-{ env }:
+{ env, config }:
rec {
- keys = [{
- dest = "webapps/tools-dmarc-reports.php";
+ keys."webapps/tools-dmarc-reports.php" = {
user = "wwwrun";
group = "wwwrun";
permissions = "0400";
$dbuser = "${env.mysql.user}";
$dbpass = "${env.mysql.password}";
$dbport = "${env.mysql.port}";
+ $anonymous_key = "${env.anonymous_key}";
?>
'';
- }];
+ };
webRoot = ./dmarc_reports;
apache = rec {
user = "wwwrun";
AllowOverride None
Options +FollowSymlinks
+
+ SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+ Use LDAPConnect
Require all granted
+ Require ldap-attribute uid=immae
</Directory>
'';
};
phpFpm = rec {
basedir = builtins.concatStringsSep ":"
- [ webRoot "/var/secrets/webapps/tools-dmarc-reports.php" ];
+ [ webRoot config.secrets.fullPaths."webapps/tools-dmarc-reports.php" ];
pool = {
"listen.owner" = apache.user;
"listen.group" = apache.group;
"php_admin_value[open_basedir]" = "${basedir}:/tmp";
};
phpEnv = {
- SECRETS_FILE = "/var/secrets/webapps/tools-dmarc-reports.php";
+ SECRETS_FILE = config.secrets.fullPaths."webapps/tools-dmarc-reports.php";
};
};
}