{ lib, env, stdenv, fetchedGithub }:
let
rompr = let
in rec {
varDir = "/var/lib/rompr";
activationScript = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions
'';
webRoot = stdenv.mkDerivation (fetchedGithub ./rompr.json // rec {
installPhase = ''
cp -a . $out
ln -sf ../../../../../../${varDir}/prefs $out/prefs
ln -sf ../../../../../../${varDir}/albumart $out/albumart
'';
});
apache = {
user = "wwwrun";
group = "wwwrun";
modules = [ "headers" "mime" "proxy_fcgi" ];
vhostConf = ''
Alias /rompr ${webRoot}
Options Indexes FollowSymLinks
DirectoryIndex index.php
AllowOverride all
Require all granted
Order allow,deny
Allow from all
ErrorDocument 404 /rompr/404.php
AddType image/x-icon .ico
SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
Use LDAPConnect
Require ldap-group cn=users,cn=mpd,ou=services,dc=immae,dc=eu
Require local
'';
};
phpFpm = rec {
basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
socket = "/var/run/phpfpm/rompr.sock";
pool = ''
listen = ${socket}
user = ${apache.user}
group = ${apache.group}
listen.owner = ${apache.user}
listen.group = ${apache.group}
pm = ondemand
pm.max_children = 60
pm.process_idle_timeout = 60
; Needed to avoid clashes in browser cookies (same domain)
php_value[session.name] = RomprPHPSESSID
php_admin_value[open_basedir] = "${basedir}:/tmp"
php_admin_value[session.save_path] = "${varDir}/phpSessions"
php_flag[magic_quotes_gpc] = Off
php_flag[track_vars] = On
php_flag[register_globals] = Off
php_admin_flag[allow_url_fopen] = On
php_value[include_path] = ${webRoot}
php_admin_value[upload_tmp_dir] = "${varDir}/prefs"
php_admin_value[post_max_size] = 32M
php_admin_value[upload_max_filesize] = 32M
php_admin_value[memory_limit] = 256M
'';
};
};
in
rompr