]>
Commit | Line | Data |
---|---|---|
7df5e532 IB |
1 | { env }: |
2 | rec { | |
3 | keys = [{ | |
4 | dest = "webapps/tools-dmarc-reports.php"; | |
5 | user = "wwwrun"; | |
6 | group = "wwwrun"; | |
7 | permissions = "0400"; | |
8 | text = '' | |
9 | <?php | |
10 | $dbhost = "${env.mysql.host}"; | |
11 | $dbname = "${env.mysql.database}"; | |
12 | $dbuser = "${env.mysql.user}"; | |
13 | $dbpass = "${env.mysql.password}"; | |
14 | $dbport = "${env.mysql.port}"; | |
9c08c3bc | 15 | $anonymous_key = "${env.anonymous_key}"; |
7df5e532 IB |
16 | ?> |
17 | ''; | |
18 | }]; | |
19 | webRoot = ./dmarc_reports; | |
20 | apache = rec { | |
21 | user = "wwwrun"; | |
22 | group = "wwwrun"; | |
23 | modules = [ "proxy_fcgi" ]; | |
24 | webappName = "tools_dmarc_reports"; | |
25 | root = "/run/current-system/webapps/${webappName}"; | |
26 | vhostConf = socket: '' | |
27 | Alias /dmarc-reports "${root}" | |
28 | <Directory "${root}"> | |
29 | DirectoryIndex index.html | |
30 | <FilesMatch "\.php$"> | |
31 | SetHandler "proxy:unix:${socket}|fcgi://localhost" | |
32 | </FilesMatch> | |
33 | ||
34 | AllowOverride None | |
35 | Options +FollowSymlinks | |
9c08c3bc IB |
36 | |
37 | SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 | |
38 | Use LDAPConnect | |
7df5e532 | 39 | Require all granted |
9c08c3bc | 40 | Require ldap-attribute uid=immae |
7df5e532 IB |
41 | </Directory> |
42 | ''; | |
43 | }; | |
44 | phpFpm = rec { | |
45 | basedir = builtins.concatStringsSep ":" | |
46 | [ webRoot "/var/secrets/webapps/tools-dmarc-reports.php" ]; | |
47 | pool = { | |
48 | "listen.owner" = apache.user; | |
49 | "listen.group" = apache.group; | |
50 | "pm" = "ondemand"; | |
51 | "pm.max_children" = "60"; | |
52 | "pm.process_idle_timeout" = "60"; | |
53 | ||
54 | # Needed to avoid clashes in browser cookies (same domain) | |
55 | "php_admin_value[open_basedir]" = "${basedir}:/tmp"; | |
56 | }; | |
57 | phpEnv = { | |
58 | SECRETS_FILE = "/var/secrets/webapps/tools-dmarc-reports.php"; | |
59 | }; | |
60 | }; | |
61 | } |