aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2019-01-08 00:45:37 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2019-01-08 00:50:36 +0100
commitc8e019b6a331a14d868a952ffab07bded2315390 (patch)
treec4179716605fd922b066d6d840a75fae60255969
parent07f2f340ec1356562855342440297b50f8ac6856 (diff)
downloadNix-c8e019b6a331a14d868a952ffab07bded2315390.tar.gz
Nix-c8e019b6a331a14d868a952ffab07bded2315390.tar.zst
Nix-c8e019b6a331a14d868a952ffab07bded2315390.zip
Move each php session to a private destination
Diffstat
-rw-r--r--virtual/eldiron.nix6
-rw-r--r--virtual/packages/adminer.nix3
-rw-r--r--virtual/packages/aten.nix2
-rw-r--r--virtual/packages/chloe.nix2
-rw-r--r--virtual/packages/connexionswing.nix2
-rw-r--r--virtual/packages/ludivinecassal.nix2
-rw-r--r--virtual/packages/mantisbt.nix1
-rw-r--r--virtual/packages/nextcloud.nix2
-rw-r--r--virtual/packages/piedsjaloux.nix2
9 files changed, 22 insertions, 0 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 96efddc..6237e06 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -228,6 +228,9 @@
228 # FIXME: move session files to separate dirs 228 # FIXME: move session files to separate dirs
229 # /!\ phppackage is used in nextcloud configuation 229 # /!\ phppackage is used in nextcloud configuation
230 phpOptions = '' 230 phpOptions = ''
231 session.save_path = "/var/lib/php/sessions"
232 session.gc_maxlifetime = 60*60*24*15
233 session.cache_expire = 60*24*30
231 ; For nextcloud 234 ; For nextcloud
232 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so 235 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
233 ; For nextcloud 236 ; For nextcloud
@@ -269,6 +272,9 @@
269 nextcloud = mypkgs.nextcloud.activationScript; 272 nextcloud = mypkgs.nextcloud.activationScript;
270 httpd = '' 273 httpd = ''
271 install -d -m 0755 /var/lib/acme/acme-challenge 274 install -d -m 0755 /var/lib/acme/acme-challenge
275 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
276 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
277 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
272 ''; 278 '';
273 redis = '' 279 redis = ''
274 mkdir -p /run/redis 280 mkdir -p /run/redis
diff --git a/virtual/packages/adminer.nix b/virtual/packages/adminer.nix
index 034f0d4..d2800aa 100644
--- a/virtual/packages/adminer.nix
+++ b/virtual/packages/adminer.nix
@@ -26,7 +26,10 @@ let
26 pm.max_children = 5 26 pm.max_children = 5
27 pm.process_idle_timeout = 60 27 pm.process_idle_timeout = 60
28 ;php_admin_flag[log_errors] = on 28 ;php_admin_flag[log_errors] = on
29 ; Needed to avoid clashes in browser cookies (same domain)
30 php_value[session.name] = AdminerPHPSESSID
29 php_admin_value[open_basedir] = "${webRoot}:/tmp" 31 php_admin_value[open_basedir] = "${webRoot}:/tmp"
32 php_admin_value[session.save_path] = "/var/lib/php/sessions/adminer"
30 ''; 33 '';
31 }; 34 };
32 apache = { 35 apache = {
diff --git a/virtual/packages/aten.nix b/virtual/packages/aten.nix
index 8251b31..d67f7b7 100644
--- a/virtual/packages/aten.nix
+++ b/virtual/packages/aten.nix
@@ -16,6 +16,7 @@ let
16 php_admin_value[post_max_size] = 20M 16 php_admin_value[post_max_size] = 20M
17 ;php_admin_flag[log_errors] = on 17 ;php_admin_flag[log_errors] = on
18 php_admin_value[open_basedir] = "${webappDir}:${varDir}:/tmp" 18 php_admin_value[open_basedir] = "${webappDir}:${varDir}:/tmp"
19 php_admin_value[session.save_path] = "${varDir}/phpSessions"
19 ${if environment == "dev" then '' 20 ${if environment == "dev" then ''
20 pm = ondemand 21 pm = ondemand
21 pm.max_children = 5 22 pm.max_children = 5
@@ -80,6 +81,7 @@ let
80 deps = [ "wrappers" ]; 81 deps = [ "wrappers" ];
81 text = '' 82 text = ''
82 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} 83 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
84 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
83 if [ ! -f "${varDir}/currentWebappDir" -o \ 85 if [ ! -f "${varDir}/currentWebappDir" -o \
84 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then 86 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
85 pushd ${webappDir} > /dev/null 87 pushd ${webappDir} > /dev/null
diff --git a/virtual/packages/chloe.nix b/virtual/packages/chloe.nix
index a867bf2..8633317 100644
--- a/virtual/packages/chloe.nix
+++ b/virtual/packages/chloe.nix
@@ -22,6 +22,7 @@ let
22 php_admin_value[post_max_size] = 20M 22 php_admin_value[post_max_size] = 20M
23 ;php_admin_flag[log_errors] = on 23 ;php_admin_flag[log_errors] = on
24 php_admin_value[open_basedir] = "${./spip_mes_options.php}:${configDir}:${webRoot}:${varDir}:/tmp" 24 php_admin_value[open_basedir] = "${./spip_mes_options.php}:${configDir}:${webRoot}:${varDir}:/tmp"
25 php_admin_value[session.save_path] = "${varDir}/phpSessions"
25 env[SPIP_CONFIG_DIR] = "${configDir}" 26 env[SPIP_CONFIG_DIR] = "${configDir}"
26 env[SPIP_VAR_DIR] = "${varDir}" 27 env[SPIP_VAR_DIR] = "${varDir}"
27 env[SPIP_SITE] = "chloe-${environment}" 28 env[SPIP_SITE] = "chloe-${environment}"
@@ -92,6 +93,7 @@ let
92 deps = [ "wrappers" ]; 93 deps = [ "wrappers" ];
93 text = '' 94 text = ''
94 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} ${varDir}/IMG ${varDir}/tmp ${varDir}/local 95 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} ${varDir}/IMG ${varDir}/tmp ${varDir}/local
96 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
95 ''; 97 '';
96 }; 98 };
97 configDir = ./chloe_config; 99 configDir = ./chloe_config;
diff --git a/virtual/packages/connexionswing.nix b/virtual/packages/connexionswing.nix
index 7f7dc16..199c893 100644
--- a/virtual/packages/connexionswing.nix
+++ b/virtual/packages/connexionswing.nix
@@ -38,6 +38,7 @@ let
38 php_admin_value[post_max_size] = 20M 38 php_admin_value[post_max_size] = 20M
39 ;php_admin_flag[log_errors] = on 39 ;php_admin_flag[log_errors] = on
40 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp" 40 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp"
41 php_admin_value[session.save_path] = "${varDir}/phpSessions"
41 ${if environment == "dev" then '' 42 ${if environment == "dev" then ''
42 pm = ondemand 43 pm = ondemand
43 pm.max_children = 5 44 pm.max_children = 5
@@ -135,6 +136,7 @@ let
135 ${varDir}/medias \ 136 ${varDir}/medias \
136 ${varDir}/uploads \ 137 ${varDir}/uploads \
137 ${varDir}/var 138 ${varDir}/var
139 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
138 if [ ! -f "${varDir}/currentWebappDir" -o \ 140 if [ ! -f "${varDir}/currentWebappDir" -o \
139 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then 141 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
140 pushd ${webappDir} > /dev/null 142 pushd ${webappDir} > /dev/null
diff --git a/virtual/packages/ludivinecassal.nix b/virtual/packages/ludivinecassal.nix
index c078722..eabb8fa 100644
--- a/virtual/packages/ludivinecassal.nix
+++ b/virtual/packages/ludivinecassal.nix
@@ -53,6 +53,7 @@ let
53 php_admin_value[post_max_size] = 20M 53 php_admin_value[post_max_size] = 20M
54 ;php_admin_flag[log_errors] = on 54 ;php_admin_flag[log_errors] = on
55 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp" 55 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp"
56 php_admin_value[session.save_path] = "${varDir}/phpSessions"
56 ${if environment == "dev" then '' 57 ${if environment == "dev" then ''
57 pm = ondemand 58 pm = ondemand
58 pm.max_children = 5 59 pm.max_children = 5
@@ -137,6 +138,7 @@ let
137 deps = [ "wrappers" ]; 138 deps = [ "wrappers" ];
138 text = '' 139 text = ''
139 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} 140 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
141 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
140 if [ ! -f "${varDir}/currentWebappDir" -o \ 142 if [ ! -f "${varDir}/currentWebappDir" -o \
141 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then 143 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
142 pushd ${webappDir} > /dev/null 144 pushd ${webappDir} > /dev/null
diff --git a/virtual/packages/mantisbt.nix b/virtual/packages/mantisbt.nix
index 82fc8ad..335cb7d 100644
--- a/virtual/packages/mantisbt.nix
+++ b/virtual/packages/mantisbt.nix
@@ -116,6 +116,7 @@ let
116 php_admin_value[upload_max_filesize] = 5000000 116 php_admin_value[upload_max_filesize] = 5000000
117 117
118 php_admin_value[open_basedir] = "${basedir}:/tmp" 118 php_admin_value[open_basedir] = "${basedir}:/tmp"
119 php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
119 ''; 120 '';
120 }; 121 };
121 }; 122 };
diff --git a/virtual/packages/nextcloud.nix b/virtual/packages/nextcloud.nix
index e39868a..5e9a927 100644
--- a/virtual/packages/nextcloud.nix
+++ b/virtual/packages/nextcloud.nix
@@ -198,6 +198,7 @@ let
198 deps = [ ]; 198 deps = [ ];
199 text = '' 199 text = ''
200 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} 200 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
201 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
201 ''; 202 '';
202 }; 203 };
203 apache = { 204 apache = {
@@ -253,6 +254,7 @@ let
253 php_admin_value[memory_limit] = 512M 254 php_admin_value[memory_limit] = 512M
254 255
255 php_admin_value[open_basedir] = "${basedir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp" 256 php_admin_value[open_basedir] = "${basedir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp"
257 php_admin_value[session.save_path] = "${varDir}/phpSessions"
256 ''; 258 '';
257 }; 259 };
258 }; 260 };
diff --git a/virtual/packages/piedsjaloux.nix b/virtual/packages/piedsjaloux.nix
index 819bafb..1c3d8b7 100644
--- a/virtual/packages/piedsjaloux.nix
+++ b/virtual/packages/piedsjaloux.nix
@@ -38,6 +38,7 @@ let
38 php_admin_value[post_max_size] = 20M 38 php_admin_value[post_max_size] = 20M
39 ;php_admin_flag[log_errors] = on 39 ;php_admin_flag[log_errors] = on
40 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp" 40 php_admin_value[open_basedir] = "${configRoot}:${webappDir}:${varDir}:/tmp"
41 php_admin_value[session.save_path] = "${varDir}/phpSessions"
41 ${if environment == "dev" then '' 42 ${if environment == "dev" then ''
42 pm = ondemand 43 pm = ondemand
43 pm.max_children = 5 44 pm.max_children = 5
@@ -123,6 +124,7 @@ let
123 text = '' 124 text = ''
124 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ 125 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
125 ${varDir}/tmp 126 ${varDir}/tmp
127 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
126 if [ ! -f "${varDir}/currentWebappDir" -o \ 128 if [ ! -f "${varDir}/currentWebappDir" -o \
127 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then 129 "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
128 pushd ${webappDir} > /dev/null 130 pushd ${webappDir} > /dev/null
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 18:45:39 +0000