diff options
| -rw-r--r-- | dbms.nix | 38 | ||||
| -rw-r--r-- | wikiwiki.nix | 57 |
2 files changed, 79 insertions, 16 deletions
diff --git a/dbms.nix b/dbms.nix index 455125c..cf095f8 100644 --- a/dbms.nix +++ b/dbms.nix @@ -18,21 +18,29 @@ { pkgs, ... }: { - services.postgresql = { - enable = true; - package = pkgs.postgresql_15; - settings = { - checkpoint_timeout = "5min"; - effective_cache_size = "1GB"; - effective_io_concurrency = 100; - maintenance_work_mem = "320MB"; - max_parallel_maintenance_workers = 4; - max_parallel_workers_per_gather = 4; - max_wal_senders = 0; - random_page_cost = 1.25; - shared_buffers = "512MB"; - wal_buffers = -1; - work_mem = "32MB"; + services = { + postgresql = { + enable = true; + package = pkgs.postgresql_15; + settings = { + checkpoint_timeout = "5min"; + effective_cache_size = "1GB"; + effective_io_concurrency = 100; + maintenance_work_mem = "320MB"; + max_parallel_maintenance_workers = 4; + max_parallel_workers_per_gather = 4; + max_wal_senders = 0; + random_page_cost = 1.25; + shared_buffers = "512MB"; + wal_buffers = -1; + work_mem = "32MB"; + }; + }; + postgresqlBackup = { + compression = "zstd"; + compressionLevel = 19; + enable = true; + location = "/mnt/nas/backup/postgresql"; }; }; } diff --git a/wikiwiki.nix b/wikiwiki.nix index aa24e01..db53a8a 100644 --- a/wikiwiki.nix +++ b/wikiwiki.nix @@ -16,7 +16,7 @@ # You should have received a copy of the GNU Affero General Public License # along with loang configuration. If not, see <https://www.gnu.org/licenses/>. -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let hostname = "nhanh.${config.networking.domain}"; in { services = { @@ -33,10 +33,15 @@ in { $wgGroupPermissions['*']['read'] = false; $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['createaccount'] = false; + $wgLogos = [ + 'svg' => "https://upload.wikimedia.org/wikipedia/commons/e/e1/Wiki_research_logo.svg", + ]; + $wgFileExtensions = array_merge($wgFileExtensions, [ 'pdf' ]); ''; name = "Research on Wikipedia governance"; nginx.hostName = hostname; passwordFile = "/dev/null"; # this is so dumb + uploadsDir = "/mnt/nas/www/nhanh.loang.net"; webserver = "nginx"; }; @@ -60,5 +65,55 @@ in { "~ ^/w/(skins|extensions)/.+\\.(css|js|gif|jpg|jpeg|png|svg|wasm|ttf|woff|woff2)$" = rewrite; }; }; + + phpfpm.pools.mediawiki.phpOptions = '' + post_max_size = 100M + upload_max_filesize = 100M + ''; + + postgresqlBackup.databases = [ "mediawiki" ]; }; + + systemd = let + service = user: script: { + inherit script; + serviceConfig = { + Type = "oneshot"; + User = user; + }; + }; + timer = unit: { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "1d"; + OnUnitActiveSec = "1d"; + Unit = "${unit}.service"; + }; + }; + in { + services = { + "wiki-db-backup" = service "postgres" '' + today=$(${pkgs.coreutils}/bin/date --iso-8601) + backup=/mnt/nas/backup/nhanh.loang.net/$today.sql.zstd + ${pkgs.coreutils}/bin/install -g mediawiki -m 640\ + /mnt/nas/backup/postgresql/mediawiki.sql.zstd $backup + ''; + "wiki-uploads-backup" = service "mediawiki" '' + backup=/mnt/nas/backup/nhanh.loang.net + ${pkgs.rsync}/bin/rsync -a --delete\ + /mnt/nas/www/nhanh.loang.net/ $backup/latest/ + today=$(${pkgs.coreutils}/bin/date --iso-8601) + ${pkgs.coreutils}/bin/cp -al $backup/{latest,$today} + ''; + }; + timers = { + "wiki-db-backup" = timer "wiki-uploads-backup"; + "wiki-uploads-backup" = timer "wiki-uploads-backup"; + }; + }; + + users.groups.mediawiki.members = [ + "mediawiki" "nginx" "postgres" + "ooze" "cnx" + ]; } |