Cleanup php session directories

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / ldap.nix

diff --git a/nixops/modules/websites/tools/tools/ldap.nix b/nixops/modules/websites/tools/tools/ldap.nix
index 9d988373ef7cbb20bd9a8aafca39c5b3015939ad..623adb581594a381c2cfba2a5a4d9b5416d3bd37 100644 (file)
--- a/nixops/modules/websites/tools/tools/ldap.nix
+++ b/nixops/modules/websites/tools/tools/ldap.nix
@@ -4,7 +4,7 @@ rec {
     destDir = "/run/keys/webapps";
     user = apache.user;
     group = apache.group;
-    permissions = "0700";
+    permissions = "0400";
     text = ''
       <?php
       $config->custom->appearance['show_clear_password'] = true;
@@ -83,7 +83,8 @@ rec {
 
       ; Needed to avoid clashes in browser cookies (same domain)
       php_value[session.name] = LdapPHPSESSID
-      php_admin_value[open_basedir] = "${basedir}:/tmp"
+      php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/phpldapadmin"
+      php_admin_value[session.save_path] = "/var/lib/php/sessions/phpldapadmin"
       '';
   };
 }