'';
};
davical = rec {
- config = writeText "davical_config.php" ''
+ keys = [{
+ dest = "webapps/dav-davical";
+ user = apache.user;
+ group = apache.group;
+ permissions = "0400";
+ text = ''
<?php
$c->pg_connect[] = "dbname=${env.postgresql.database} user=${env.postgresql.user} host=${env.postgresql.socket} password=${env.postgresql.password}";
$c->readonly_webdav_collections = false;
- $c->admin_email ='davical@immae.eu';
+ $c->admin_email ='davical@tools.immae.eu';
$c->restrict_setup_to_admin = true;
$c->do_not_sync_from_ldap = array('admin' => true);
include('drivers_ldap.php');
'';
+ }];
webapp = stdenv.mkDerivation rec {
version = "1.1.7";
name = "davical-${version}";
installPhase = ''
mkdir -p $out
cp -ra config dba docs htdocs inc locale po scripts testing zonedb $out
- ln -s ${config} $out/config/config.php
+ ln -s /var/secrets/webapps/dav-davical $out/config/config.php
'';
buildInputs = [ gettext ];
};
'';
};
phpFpm = rec {
- basedir = builtins.concatStringsSep ":" [ webapp config awl ];
+ serviceDeps = [ "postgresql.service" "openldap.service" ];
+ basedir = builtins.concatStringsSep ":" [ webapp "/var/secrets/webapps/dav-davical" awl ];
socket = "/var/run/phpfpm/davical.sock";
pool = ''
listen = ${socket}
; Needed to avoid clashes in browser cookies (same domain)
php_value[session.name] = DavicalPHPSESSID
- php_admin_value[open_basedir] = "${basedir}:/tmp"
+ php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/davical"
php_admin_value[include_path] = "${awl}/inc:${webapp}/inc"
php_admin_value[session.save_path] = "/var/lib/php/sessions/davical"
php_flag[magic_quotes_gpc] = Off