X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fgit%2Fmantisbt.nix;h=033a651b205264c12ce61f198a6ebdd533c853e0;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=d75b022d74b4c7364208232e4539ee0443de7dd4;hpb=441da8aac378f401625e82caf281fa0e26128310;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/tools/git/mantisbt.nix b/modules/private/websites/tools/git/mantisbt.nix index d75b022..033a651 100644 --- a/modules/private/websites/tools/git/mantisbt.nix +++ b/modules/private/websites/tools/git/mantisbt.nix @@ -1,4 +1,4 @@ -{ env, mantisbt_2, mantisbt_2-plugins }: +{ env, mantisbt_2, mantisbt_2-plugins, config }: rec { activationScript = { deps = [ "httpd" ]; @@ -6,8 +6,7 @@ rec { install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/mantisbt ''; }; - keys = [{ - dest = "webapps/tools-mantisbt"; + keys."webapps/tools-mantisbt" = { user = apache.user; group = apache.group; permissions = "0400"; @@ -45,23 +44,24 @@ rec { $g_ldap_realname_field = 'cn'; $g_ldap_organization = '${env.ldap.filter}'; ''; - }]; - webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (builtins.attrValues mantisbt_2-plugins); + }; + webRoot = (mantisbt_2.override { mantis_config = config.secrets.fullPaths."webapps/tools-mantisbt"; }).withPlugins (p: [p.slack p.source-integration]); apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; webappName = "tools_mantisbt"; root = "/run/current-system/webapps/${webappName}"; - vhostConf = '' + vhostConf = socket: '' Alias /mantisbt "${root}" DirectoryIndex index.php - SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" + SetHandler "proxy:unix:${socket}|fcgi://localhost" AllowOverride All + SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 Options FollowSymlinks Require all granted @@ -74,22 +74,19 @@ rec { phpFpm = rec { serviceDeps = [ "postgresql.service" "openldap.service" ]; basedir = builtins.concatStringsSep ":" ( - [ webRoot "/var/secrets/webapps/tools-mantisbt" ] + [ webRoot config.secrets.fullPaths."webapps/tools-mantisbt" ] ++ webRoot.plugins); - socket = "/var/run/phpfpm/mantisbt.sock"; - pool = '' - user = ${apache.user} - group = ${apache.group} - listen.owner = ${apache.user} - listen.group = ${apache.group} - pm = ondemand - pm.max_children = 60 - pm.process_idle_timeout = 60 + pool = { + "listen.owner" = apache.user; + "listen.group" = apache.group; + "pm" = "ondemand"; + "pm.max_children" = "60"; + "pm.process_idle_timeout" = "60"; - php_admin_value[upload_max_filesize] = 5000000 + "php_admin_value[upload_max_filesize]" = "5000000"; - php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt" - php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt" - ''; + "php_admin_value[open_basedir]" = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"; + "php_admin_value[session.save_path]" = "/var/lib/php/sessions/mantisbt"; + }; }; }