"Options appended to the PHP configuration file <filename>php.ini</filename>.";
};
+ serviceDependencies = mkOption {
+ default = {};
+ type = types.attrsOf (types.listOf types.string);
+ example = literalExample ''
+ { mypool = ["postgresql.service"]; }
+ '';
+ description = ''
+ Extra service dependencies specific to pool.
+ '';
+ };
+
poolPhpConfigs = mkOption {
default = {};
type = types.attrsOf types.lines;
systemd.services = flip mapAttrs' poolConfigs (pool: poolConfig:
nameValuePair "phpfpm-${pool}" {
description = "PHP FastCGI Process Manager service for pool ${pool}";
- after = [ "network.target" ];
+ after = [ "network.target" ] ++ (cfg.serviceDependencies.${pool} or []);
+ wants = cfg.serviceDependencies.${pool} or [];
wantedBy = [ "phpfpm.target" ];
partOf = [ "phpfpm.target" ];
preStart = ''
install -TDm644 ${webRoot}/dataold/web.config ${varDir}/data/web.config
'';
};
- config = writeText "config.php" ''
- <?php
- define('MAIL_FROM', 'kanboard@tools.immae.eu');
+ keys.tools-kanboard = {
+ destDir = "/run/keys/webapps";
+ user = apache.user;
+ group = apache.group;
+ permissions = "0700";
+ text = ''
+ <?php
+ define('MAIL_FROM', 'kanboard@tools.immae.eu');
- define('DB_DRIVER', 'postgres');
- define('DB_USERNAME', '${env.postgresql.user}');
- define('DB_PASSWORD', '${env.postgresql.password}');
- define('DB_HOSTNAME', '${env.postgresql.socket}');
- define('DB_NAME', '${env.postgresql.database}');
+ define('DB_DRIVER', 'postgres');
+ define('DB_USERNAME', '${env.postgresql.user}');
+ define('DB_PASSWORD', '${env.postgresql.password}');
+ define('DB_HOSTNAME', '${env.postgresql.socket}');
+ define('DB_NAME', '${env.postgresql.database}');
- define('LDAP_AUTH', true);
- define('LDAP_SERVER', '${env.ldap.host}');
- define('LDAP_START_TLS', true);
+ define('LDAP_AUTH', true);
+ define('LDAP_SERVER', '${env.ldap.host}');
+ define('LDAP_START_TLS', true);
- define('LDAP_BIND_TYPE', 'proxy');
- define('LDAP_USERNAME', '${env.ldap.dn}');
- define('LDAP_PASSWORD', '${env.ldap.password}');
- define('LDAP_USER_BASE_DN', '${env.ldap.base}');
- define('LDAP_USER_FILTER', '(&(memberOf=cn=users,cn=kanboard,ou=services,dc=immae,dc=eu)(uid=%s))');
- define('LDAP_GROUP_ADMIN_DN', 'cn=admins,cn=kanboard,ou=services,dc=immae,dc=eu');
- ?>
- '';
+ define('LDAP_BIND_TYPE', 'proxy');
+ define('LDAP_USERNAME', '${env.ldap.dn}');
+ define('LDAP_PASSWORD', '${env.ldap.password}');
+ define('LDAP_USER_BASE_DN', '${env.ldap.base}');
+ define('LDAP_USER_FILTER', '(&(memberOf=cn=users,cn=kanboard,ou=services,dc=immae,dc=eu)(uid=%s))');
+ define('LDAP_GROUP_ADMIN_DN', 'cn=admins,cn=kanboard,ou=services,dc=immae,dc=eu');
+ ?>
+ '';
+ };
webRoot = stdenv.mkDerivation (fetchedGithub ./kanboard.json // rec {
dontBuild = true;
installPhase = ''
cp -a . $out
- ln -s ${config} $out/config.php
+ ln -s /run/keys/webapps/tools-kanboard $out/config.php
mv $out/data $out/dataold
ln -s ${varDir}/data $out/data
'';
'';
};
phpFpm = rec {
- basedir = builtins.concatStringsSep ":" [ webRoot varDir config ];
+ serviceDeps = [ "postgresql.service" "openldap.service" "tools-kanboard-key.service" ];
+ basedir = builtins.concatStringsSep ":" [ webRoot varDir "/run/keys/webapps/tools-kanboard" ];
socket = "/var/run/phpfpm/kanboard.sock";
pool = ''
listen = ${socket}
projects / perso / Immae / Config / Nix.git / commitdiff
