pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6 cfg = config.services.fcgiwrap;
7in {
8
9 options = {
10 services.fcgiwrap = {
11 enable = mkOption {
12 type = types.bool;
13 default = false;
14 description = lib.mdDoc "Whether to enable fcgiwrap, a server for running CGI applications over FastCGI.";
15 };
16
17 preforkProcesses = mkOption {
18 type = types.int;
19 default = 1;
20 description = lib.mdDoc "Number of processes to prefork.";
21 };
22
23 socketType = mkOption {
24 type = types.enum [ "unix" "tcp" "tcp6" ];
25 default = "unix";
26 description = lib.mdDoc "Socket type: 'unix', 'tcp' or 'tcp6'.";
27 };
28
29 socketAddress = mkOption {
30 type = types.str;
31 default = "/run/fcgiwrap.sock";
32 example = "1.2.3.4:5678";
33 description = lib.mdDoc "Socket address. In case of a UNIX socket, this should be its filesystem path.";
34 };
35
36 user = mkOption {
37 type = types.nullOr types.str;
38 default = null;
39 description = lib.mdDoc "User permissions for the socket.";
40 };
41
42 group = mkOption {
43 type = types.nullOr types.str;
44 default = null;
45 description = lib.mdDoc "Group permissions for the socket.";
46 };
47 };
48 };
49
50 config = mkIf cfg.enable {
51 systemd.services.fcgiwrap = {
52 after = [ "nss-user-lookup.target" ];
53 wantedBy = optional (cfg.socketType != "unix") "multi-user.target";
54
55 serviceConfig = {
56 ExecStart = "${pkgs.fcgiwrap}/sbin/fcgiwrap -c ${builtins.toString cfg.preforkProcesses} ${
57 optionalString (cfg.socketType != "unix") "-s ${cfg.socketType}:${cfg.socketAddress}"
58 }";
59 } // (if cfg.user != null && cfg.group != null then {
60 User = cfg.user;
61 Group = cfg.group;
62 } else { } );
63 };
64
65 systemd.sockets = if (cfg.socketType == "unix") then {
66 fcgiwrap = {
67 wantedBy = [ "sockets.target" ];
68 socketConfig.ListenStream = cfg.socketAddress;
69 };
70 } else { };
71 };
72}