]>
Commit | Line | Data |
---|---|---|
750fe5a4 | 1 | { webapps, php74, myPhpPackages, lib, forcePhpSocket ? null }: |
7da817e3 | 2 | rec { |
750fe5a4 | 3 | webRoot = webapps.adminer; |
7da817e3 | 4 | phpFpm = rec { |
5400b9b6 IB |
5 | user = apache.user; |
6 | group = apache.group; | |
bbea22c0 | 7 | phpPackage = php74.withExtensions ({ enabled, all }: (lib.remove all.mysqli enabled) ++ [myPhpPackages.mysqli_pam all.redis]); |
5400b9b6 IB |
8 | settings = { |
9 | "listen.owner" = apache.user; | |
10 | "listen.group" = apache.group; | |
11 | "pm" = "ondemand"; | |
12 | "pm.max_children" = "5"; | |
13 | "pm.process_idle_timeout" = "60"; | |
14 | #"php_admin_flag[log_errors]" = "on"; | |
15 | # Needed to avoid clashes in browser cookies (same domain) | |
16 | "php_value[session.name]" = "AdminerPHPSESSID"; | |
bbea22c0 IB |
17 | "php_admin_value[open_basedir]" = "${webRoot}:/tmp"; |
18 | "php_admin_value[session.save_handler]" = "redis"; | |
19 | "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Adminer:'"; | |
5400b9b6 | 20 | }; |
940f1834 | 21 | }; |
7da817e3 IB |
22 | apache = rec { |
23 | user = "wwwrun"; | |
24 | group = "wwwrun"; | |
25 | modules = [ "proxy_fcgi" ]; | |
750fe5a4 | 26 | root = webRoot; |
5400b9b6 | 27 | vhostConf = socket: '' |
750fe5a4 IB |
28 | Alias /adminer ${webRoot} |
29 | <Directory ${webRoot}> | |
7da817e3 | 30 | DirectoryIndex index.php |
7da817e3 | 31 | <FilesMatch "\.php$"> |
5400b9b6 | 32 | SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost" |
7da817e3 | 33 | </FilesMatch> |
5f6ff49e IB |
34 | |
35 | Use LDAPConnect | |
36 | Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu | |
37 | Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu | |
7da817e3 IB |
38 | </Directory> |
39 | ''; | |
40 | }; | |
41 | } |