]>
Commit | Line | Data |
---|---|---|
1 | { adminer, php73, forcePhpSocket ? null }: | |
2 | rec { | |
3 | activationScript = { | |
4 | deps = [ "httpd" ]; | |
5 | text = '' | |
6 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer | |
7 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/tmp/adminer | |
8 | ''; | |
9 | }; | |
10 | webRoot = adminer; | |
11 | phpFpm = rec { | |
12 | user = apache.user; | |
13 | group = apache.group; | |
14 | phpPackage = (php73.override { | |
15 | config.php.mysqlnd = true; | |
16 | config.php.mysqli = false; | |
17 | config.php.pdo-mysql = false; | |
18 | }).overrideAttrs(old: rec { | |
19 | configureFlags = old.configureFlags ++ [ | |
20 | "--with-mysqli=shared,mysqlnd" | |
21 | ]; | |
22 | }); | |
23 | phpOptions = '' | |
24 | extension=${phpPackage}/lib/php/extensions/mysqli.so | |
25 | ''; | |
26 | settings = { | |
27 | "listen.owner" = apache.user; | |
28 | "listen.group" = apache.group; | |
29 | "pm" = "ondemand"; | |
30 | "pm.max_children" = "5"; | |
31 | "pm.process_idle_timeout" = "60"; | |
32 | #"php_admin_flag[log_errors]" = "on"; | |
33 | # Needed to avoid clashes in browser cookies (same domain) | |
34 | "php_value[session.name]" = "AdminerPHPSESSID"; | |
35 | "php_admin_value[open_basedir]" = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer"; | |
36 | "php_admin_value[session.save_path]" = "/var/lib/php/sessions/adminer"; | |
37 | "php_admin_value[upload_tmp_dir]" = "/var/lib/php/tmp/adminer"; | |
38 | }; | |
39 | }; | |
40 | apache = rec { | |
41 | user = "wwwrun"; | |
42 | group = "wwwrun"; | |
43 | modules = [ "proxy_fcgi" ]; | |
44 | webappName = "_adminer"; | |
45 | root = "/run/current-system/webapps/${webappName}"; | |
46 | vhostConf = socket: '' | |
47 | Alias /adminer ${root} | |
48 | <Directory ${root}> | |
49 | DirectoryIndex index.php | |
50 | <FilesMatch "\.php$"> | |
51 | SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost" | |
52 | </FilesMatch> | |
53 | ||
54 | Use LDAPConnect | |
55 | Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu | |
56 | Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu | |
57 | </Directory> | |
58 | ''; | |
59 | }; | |
60 | } |