--- /dev/null
+{ lib, env, stdenv, fetchurl, shaarli }:
+let
+ varDir = "/var/lib/shaarli";
+in rec {
+ activationScript = ''
+ install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+ ${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data \
+ ${varDir}/phpSessions
+ '';
+ webRoot = shaarli varDir;
+ apache = rec {
+ user = "wwwrun";
+ group = "wwwrun";
+ modules = [ "proxy_fcgi" "rewrite" "env" ];
+ webappName = "tools_shaarli";
+ root = "/run/current-system/webapps/${webappName}";
+ vhostConf = ''
+ Alias /Shaarli "${root}"
+
+ Include /var/secrets/webapps/tools-shaarli
+ <Directory "${root}">
+ DirectoryIndex index.php index.htm index.html
+ Options Indexes FollowSymLinks MultiViews Includes
+ AllowOverride All
+ Require all granted
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ '';
+ };
+ keys = [{
+ dest = "webapps/tools-shaarli";
+ user = apache.user;
+ group = apache.group;
+ permissions = "0400";
+ text = ''
+ SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}"
+ SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}"
+ SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}"
+ SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}"
+ SetEnv SHAARLI_LDAP_FILTER "${env.ldap.search}"
+ '';
+ }];
+ phpFpm = rec {
+ serviceDeps = [ "openldap.service" ];
+ basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
+ socket = "/var/run/phpfpm/shaarli.sock";
+ pool = ''
+ listen = ${socket}
+ user = ${apache.user}
+ group = ${apache.group}
+ listen.owner = ${apache.user}
+ listen.group = ${apache.group}
+ pm = ondemand
+ pm.max_children = 60
+ pm.process_idle_timeout = 60
+
+ ; Needed to avoid clashes in browser cookies (same domain)
+ php_value[session.name] = ShaarliPHPSESSID
+ php_admin_value[open_basedir] = "${basedir}:/tmp"
+ php_admin_value[session.save_path] = "${varDir}/phpSessions"
+ '';
+ };
+}