grafted-in / wordpress-nginx-nix Goto Github PK

Right now nixpkgs is pinned by the nixpkgs-version.sh script as part of deploy/manage. This works but it's not possible to refer to that nixpkgs version from within a nix derivation. This makes it hard to create a fully pinned repo. Move the nixpkgs version to a .nix file and import it in the deploy/manage script.

@3noch Is it possible to configure the site from the configuration (Site title, Username, etc)? Now I get the installation wizard asking me to setup the site.

Edit: I'm thinking something like this, but realising that this is out of scope. Nice to have :)

@3noch Regarding #14 and plugin activation. I would use wp-cli for this as well and extend the install script. You could either pass a list of plugins to activate or activate them all with the --all option.

Any way to deploy on replit?

Some significant changes were made to how PHP-FPM is served and I think it may require some refactoring to support it.

@niklaswallerstedt had the idea of putting all files that need to be kept secret in one directory. This would remove a some complexity and add predictability. Up till now I've been relying on git-crypt status -e to tell me what files are encrypted, which works pretty well. But there is an advantage to having a very simple scheme to know which files will be encrypted and which ones won't. Another possible benefit to putting everything in one directory is that it would make it much easier to pull those files out into submodule, which could be a git repo with different permissions. It could even be symlinked to a vault of some sort.

The only downside is that it's a bit more awkward to reference several totally unrelated files that are all in one directory. The natural organization scheme you'd expect gets broken. I'm not sure this is a meaningful problem though in a small project like this.

Any other thoughts?

I've written a lot of functions to set up rolling backups that could be generally useful. I need to turn them into a NixOS module and include them here, or via some other repo.

The new dhparams module lets us get better security with almost no extra work. We need to use it in this template. I'm already using it for my sites.

Somehow I'm leaving symlinks to plugins and themes even when the site is built with traditional setup (non-frozen).

I just need to port these changes to this template.

With nix or subrepos it's entirely possible to create a site configuration that doesn't require you to copy this entire repo's source code into a new repo. That would be preferable for simple sites since they can effectively avoid "forking" this code base and continue to benefit from future enhancements/fixes.

The README needs to show how to do this.

This seems like a very interesting repo, however I'm having some trouble getting it to run on Virtualbox on my mac. I'm new to Nix, so maybe I'm missing something. Any help would be appreciated.

deploy/manage vbox create '<server/logical.vbox.nix>' '<server/physical.vbox.nix>'
created deployment ‘7c1eaaf3...'

deploy/manage vbox deploy
error: attempt to call something which is not a function but a set, at ... wordpress-nginx-nix/server/physical.vbox.nix:1:6

deploy/manage vbox deploy --show-trace
error: while evaluating ‘flip’ at /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/trivial.nix:82:16, called from /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:264:7:
while evaluating ‘mapAttrs’ at /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/attrsets.nix:198:17, called from /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/trivial.nix:82:19:
while evaluating ‘zipAttrsWith’ at /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/attrsets.nix:346:21, called from /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:31:13:
while evaluating ‘zipAttrsWithNames’ at /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/attrsets.nix:331:33, called from /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/attrsets.nix:346:27:
while evaluating ‘concatMap’ at /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/lists.nix:79:18, called from /nix/store/1lgppap4jzgw7gq8zdnma4pfcsm1ggqq-nixexprs.tar.xz/lib/attrsets.nix:346:46:
while evaluating ‘operator’ at /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:25:20, called from undefined position:
while evaluating ‘getNetworkFromExpr’ at /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:18:28, called from /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:25:45:
while evaluating ‘call’ at /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:29:10, called from /nix/store/acwqszlzgai4h1dl8rvspbd439l633va-1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c/share/nix/nixops/eval-machine-info.nix:19:10:
while evaluating the file ‘... wordpress-nginx-nix/server/physical.vbox.nix’:
attempt to call something which is not a function but a set, at ... wordpress-nginx-nix/server/physical.vbox.nix:1:6
error: evaluation of the deployment specification failed

macOS 10.12.3
nix-env (Nix) 1.11.6
NixOps 1.5 (installed prior to finding this repo)
Virtualbox 5.0.16r105871

Redirecting from http://www.site.com to https://site.com works, but not https://www.site.com to https://site.com. This is easy to add, just need to do it.