id="$BLACKFIRE_SERVER_ID" --server-token="$BLACKFIRE_SERVER_TOKEN" + cp /etc/supervisor/blackfire.conf /etc/supervisor/enabled/ fi -php-fpm --fpm-config /etc/php-fpm.conf& - -nginx -c /etc/nginx.conf \ No newline at end of file +exec supervisord -c /etc/supervisor/supervisord.conf \ No newline at end of file diff --git a/nix/image/configs.nix b/nix/image/configs.nix index 1b90bc8..79449b5 100644 --- a/nix/image/configs.nix +++ b/nix/image/configs.nix @@ -7,6 +7,9 @@ runCommand "configs" {} '' cp ${./configs/nginx-app.conf} $out/conf/nginx-app.conf cp ${./configs/sudoers} $out/etc/sudoers.d/haze cp -r ${./configs/nc} $out/etc/nc - cp ${./php-fpm.conf} $out/etc/php-fpm.conf - cp ${./nginx.conf} $out/etc/nginx.conf + cp ${./configs/php-fpm.conf} $out/etc/php-fpm.conf + cp ${./configs/nginx.conf} $out/etc/nginx.conf + cp -r ${./configs/supervisor} $out/etc/supervisor + chmod +w $out/etc/supervisor + mkdir $out/etc/supervisor/enabled/ '' diff --git a/nix/image/nginx.conf b/nix/image/configs/nginx.conf similarity index 100% rename from nix/image/nginx.conf rename to nix/image/configs/nginx.conf diff --git a/nix/image/php-fpm.conf b/nix/image/configs/php-fpm.conf similarity index 100% rename from nix/image/php-fpm.conf rename to nix/image/configs/php-fpm.conf diff --git a/nix/image/configs/supervisor/blackfire.conf b/nix/image/configs/supervisor/blackfire.conf new file mode 100644 index 0000000..ca6cd89 --- /dev/null +++ b/nix/image/configs/supervisor/blackfire.conf @@ -0,0 +1,2 @@ +[program:blackfire] +command = blackfire agent \ No newline at end of file diff --git a/nix/image/configs/supervisor/redis-plain.conf b/nix/image/configs/supervisor/redis-plain.conf new file mode 100644 index 0000000..e9284cc --- /dev/null +++ b/nix/image/configs/supervisor/redis-plain.conf @@ -0,0 +1,2 @@ +[program:redis] +command = /bin/redis-server --protected-mode no \ No newline at end of file diff --git a/nix/image/configs/supervisor/redis-tls.conf b/nix/image/configs/supervisor/redis-tls.conf new file mode 100644 index 0000000..28d9be1 --- /dev/null +++ b/nix/image/configs/supervisor/redis-tls.conf @@ -0,0 +1,6 @@ +[program:redis-tls] +command = /bin/redis-server --protected-mode no \ + --tls-port 6379 --port 0 \ + --tls-cert-file /certificates/redis/server.crt \ + --tls-key-file /certificates/redis/server.key \ + --tls-ca-cert-file /certificates/redis/ca.crt \ No newline at end of file diff --git a/nix/image/configs/supervisor/supervisord.conf b/nix/image/configs/supervisor/supervisord.conf new file mode 100644 index 0000000..dee3c56 --- /dev/null +++ b/nix/image/configs/supervisor/supervisord.conf @@ -0,0 +1,25 @@ +[supervisord] +logfile = /dev/stdout +logfile_maxbytes = 0 +nodaemon = true +pidfile = /var/run/supervisord.pid + +[unix_http_server] +file = /var/run/supervisor.sock +chmod = 0777 + + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl = unix:///var/run/supervisor.sock + +[program:nginx] +command = /bin/nginx -c /etc/nginx.conf + +[program:php-fpm] +command = /bin/php-fpm --fpm-config /etc/php-fpm.conf + +[include] +files = enabled/* diff --git a/nix/image/haze.nix b/nix/image/haze.nix index 926f0fa..ffdeb73 100644 --- a/nix/image/haze.nix +++ b/nix/image/haze.nix @@ -33,6 +33,7 @@ writeShellApplication, vim, helix, + python3Packages, }: let inherit (builtins) toString; inherit (lib) readFile getExe concatStringsSep splitString take; @@ -145,6 +146,7 @@ oracle-instantclient vim helix + python3Packages.supervisor ]; };