From patchwork Sun Jun 4 13:59:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Timo Wilken X-Patchwork-Id: 50602 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 3885E27BBE2; Sun, 4 Jun 2023 15:00:22 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id DD2A127BBE9 for ; Sun, 4 Jun 2023 15:00:20 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5oH8-0002wN-CM; Sun, 04 Jun 2023 10:00:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5oH5-0002vk-45 for guix-patches@gnu.org; Sun, 04 Jun 2023 10:00:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5oH4-0005JO-QL for guix-patches@gnu.org; Sun, 04 Jun 2023 10:00:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1q5oH4-0002d4-LH for guix-patches@gnu.org; Sun, 04 Jun 2023 10:00:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#63877] [PATCH v2] gnu: services: web: Allow specifying extra php-fpm environment variables. References: <3fec02d93b8e7803dd8183e7f0037ec1a1393b0f.1685816572.git.guix@twilken.net> In-Reply-To: <3fec02d93b8e7803dd8183e7f0037ec1a1393b0f.1685816572.git.guix@twilken.net> Resent-From: Timo Wilken Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 04 Jun 2023 14:00:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 63877 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 63877@debbugs.gnu.org Cc: mirai@makinata.eu, Timo Wilken Received: via spool by 63877-submit@debbugs.gnu.org id=B63877.168588717510046 (code B ref 63877); Sun, 04 Jun 2023 14:00:02 +0000 Received: (at 63877) by debbugs.gnu.org; 4 Jun 2023 13:59:35 +0000 Received: from localhost ([127.0.0.1]:46814 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q5oGc-0002bw-GV for submit@debbugs.gnu.org; Sun, 04 Jun 2023 09:59:34 -0400 Received: from mx2.mythic-beasts.com ([46.235.227.24]:39303) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q5oGa-0002bg-5M for 63877@debbugs.gnu.org; Sun, 04 Jun 2023 09:59:33 -0400 Received: by mailhub-hex-d.mythic-beasts.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1q5oGT-00AVTe-Rt; Sun, 04 Jun 2023 14:59:26 +0100 From: Timo Wilken Date: Sun, 4 Jun 2023 15:59:03 +0200 Message-Id: X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 X-BlackCat-Spam-Score: 9 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches Some PHP programs, like Nextcloud, make HTTPS requests to other servers. For this, they need to know where the system CA certificates are, so SSL_CERT_DIR needs to be set. This can be accomplished by the user using the new environment-variables field of . This field is empty by default to preserve the existing behaviour of php-fpm. * gnu/services/web.scm (): Add environment-variables field. (php-fpm-shepherd-service): Use the new field. * doc/guix.texi (Web Services): Document the new field. --- > How about exposing this as a new environment-variable record field à la > mpd-configuration (gnu services audio)? Hi Bruno, that's a good point! I've added a new field instead where the user can specify arbitrary environment variables. I've left it empty by default so there's no added dependency on any package, and documented my intended use case in the info manual instead. Caveat: I haven't tested this "live" yet. doc/guix.texi | 12 ++++++++++++ gnu/services/web.scm | 11 +++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) base-commit: 66c9b82fed3c59ee07187898592c688c82fed273 diff --git a/doc/guix.texi b/doc/guix.texi index 7f8d8d66e9..441867afee 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -30994,6 +30994,18 @@ Web Services An optional override of the default php settings. It may be any ``file-like'' object (@pxref{G-Expressions, file-like objects}). You can use the @code{mixed-text-file} function or an absolute filepath for it. +@item @code{environment-variables} (default @code{#~(list)}) +A gexp (@pxref{G-Expressions}) which produces a list of strings +representing environment variable assignments. +These environment variables are set for the php-fpm process. +This can be used to, for example, point php-fpm at the CA certificates +in the @code{nss-certs} package from @code{(gnu packages certs)}: +@lisp +(php-fpm-configuration + ;; @dots{} + (environment-variables + #~(list (string-append "SSL_CERT_DIR=" #$nss-certs "/etc/ssl/certs")))) +@end lisp For local development it is useful to set a higher timeout and memory limit for spawned php processes. This be accomplished with the diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 45897d7d6f..1c496d5946 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -16,6 +16,7 @@ ;;; Copyright © 2020, 2021 Alexandru-Sergiu Marton ;;; Copyright © 2022 Simen Endsjø ;;; Copyright © 2023 Bruno Victal +;;; Copyright © 2023 Timo Wilken ;;; ;;; This file is part of GNU Guix. ;;; @@ -974,7 +975,9 @@ (define-record-type* php-fpm-configuration (file php-fpm-configuration-file ;#f | file-like (default #f)) (php-ini-file php-fpm-configuration-php-ini-file ;#f | file-like - (default #f))) + (default #f)) + (environment-variables php-fpm-configuration-environment-variables ;gexp producing list-of-strings + (default #~(list)))) (define-record-type* php-fpm-dynamic-process-manager-configuration @@ -1081,7 +1084,8 @@ (define php-fpm-shepherd-service (match-lambda (($ php socket user group socket-user socket-group pid-file log-file pm display-errors - timezone workers-log-file file php-ini-file) + timezone workers-log-file file php-ini-file + environment-variables) (list (shepherd-service (provision '(php-fpm)) (documentation "Run the php-fpm daemon.") @@ -1096,6 +1100,9 @@ (define php-fpm-shepherd-service #$@(if php-ini-file `("-c" ,php-ini-file) '())) + #:environment-variables + (append #$environment-variables + (default-environment-variables)) #:pid-file #$pid-file)) (stop #~(make-kill-destructor)))))))