-{ env, mantisbt_2, mantisbt_2-plugins }:
+{ env, mantisbt_2, mantisbt_2-plugins, config }:
rec {
activationScript = {
deps = [ "httpd" ];
install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/mantisbt
'';
};
- keys = [{
- dest = "webapps/tools-mantisbt";
+ keys."webapps/tools-mantisbt" = {
user = apache.user;
group = apache.group;
permissions = "0400";
$g_ldap_realname_field = 'cn';
$g_ldap_organization = '${env.ldap.filter}';
'';
- }];
- webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (p: [p.slack p.source-integration]);
+ };
+ webRoot = (mantisbt_2.override { mantis_config = config.secrets.fullPaths."webapps/tools-mantisbt"; }).withPlugins (p: [p.slack p.source-integration]);
apache = rec {
user = "wwwrun";
group = "wwwrun";
</FilesMatch>
AllowOverride All
+ SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
Options FollowSymlinks
Require all granted
</Directory>
phpFpm = rec {
serviceDeps = [ "postgresql.service" "openldap.service" ];
basedir = builtins.concatStringsSep ":" (
- [ webRoot "/var/secrets/webapps/tools-mantisbt" ]
+ [ webRoot config.secrets.fullPaths."webapps/tools-mantisbt" ]
++ webRoot.plugins);
pool = {
"listen.owner" = apache.user;