diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-22 20:01:33 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-22 20:01:33 +0200 |
commit | 4288c2f2431fb782b0d512b1b3749187f2374b6a (patch) | |
tree | aaf812414f91d6b695a7507265e7572de8dc477c /modules/private/websites/tools/tools/shaarli.nix | |
parent | f40f5b235b890f46770a22f005f8a0f664cf0562 (diff) | |
download | Nix-4288c2f2431fb782b0d512b1b3749187f2374b6a.tar.gz Nix-4288c2f2431fb782b0d512b1b3749187f2374b6a.tar.zst Nix-4288c2f2431fb782b0d512b1b3749187f2374b6a.zip |
Move websites/tools to modules
Diffstat (limited to 'modules/private/websites/tools/tools/shaarli.nix')
-rw-r--r-- | modules/private/websites/tools/tools/shaarli.nix | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix new file mode 100644 index 0000000..2e89a47 --- /dev/null +++ b/modules/private/websites/tools/tools/shaarli.nix | |||
@@ -0,0 +1,65 @@ | |||
1 | { lib, env, stdenv, fetchurl, shaarli }: | ||
2 | let | ||
3 | varDir = "/var/lib/shaarli"; | ||
4 | in rec { | ||
5 | activationScript = '' | ||
6 | install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ | ||
7 | ${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data \ | ||
8 | ${varDir}/phpSessions | ||
9 | ''; | ||
10 | webRoot = shaarli varDir; | ||
11 | apache = rec { | ||
12 | user = "wwwrun"; | ||
13 | group = "wwwrun"; | ||
14 | modules = [ "proxy_fcgi" "rewrite" "env" ]; | ||
15 | webappName = "tools_shaarli"; | ||
16 | root = "/run/current-system/webapps/${webappName}"; | ||
17 | vhostConf = '' | ||
18 | Alias /Shaarli "${root}" | ||
19 | |||
20 | Include /var/secrets/webapps/tools-shaarli | ||
21 | <Directory "${root}"> | ||
22 | DirectoryIndex index.php index.htm index.html | ||
23 | Options Indexes FollowSymLinks MultiViews Includes | ||
24 | AllowOverride All | ||
25 | Require all granted | ||
26 | <FilesMatch "\.php$"> | ||
27 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | ||
28 | </FilesMatch> | ||
29 | </Directory> | ||
30 | ''; | ||
31 | }; | ||
32 | keys = [{ | ||
33 | dest = "webapps/tools-shaarli"; | ||
34 | user = apache.user; | ||
35 | group = apache.group; | ||
36 | permissions = "0400"; | ||
37 | text = '' | ||
38 | SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}" | ||
39 | SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}" | ||
40 | SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}" | ||
41 | SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}" | ||
42 | SetEnv SHAARLI_LDAP_FILTER "${env.ldap.search}" | ||
43 | ''; | ||
44 | }]; | ||
45 | phpFpm = rec { | ||
46 | serviceDeps = [ "openldap.service" ]; | ||
47 | basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; | ||
48 | socket = "/var/run/phpfpm/shaarli.sock"; | ||
49 | pool = '' | ||
50 | listen = ${socket} | ||
51 | user = ${apache.user} | ||
52 | group = ${apache.group} | ||
53 | listen.owner = ${apache.user} | ||
54 | listen.group = ${apache.group} | ||
55 | pm = ondemand | ||
56 | pm.max_children = 60 | ||
57 | pm.process_idle_timeout = 60 | ||
58 | |||
59 | ; Needed to avoid clashes in browser cookies (same domain) | ||
60 | php_value[session.name] = ShaarliPHPSESSID | ||
61 | php_admin_value[open_basedir] = "${basedir}:/tmp" | ||
62 | php_admin_value[session.save_path] = "${varDir}/phpSessions" | ||
63 | ''; | ||
64 | }; | ||
65 | } | ||