TheChunkyPanda/nixconf
1
0
Fork 0
forked from javif89/nix
Code Pull Requests Activity
nixconf/modules/system/nix-valet.nix
Javier Feliz c1d3821667 Logitech management
2025-08-15 17:45:00 -04:00

153 lines
3.6 KiB
Nix
Raw Blame History

/*
This module gives the same functionality as laravel valet or valet linux.
Set up DNSMasq to point all *.test domains to caddy.
Caddy will look for a folder with the same name in ~/projects and serve it.
*/
{
config,
pkgs,
lib,
...
}:
{
services = {
# Enable dnsmasq
dnsmasq = {
enable = true;
settings = {
# Point all .test domains to localhost
address = "/.test/127.0.0.1";
# Don't forward .test queries to upstream DNS
# server = "/test/";
# Listen on localhost only
listen-address = "127.0.0.1";
# Bind to interface
bind-interfaces = true;
# Cache size
cache-size = 1000;
# Don't read /etc/hosts
no-hosts = true;
# Don't poll /etc/resolv.conf
no-poll = true;
};
};
# Enable PHP-FPM
phpfpm = {
pools.www = {
user = "javi";
group = "users";
settings = {
"listen.owner" = "javi";
"listen.group" = "users";
"listen.mode" = "0660";
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
phpEnv."PATH" = lib.makeBinPath [ pkgs.php ];
};
};
# Enable Caddy
caddy = {
enable = true;
globalConfig = ''
auto_https off
admin off
'';
extraConfig = ''
*.test:80 {
root * /home/javi/projects/{labels.1}
# Try /public directory first (for Laravel)
@laravel file /home/javi/projects/{labels.1}/public/index.php
root @laravel /home/javi/projects/{labels.1}/public
# PHP FastCGI
php_fastcgi unix//run/phpfpm/www.sock
# File server for static assets
file_server
# Laravel specific - handle missing files
try_files {path} {path}/ /index.php?{query}
}
'';
};
# Configure system to use local dnsmasq for .test domains
resolved = {
enable = true;
domains = [ "~test" ];
fallbackDns = [
"10.89.0.1"
# "8.8.8.8"
# "1.1.1.1"
];
extraConfig = ''
DNS=127.0.0.1#53
Domains=~test
DNSSEC=false
'';
};
};
# Install PHP and related packages
environment.systemPackages = with pkgs; [
# Add common PHP extensions you might need
php84Extensions.mbstring
php84Extensions.xml
php84Extensions.curl
php84Extensions.zip
php84Extensions.gd
php84Extensions.intl
php84Extensions.bcmath
php84Extensions.soap
php84Extensions.mysqli
php84Extensions.pdo_mysql
php84Extensions.pgsql
php84Extensions.pdo_sqlite
];
# Create a dedicated caddy config directory
systemd.tmpfiles.rules = [
"d /var/lib/caddy 0755 javi users -"
];
systemd.services.caddy = {
serviceConfig = {
User = lib.mkForce "javi";
Group = lib.mkForce "users";
# More comprehensive capabilities
AmbientCapabilities = [
"CAP_NET_BIND_SERVICE"
"CAP_SETUID"
"CAP_SETGID"
];
CapabilityBoundingSet = [
"CAP_NET_BIND_SERVICE"
"CAP_SETUID"
"CAP_SETGID"
];
# Keep it simple - just set the config directory
Environment = [ "XDG_CONFIG_HOME=/var/lib/caddy" ];
# Ensure the working directory is accessible
WorkingDirectory = "/var/lib/caddy";
};
};
# And make sure your user is in the caddy group
users.users.javi = {
extraGroups = [
"users"
];
};
}
View Git Blame Copy Permalink