From a30a1e27953320f07f3db3589fd50c282689d683 Mon Sep 17 00:00:00 2001
From: Aaron Andersen <aaron@fosslib.net>
Date: Fri, 2 Aug 2019 20:56:13 -0400
Subject: [PATCH] nixos/phpfpm: add user and group option to each pool

---
 nixos/modules/services/web-apps/limesurvey.nix  |  3 +--
 .../services/web-servers/phpfpm/default.nix     | 17 +++++++++++++++--
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/services/web-apps/limesurvey.nix b/nixos/modules/services/web-apps/limesurvey.nix
index 0449b9dfd41a..a407ba875f2f 100644
--- a/nixos/modules/services/web-apps/limesurvey.nix
+++ b/nixos/modules/services/web-apps/limesurvey.nix
@@ -203,11 +203,10 @@ in
     };
 
     services.phpfpm.pools.limesurvey = {
+      inherit user group;
       extraConfig = ''
         listen.owner = ${config.services.httpd.user};
         listen.group = ${config.services.httpd.group};
-        user = ${user};
-        group = ${group};
 
         env[LIMESURVEY_CONFIG] = ${limesurveyConfig}
 
diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix
index 75913640d72e..385dbb9b62ec 100644
--- a/nixos/modules/services/web-servers/phpfpm/default.nix
+++ b/nixos/modules/services/web-servers/phpfpm/default.nix
@@ -15,6 +15,8 @@ let
 
     [${pool}]
     listen = ${poolOpts.socket}
+    user = ${poolOpts.user}
+    group = ${poolOpts.group}
     ${poolOpts.extraConfig}
   '';
 
@@ -71,10 +73,19 @@ let
           '';
         };
 
+        user = mkOption {
+          type = types.str;
+          description = "User account under which this pool runs.";
+        };
+
+        group = mkOption {
+          type = types.str;
+          description = "Group account under which this pool runs.";
+        };
+
         extraConfig = mkOption {
           type = types.lines;
           example = ''
-            user = nobody
             pm = dynamic
             pm.max_children = 75
             pm.start_servers = 10
@@ -93,6 +104,7 @@ let
 
       config = {
         socket = if poolOpts.listen == "" then "${stateDir}/${name}.sock" else poolOpts.listen;
+        group = mkDefault poolOpts.user;
       };
     };
 
@@ -138,9 +150,10 @@ in {
         example = literalExample ''
          {
            mypool = {
+             user = "php";
+             group = "php";
              phpPackage = pkgs.php;
              extraConfig = '''
-               user = nobody
                pm = dynamic
                pm.max_children = 75
                pm.start_servers = 10