let
cfg = config.myServices.websites.leila.production;
varDir = "/var/lib/ftp/leila";
+ apacheUser = config.services.httpd.Prod.user;
+ apacheGroup = config.services.httpd.Prod.group;
in {
options.myServices.websites.leila.production.enable = lib.mkEnableOption "enable Leila's websites in production";
config = lib.mkIf cfg.enable {
- services.phpfpm.poolConfigs.leila = ''
- listen = /run/phpfpm/leila.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
+ services.phpfpm.pools.leila = {
+ user = apacheUser;
+ group = apacheGroup;
+ settings = {
+ "listen.owner" = apacheUser;
+ "listen.group" = apacheGroup;
- pm = ondemand
- pm.max_children = 5
- pm.process_idle_timeout = 60
+ "pm" = "ondemand";
+ "pm.max_children" = "5";
+ "pm.process_idle_timeout" = "60";
- php_admin_value[open_basedir] = "${varDir}:/tmp"
- '';
+ "php_admin_value[open_basedir]" = "${varDir}:/tmp";
+ };
+ };
services.webstats.sites = [
{ name = "leila.bouya.org"; }
Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
<FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${config.services.phpfpm.pools.leila.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
''
AllowOverride None
<FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${config.services.phpfpm.pools.leila.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
''
Require ldap-group cn=chorale.leila.bouya.org,cn=httpd,ou=services,dc=immae,dc=eu
<FilesMatch "\.php$">
- SetHandler "proxy:unix:/run/phpfpm/leila.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${config.services.phpfpm.pools.leila.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
<Directory ${varDir}>