X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fshaarli.nix;h=157c4de661ac2cac58c4e1c8eca757f393426e2c;hb=5f08b34c5247ee0c4de2a9264d059b69271e3473;hp=0f6b4605de1d595d8d3d9f6acb8b0a4d45ad1aac;hpb=a840a21c954be6342603ae7a45dde6c005761696;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/tools/tools/shaarli.nix b/nixops/modules/websites/tools/tools/shaarli.nix index 0f6b460..157c4de 100644 --- a/nixops/modules/websites/tools/tools/shaarli.nix +++ b/nixops/modules/websites/tools/tools/shaarli.nix @@ -50,12 +50,6 @@ in rec { Alias /Shaarli "${root}" - SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}" - SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}" - SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}" - SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}" - SetEnv SHAARLI_LDAP_FILTER "${env.ldap.search}" - DirectoryIndex index.php index.htm index.html Options Indexes FollowSymLinks MultiViews Includes AllowOverride All @@ -66,7 +60,22 @@ in rec { ''; }; + keys.tools-shaarli = { + destDir = "/run/keys/webapps"; + user = apache.user; + group = apache.group; + permissions = "0700"; + text = '' + SHAARLI_LDAP_PASSWORD="${env.ldap.password}" + SHAARLI_LDAP_DN="${env.ldap.dn}" + SHAARLI_LDAP_HOST="ldaps://${env.ldap.host}" + SHAARLI_LDAP_BASE="${env.ldap.base}" + SHAARLI_LDAP_FILTER="${env.ldap.search}" + ''; + }; phpFpm = rec { + serviceDeps = [ "openldap.service" "tools-shaarli-key.service" ]; + envFile = "/run/keys/webapps/tools-shaarli"; basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; socket = "/var/run/phpfpm/shaarli.sock"; pool = '' @@ -78,6 +87,7 @@ in rec { pm = ondemand pm.max_children = 60 pm.process_idle_timeout = 60 + clear_env = no ; Needed to avoid clashes in browser cookies (same domain) php_value[session.name] = ShaarliPHPSESSID