});
};
in rec {
- keys."tools-mantisbt" = {
- destDir = "/run/keys/webapps";
+ keys = [{
+ dest = "webapps/tools-mantisbt";
user = apache.user;
group = apache.group;
- permissions = "0700";
+ permissions = "0400";
text = ''
<?php
$g_hostname = '${env.postgresql.socket}';
$g_ldap_realname_field = 'cn';
$g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
'';
- };
+ }];
webRoot = stdenv.mkDerivation rec {
name = "mantisbt-${version}";
version = "2.11.1";
];
installPhase = ''
cp -a . $out
- ln -s /run/keys/webapps/tools-mantisbt $out/config/config_inc.php
+ ln -s /var/secrets/webapps/tools-mantisbt $out/config/config_inc.php
ln -s ${plugins.slack} $out/plugins/Slack
ln -s ${plugins.source-integration}/Source* $out/plugins/
'';
'';
};
phpFpm = rec {
- serviceDeps = [ "postgresql.service" "openldap.service" "tools-mantisbt-key.service" ];
+ serviceDeps = [ "postgresql.service" "openldap.service" ];
basedir = builtins.concatStringsSep ":" (
- [ webRoot "/run/keys/webapps/tools-mantisbt" ]
+ [ webRoot "/var/secrets/webapps/tools-mantisbt" ]
++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
socket = "/var/run/phpfpm/mantisbt.sock";
pool = ''
php_admin_value[upload_max_filesize] = 5000000
- php_admin_value[open_basedir] = "${basedir}:/tmp"
+ php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"
php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
'';
};