systems/eldiron/websites/tools/adminer.nix

   1 { config, webapps-adminer, php82, lib, forcePhpSocket ? null }:
   2 rec {
   3   webRoot = webapps-adminer;
   4   phpFpm = rec {
   5     user = apache.user;
   6     group = apache.group;
   7     phpPackage = let
   8       #mysqli_pam = php81.extensions.mysqli.overrideAttrs(old: {
   9       #  configureFlags = [ "--with-mysqli=${libmysqlclient_pam.dev}/bin/mysql_config" "--with-mysql-sock=/run/mysqld/mysqld.sock" ];
  10       #});
  11     in
  12       php82.withExtensions ({ enabled, all }: [all.mysqli all.redis all.pgsql]);
  13     settings = {
  14       "listen.owner" = apache.user;
  15       "listen.group" = apache.group;
  16       "pm" = "ondemand";
  17       "pm.max_children" = "5";
  18       "pm.process_idle_timeout" = "60";
  19       #"php_admin_flag[log_errors]" = "on";
  20       # Needed to avoid clashes in browser cookies (same domain)
  21       "php_value[session.name]" = "AdminerPHPSESSID";
  22       "php_admin_value[open_basedir]" = "${webRoot}:/tmp";
  23       "php_admin_value[session.save_handler]" = "redis";
  24       "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Adminer:'";
  25     };
  26   };
  27   apache = rec {
  28     user = "wwwrun";
  29     group = "wwwrun";
  30     modules = [ "proxy_fcgi" ];
  31     root = webRoot;
  32     vhostConf = socket: ''
  33       Alias /adminer ${webRoot}
  34       <Directory ${webRoot}>
  35         DirectoryIndex index.php
  36         <FilesMatch "\.php$">
  37           SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
  38         </FilesMatch>
  39
  40         Use LDAPConnect
  41         Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
  42         Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
  43       </Directory>
  44       '';
  45   };
  46   monitoringPlugins = [ "http" ];
  47   monitoringObjects.service = [
  48     {
  49       service_description = "adminer website is running on tools.immae.eu";
  50       host_name = config.hostEnv.fqdn;
  51       use = "external-web-service";
  52       check_command = ["check_https_auth" "tools.immae.eu" "/adminer/" "www.adminerevo.org"];
  53
  54       servicegroups = "webstatus-webapps";
  55       _webstatus_name = "Adminer";
  56       _webstatus_url = "https://tools.immae.eu/adminer/";
  57     }
  58   ];
  59
  60   chatonsProperties = {
  61     published = false;
  62     file.datetime = "2023-08-21T15:20:00";
  63     service = {
  64       name = "Adminer";
  65       description = "Database management in a single PHP file";
  66       website = "https://tools.immae.eu/adminer/";
  67       logo = "https://tools.immae.eu/adminer/?file=favicon.ico";
  68       status.level = "OK";
  69       status.description = "OK";
  70       registration."" = ["MEMBER" "CLIENT"];
  71       registration.load = "OPEN";
  72       install.type = "PACKAGE";
  73     };
  74     software = {
  75       name = "Adminer";
  76       website = "https://docs.adminerevo.org/";
  77       license.url = "https://github.com/adminerevo/adminerevo/blob/main/readme.md";
  78       license.name = "Apache License 2.0 or GPL 2";
  79       version = webRoot.version;
  80       source.url = "https://github.com/adminerevo/adminerevo/";
  81     };
  82   };
  83 }