From aabb9d0708ec6a86500c485c7c95db72aa92cce3 Mon Sep 17 00:00:00 2001
From: Brendan Golden <git@brendan.ie>
Date: Thu, 2 Jan 2025 22:47:42 +0000
Subject: [PATCH] feat: small bit of a cleanup of the pelican

---
 applications/pelican/Notes.md        |  10 ---
 applications/pelican/nginx.nix       | 119 ---------------------------
 applications/pelican/panel/panel.nix |  75 -----------------
 applications/pelican/wings/wings.nix |  47 -----------
 4 files changed, 251 deletions(-)
 delete mode 100644 applications/pelican/nginx.nix
 delete mode 100644 applications/pelican/panel/panel.nix
 delete mode 100644 applications/pelican/wings/wings.nix

diff --git a/applications/pelican/Notes.md b/applications/pelican/Notes.md
index 8516be7..d5cc785 100644
--- a/applications/pelican/Notes.md
+++ b/applications/pelican/Notes.md
@@ -4,13 +4,3 @@
 
 * ``pelican-install`` is in env that can be used to isntall
 * then go to ``panel-address.skynet.ie/installer`` to finish the setup  
-
-## Wing
-
-In the config the ssl must be set as so:
-```yaml
-  ssl:
-    enabled: true
-    cert: /var/lib/acme/skynet/fullchain.pem
-    key: /var/lib/acme/skynet/key.pem
-```
\ No newline at end of file
diff --git a/applications/pelican/nginx.nix b/applications/pelican/nginx.nix
deleted file mode 100644
index 587db71..0000000
--- a/applications/pelican/nginx.nix
+++ /dev/null
@@ -1,119 +0,0 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}:
-with lib; let
-  appUser = "nginx";
-  name = "panel";
-  module = "pelican-panel";
-  cfg = config.modules.nginx.${name};
-  serverName = "${name}.<DOMAIN NAME>";
-  dataDir = "/var/www/pelican/public";
-  port = 443;
-in {
-  options.modules.nginx.${name} = {
-    enable = mkEnableOption "Enable ${name}";
-  };
-
-  config = mkIf cfg.enable {
-    modules.${module}.enable = true;
-    networking.firewall.allowedTCPPorts = [port];
-
-    services.phpfpm.pools.${appUser} = {
-      user = appUser;
-      settings = {
-        "listen.owner" = appUser;
-        "listen.group" = appUser;
-        "listen.mode" = "0600";
-        "pm" = "dynamic";
-        "pm.max_children" = 75;
-        "pm.start_servers" = 10;
-        "pm.min_spare_servers" = 5;
-        "pm.max_spare_servers" = 20;
-        "pm.max_requests" = 500;
-        "catch_workers_output" = 1;
-      };
-    };
-
-    services.nginx.virtualHosts."${serverName}" = {
-      root = "${dataDir}";
-      listen = [
-        {
-          inherit port;
-          addr = "0.0.0.0";
-          ssl = true;
-        }
-      ];
-
-      forceSSL = true;
-      enableACME = true;
-
-      extraConfig = ''
-        index index.html index.htm index.php;
-        charset utf-8;
-
-        access_log off;
-        error_log  /var/log/nginx/pelican.app-error.log error;
-
-        client_max_body_size 100m;
-        client_body_timeout 120s;
-
-        sendfile off;
-
-        ssl_session_cache shared:SSL:10m;
-        ssl_protocols TLSv1.2 TLSv1.3;
-        ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
-        ssl_prefer_server_ciphers on;
-
-        add_header X-Content-Type-Options nosniff;
-        add_header X-XSS-Protection "1; mode=block";
-        add_header X-Robots-Tag none;
-        add_header Content-Security-Policy "frame-ancestors 'self'";
-        add_header X-Frame-Options DENY;
-        add_header Referrer-Policy same-origin;
-      '';
-
-      locations = {
-        "/" = {
-          extraConfig = ''
-            try_files $uri $uri/ /index.php?$query_string;
-          '';
-        };
-
-        "/favicon.ico".extraConfig = ''
-          access_log off;
-          log_not_found off;
-        '';
-
-        "/robots.txt".extraConfig = ''
-          access_log off;
-          log_not_found off;
-        '';
-
-        "~ \\.php$" = {
-          extraConfig = ''
-            fastcgi_split_path_info ^(.+\.php)(/.+)$;
-            fastcgi_pass unix:${config.services.phpfpm.pools.${appUser}.socket};
-            fastcgi_index index.php;
-            include ${config.services.nginx.package}/conf/fastcgi_params;
-            fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            fastcgi_param HTTP_PROXY "";
-            fastcgi_intercept_errors off;
-            fastcgi_buffer_size 16k;
-            fastcgi_buffers 4 16k;
-            fastcgi_connect_timeout 300;
-            fastcgi_send_timeout 300;
-            fastcgi_read_timeout 300;
-          '';
-        };
-
-        "~ /\\.ht".extraConfig = ''
-          deny all;
-        '';
-      };
-    };
-  };
-}
diff --git a/applications/pelican/panel/panel.nix b/applications/pelican/panel/panel.nix
deleted file mode 100644
index a1bcfd4..0000000
--- a/applications/pelican/panel/panel.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-{
-  inputs,
-  pkgs,
-  lib,
-  config,
-  ...
-}:
-with lib; let
-  cfg = config.modules.pelican-panel;
-  dir = "/var/www/pelican";
-in {
-  options = {
-    modules.pelican-panel = {
-      enable = mkEnableOption "Pelican Panel";
-    };
-  };
-
-  config = mkIf cfg.enable {
-    environment.systemPackages = [
-      pkgs.curl
-      pkgs.gnutar
-      pkgs.unzip
-      pkgs.php83
-      pkgs.php83Packages.composer
-      pkgs.php83Extensions.gd
-      pkgs.php83Extensions.mysqli
-      pkgs.php83Extensions.mbstring
-      pkgs.php83Extensions.bcmath
-      pkgs.php83Extensions.xml
-      pkgs.php83Extensions.curl
-      pkgs.php83Extensions.zip
-      pkgs.php83Extensions.intl
-      pkgs.php83Extensions.sqlite3
-      (import ./pelican-install.nix {
-        inherit pkgs;
-        inherit dir;
-      })
-      (import ./pelican-update.nix {
-        inherit pkgs;
-        inherit dir;
-      })
-    ];
-
-    systemd.timers."pelican-cron" = {
-      wantedBy = ["timers.target"];
-      timerConfig = {
-        OnBootSec = "5m";
-        OnUnitActiveSec = "1m";
-        Unit = "pelican-cron.service";
-      };
-    };
-
-    systemd.services."pelican-cron" = {
-      script = ''
-        ${pkgs.php83}/bin/php ${dir}/artisan schedule:run >> /dev/null 2>&1
-      '';
-      serviceConfig = {
-        Type = "oneshot";
-      };
-    };
-
-    systemd.services.pelican-queue = {
-      wantedBy = ["multi-user.target"];
-      serviceConfig = {
-        User = "nginx";
-        Group = "nginx";
-        Restart = "always";
-        ExecStart = "${pkgs.php83}/bin/php ${dir}/artisan queue:work --tries=3";
-        startLimitInterval = 180;
-        startLimitBurst = 30;
-        RestartSec = "5";
-      };
-    };
-  };
-}
diff --git a/applications/pelican/wings/wings.nix b/applications/pelican/wings/wings.nix
deleted file mode 100644
index af32740..0000000
--- a/applications/pelican/wings/wings.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{
-  inputs,
-  pkgs,
-  lib,
-  config,
-  ...
-}:
-with lib; let
-  cfg = config.modules.pelican-wings;
-in {
-  options = {
-    modules.pelican-wings = {
-      enable = mkEnableOption "Pelican Wings";
-    };
-  };
-
-  config = mkIf cfg.enable {
-    networking.firewall.allowedTCPPorts = [8080 8443];
-
-    virtualisation.docker.enable = true;
-
-    environment.systemPackages = [
-      (pkgs.callPackage ./package.nix {})
-    ];
-
-    systemd.services.pelican-wings = {
-      description = "Wings Daemon";
-      after = ["docker.service"];
-      requires = ["docker.service"];
-      partOf = ["docker.service"];
-
-      serviceConfig = {
-        User = "root";
-        WorkingDirectory = "/etc/pelican";
-        LimitNOFILE = 4096;
-        PIDFile = "/var/run/wings/daemon.pid";
-        ExecStart = "/run/current-system/sw/bin/wings";
-        Restart = "on-failure";
-        startLimitInterval = 180;
-        startLimitBurst = 30;
-        RestartSec = "5";
-      };
-
-      wantedBy = ["multi-user.target"];
-    };
-  };
-}