How to Add a File to the Wordpress Derivation

Help
1

I have setup Wordpress on a NixOS server and would like to add a plugin. I can install the plugin but it is trying to also create a file under the /nix/store/blahblah-my-site.com-6.2.2/share/wordpress/ directory called aios-bootstrap.php. And of course, it can’t do this :slight_smile:

The docs for that plugin (All In One WP Security and Firewall) states that all I need to do is create that php file at that location with some contents. So if I wasn’t using NixOS I would just open the file in vi and paste the contents from the docs.

What is the canonical way to just “inject” a new file into an existing derivation and cat the contents into it? I’ve seen a lot of options in the docs that seem close but I’m not sure what the best choice is.

For context, here’s the contents of the file that I import into my configuration.nix to install and configure Wordpress:

{config, pkgs, lib, ...}:

let
  fetchPackage = { name, version, hash, isTheme }:
    pkgs.stdenv.mkDerivation rec {
      inherit name version hash;
      src = let type = if isTheme then "theme" else "plugin";
            in pkgs.fetchzip {
              inherit name version hash;
              url = "https://downloads.wordpress.org/${type}/${name}.${version}.zip";
            };
      installPhase = "mkdir -p $out; cp -R * $out/";
    };

  fetchPlugin = { name, version, hash }:
    (fetchPackage {
      name = name;
      version = version;
      hash = hash;
      isTheme = false;
    });

  fetchTheme = { name, version, hash }:
    (fetchPackage {
      name = name;
      version = version;
      hash = hash;
      isTheme = true;
    });

  wordpress-plugin-my-private-site = (fetchPlugin {
    name = "jonradio-private-site";
    version = "3.0.13";
    hash = "sha256-R2AeFMQldfzWB13yVwyp9Sq1EymQ2yn0HLbI1uAgL/c=";
  });

  wordpress-plugin-all-in-one-wp-security-and-firewall = (fetchPlugin {
    name = "all-in-one-wp-security-and-firewall";
    version = "5.2.4";
    hash = "sha256-YMzI3Jkwh8pwuxhaOQwwUiig9JdwCiSf4jVWWcLGRCI=";
  });

  wordpress-plugin-disable-xml-rpc-api = (fetchPlugin {
    name = "disable-xml-rpc-api";
    version = "2.1.5";
    hash = "sha256-BHnQXGn8QXZwGZUt6Q+QDrJAWwQqDYSK55/XbsKZw7w=";
  });

  wordpress-theme-twenty-twenty-three = (fetchTheme {
    name = "twentytwentythree";
    version = "1.2";
    hash = "sha256-vsDn13wPnA6llTW2P0fnQVuTI8wU7TV/xgltyfKdy+M=";
  });

  astra = (fetchTheme {
    name = "astra";
    version = "4.2.2";
    hash = "sha256-qUYanxxlvhbDNnz0XsHoRkTWlmau2K/qbG0vBRmALHU=";
  });

in {
  services.wordpress = {
    sites."foo.bar.wtf" = {
      package = pkgs.wordpress6_2;
      virtualHost.enableACME = false;
      plugins = {
        inherit
          wordpress-plugin-my-private-site
          wordpress-plugin-disable-xml-rpc-api
          wordpress-plugin-all-in-one-wp-security-and-firewall
        ;
      };
      themes = {
        inherit
          wordpress-theme-twenty-twenty-three
          astra
        ;
      };
      settings = {
        WP_DEFAULT_THEME = "astra";
      };
    };
    webserver = "nginx";
  };

  services.phpfpm.pools."wordpress-foo.bar.wtf".phpOptions = ''
    upload_max_filesize = 128M
    post_max_size = 128M
    memory_limit = 256M
  '';
}
2

I’d go with something like this:

services.wordpress = {
  sites."foo.bar.wtf" = {
    package = pkgs.wordpress6_2.overrideAttrs (old: {
      postInstall = ''
        cp ${wordpress-plugin-all-in-one-wp-security-and-firewall}/aios-bootstrap.php $out/share/wordpress/
      '';
    });
  };
};

Assuming the aios-bootstrap.php file is in the root of the plugin source, of course. Pick your favorite way of handing that file to cp if not.

1 Like
3

Wow! Thank you for the quick response. I will try this out tonight and see if it works for me.