modules/private/websites/tools/tools/adminer.nix

   1 { adminer }:
   2 rec {
   3   activationScript = {
   4     deps = [ "httpd" ];
   5     text = ''
   6       install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer
   7       install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/tmp/adminer
   8       '';
   9   };
  10   webRoot = adminer;
  11   phpFpm = rec {
  12     socket = "/var/run/phpfpm/adminer.sock";
  13     pool = ''
  14       listen = ${socket}
  15       user = ${apache.user}
  16       group = ${apache.group}
  17       listen.owner = ${apache.user}
  18       listen.group = ${apache.group}
  19       pm = ondemand
  20       pm.max_children = 5
  21       pm.process_idle_timeout = 60
  22       ;php_admin_flag[log_errors] = on
  23       ; Needed to avoid clashes in browser cookies (same domain)
  24       php_value[session.name] = AdminerPHPSESSID
  25       php_admin_value[open_basedir] = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer"
  26       php_admin_value[session.save_path] = "/var/lib/php/sessions/adminer"
  27       php_admin_value[upload_tmp_dir] = "/var/lib/php/tmp/adminer"
  28       '';
  29   };
  30   apache = rec {
  31     user = "wwwrun";
  32     group = "wwwrun";
  33     modules = [ "proxy_fcgi" ];
  34     webappName = "_adminer";
  35     root = "/run/current-system/webapps/${webappName}";
  36     vhostConf = ''
  37       Alias /adminer ${root}
  38       <Directory ${root}>
  39         DirectoryIndex index.php
  40         <FilesMatch "\.php$">
  41           SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
  42         </FilesMatch>
  43
  44         Use LDAPConnect
  45         Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
  46         Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
  47       </Directory>
  48       '';
  49   };
  50 }