-{ env, wallabag }:
+{ env, wallabag, mylibs }:
rec {
+ backups = {
+ rootDir = varDir;
+ };
varDir = "/var/lib/wallabag";
keys = [{
dest = "webapps/tools-wallabag";
redis_password: null
sites_credentials: { }
ldap_enabled: true
- ldap_host: ldap.immae.eu
+ ldap_host: ${env.ldap.host}
ldap_port: 636
ldap_tls: false
ldap_ssl: true
ldap_bind_requires_dn: true
- ldap_base: 'dc=immae,dc=eu'
- ldap_manager_dn: 'cn=wallabag,ou=services,dc=immae,dc=eu'
+ ldap_base: '${env.ldap.base}'
+ ldap_manager_dn: '${env.ldap.dn}'
ldap_manager_pw: ${env.ldap.password}
- ldap_filter: '(&(memberOf=cn=users,cn=wallabag,ou=services,dc=immae,dc=eu))'
- ldap_admin_filter: '(&(memberOf=cn=admins,cn=wallabag,ou=services,dc=immae,dc=eu)(uid=%s))'
+ ldap_filter: '${env.ldap.filter}'
+ ldap_admin_filter: '${env.ldap.admin_filter}'
ldap_username_attribute: uid
ldap_email_attribute: mail
ldap_name_attribute: cn
modules = [ "proxy_fcgi" ];
webappName = "tools_wallabag";
root = "/run/current-system/webapps/${webappName}";
- vhostConf = ''
+ vhostConf = socket: ''
Alias /wallabag "${root}"
<Directory "${root}">
AllowOverride None
CGIPassAuth On
<FilesMatch "\.php$">
- SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ SetHandler "proxy:unix:${socket}|fcgi://localhost"
</FilesMatch>
<IfModule mod_rewrite.c>
echo -n "${webappDir}" > ${varDir}/currentWebappDir
sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey
fi
- '';
+ '';
serviceDeps = [ "postgresql.service" "openldap.service" ];
basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
- socket = "/var/run/phpfpm/wallabag.sock";
- pool = ''
- listen = ${socket}
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
+ pool = {
+ "listen.owner" = apache.user;
+ "listen.group" = apache.group;
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
- ; Needed to avoid clashes in browser cookies (same domain)
- php_value[session.name] = WallabagPHPSESSID
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp"
- php_value[max_execution_time] = 300
- '';
+ # Needed to avoid clashes in browser cookies (same domain)
+ "php_value[session.name]" = "WallabagPHPSESSID";
+ "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp";
+ "php_value[max_execution_time]" = "300";
+ };
};
}