[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / adminer.nix

{ webapps, php74, myPhpPackages, lib, forcePhpSocket ? null }:
rec {
  webRoot = webapps.adminer;
  phpFpm = rec {
    user = apache.user;
    group = apache.group;
    phpPackage = php74.withExtensions ({ enabled, all }: (lib.remove all.mysqli enabled) ++ [myPhpPackages.mysqli_pam all.redis]);
    settings = {
      "listen.owner" = apache.user;
      "listen.group" = apache.group;
      "pm" = "ondemand";
      "pm.max_children" = "5";
      "pm.process_idle_timeout" = "60";
      #"php_admin_flag[log_errors]" = "on";
      # Needed to avoid clashes in browser cookies (same domain)
      "php_value[session.name]" = "AdminerPHPSESSID";
      "php_admin_value[open_basedir]" = "${webRoot}:/tmp";
      "php_admin_value[session.save_handler]" = "redis";
      "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Adminer:'";
    };
  };
  apache = rec {
    user = "wwwrun";
    group = "wwwrun";
    modules = [ "proxy_fcgi" ];
    root = webRoot;
    vhostConf = socket: ''
      Alias /adminer ${webRoot}
      <Directory ${webRoot}>
        DirectoryIndex index.php
        <FilesMatch "\.php$">
          SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
        </FilesMatch>

        Use LDAPConnect
        Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
        Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
      </Directory>
      '';
  };
}
Commit	Line	Data
750fe5a4	1	{ webapps, php74, myPhpPackages, lib, forcePhpSocket ? null }:
7da817e3	2	rec {
750fe5a4	3	webRoot = webapps.adminer;
7da817e3	4	phpFpm = rec {
5400b9b6 IB	5	user = apache.user;
5400b9b6 IB	6	group = apache.group;
bbea22c0	7	phpPackage = php74.withExtensions ({ enabled, all }: (lib.remove all.mysqli enabled) ++ [myPhpPackages.mysqli_pam all.redis]);
5400b9b6 IB	8	settings = {
	9	"listen.owner" = apache.user;
	10	"listen.group" = apache.group;
	11	"pm" = "ondemand";
	12	"pm.max_children" = "5";
	13	"pm.process_idle_timeout" = "60";
	14	#"php_admin_flag[log_errors]" = "on";
	15	# Needed to avoid clashes in browser cookies (same domain)
	16	"php_value[session.name]" = "AdminerPHPSESSID";
bbea22c0 IB	17	"php_admin_value[open_basedir]" = "${webRoot}:/tmp";
	18	"php_admin_value[session.save_handler]" = "redis";
	19	"php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Adminer:'";
5400b9b6	20	};
940f1834	21	};
7da817e3 IB	22	apache = rec {
	23	user = "wwwrun";
	24	group = "wwwrun";
	25	modules = [ "proxy_fcgi" ];
750fe5a4	26	root = webRoot;
5400b9b6	27	vhostConf = socket: ''
750fe5a4 IB	28	Alias /adminer ${webRoot}
750fe5a4 IB	29	<Directory ${webRoot}>
7da817e3	30	DirectoryIndex index.php
7da817e3	31	<FilesMatch "\.php$">
5400b9b6	32	SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}\|fcgi://localhost"
7da817e3	33	</FilesMatch>
5f6ff49e IB	34
	35	Use LDAPConnect
	36	Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
	37	Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
7da817e3 IB	38	</Directory>
	39	'';
	40	};
	41	}