X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fyourls.nix;h=77ac0a32130f5af9e98e0e57785cf27e822b5d4e;hb=34c7b88e16d1768b1b9a0cfa6dd21ea5d9b1b308;hp=0a8e8377701e892b789dd221731791d5e2bdcefe;hpb=4288c2f2431fb782b0d512b1b3749187f2374b6a;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix
index 0a8e837..77ac0a3 100644
--- a/modules/private/websites/tools/tools/yourls.nix
+++ b/modules/private/websites/tools/tools/yourls.nix
@@ -28,10 +28,10 @@ rec {
       define( 'YOURLS_DEBUG', false );
       define( 'YOURLS_URL_CONVERT', 36 );
       $yourls_reserved_URL = array();
-      define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' );
+      define( 'LDAPAUTH_HOST', 'ldaps://${env.ldap.host}' );
       define( 'LDAPAUTH_PORT', '636' );
-      define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' );
-      define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' );
+      define( 'LDAPAUTH_BASE', '${env.ldap.base}' );
+      define( 'LDAPAUTH_SEARCH_USER', '${env.ldap.dn}' );
       define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' );
 
       define( 'LDAPAUTH_GROUP_ATTR', 'memberof' );
@@ -40,19 +40,18 @@ rec {
       define( 'LDAPAUTH_USERCACHE_TYPE', 0);
     '';
   }];
-  webRoot = (yourls.override { yourls_config = "/var/secrets/webapps/tools-yourls"; }).withPlugins
-    (builtins.attrValues yourls-plugins);
+  webRoot = (yourls.override { yourls_config = "/var/secrets/webapps/tools-yourls"; }).withPlugins (p: [p.ldap]);
   apache = rec {
     user = "wwwrun";
     group = "wwwrun";
     modules = [ "proxy_fcgi" ];
     webappName = "tools_yourls";
     root = "/run/current-system/webapps/${webappName}";
-    vhostConf = ''
+    vhostConf = socket: ''
       Alias /url "${root}"
       <Directory "${root}">
         <FilesMatch "\.php$">
-          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          SetHandler "proxy:unix:${socket}|fcgi://localhost"
         </FilesMatch>
 
         AllowOverride None
@@ -73,21 +72,17 @@ rec {
     basedir = builtins.concatStringsSep ":" (
       [ webRoot "/var/secrets/webapps/tools-yourls" ]
       ++ webRoot.plugins);
-    socket = "/var/run/phpfpm/yourls.sock";
-    pool = ''
-      listen = ${socket}
-      user = ${apache.user}
-      group = ${apache.group}
-      listen.owner = ${apache.user}
-      listen.group = ${apache.group}
-      pm = ondemand
-      pm.max_children = 60
-      pm.process_idle_timeout = 60
+    pool = {
+      "listen.owner" = apache.user;
+      "listen.group" = apache.group;
+      "pm" = "ondemand";
+      "pm.max_children" = "60";
+      "pm.process_idle_timeout" = "60";
 
-      ; Needed to avoid clashes in browser cookies (same domain)
-      php_value[session.name] = YourlsPHPSESSID
-      php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls"
-      php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls"
-      '';
+      # Needed to avoid clashes in browser cookies (same domain)
+      "php_value[session.name]" = "YourlsPHPSESSID";
+      "php_admin_value[open_basedir]" = "${basedir}:/tmp:/var/lib/php/sessions/yourls";
+      "php_admin_value[session.save_path]" = "/var/lib/php/sessions/yourls";
+    };
   };
 }