diff options
Diffstat (limited to 'modules/private/websites/tools/tools/ldap.nix')
-rw-r--r-- | modules/private/websites/tools/tools/ldap.nix | 29 |
1 files changed, 13 insertions, 16 deletions
diff --git a/modules/private/websites/tools/tools/ldap.nix b/modules/private/websites/tools/tools/ldap.nix index e58a9bd..0c1a21f 100644 --- a/modules/private/websites/tools/tools/ldap.nix +++ b/modules/private/websites/tools/tools/ldap.nix | |||
@@ -39,12 +39,12 @@ rec { | |||
39 | modules = [ "proxy_fcgi" ]; | 39 | modules = [ "proxy_fcgi" ]; |
40 | webappName = "tools_ldap"; | 40 | webappName = "tools_ldap"; |
41 | root = "/run/current-system/webapps/${webappName}"; | 41 | root = "/run/current-system/webapps/${webappName}"; |
42 | vhostConf = '' | 42 | vhostConf = socket: '' |
43 | Alias /ldap "${root}" | 43 | Alias /ldap "${root}" |
44 | <Directory "${root}"> | 44 | <Directory "${root}"> |
45 | DirectoryIndex index.php | 45 | DirectoryIndex index.php |
46 | <FilesMatch "\.php$"> | 46 | <FilesMatch "\.php$"> |
47 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | 47 | SetHandler "proxy:unix:${socket}|fcgi://localhost" |
48 | </FilesMatch> | 48 | </FilesMatch> |
49 | 49 | ||
50 | AllowOverride None | 50 | AllowOverride None |
@@ -55,20 +55,17 @@ rec { | |||
55 | phpFpm = rec { | 55 | phpFpm = rec { |
56 | serviceDeps = [ "openldap.service" ]; | 56 | serviceDeps = [ "openldap.service" ]; |
57 | basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ]; | 57 | basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ]; |
58 | socket = "/var/run/phpfpm/ldap.sock"; | 58 | pool = { |
59 | pool = '' | 59 | "listen.owner" = apache.user; |
60 | user = ${apache.user} | 60 | "listen.group" = apache.group; |
61 | group = ${apache.group} | 61 | "pm" = "ondemand"; |
62 | listen.owner = ${apache.user} | 62 | "pm.max_children" = "60"; |
63 | listen.group = ${apache.group} | 63 | "pm.process_idle_timeout" = "60"; |
64 | pm = ondemand | ||
65 | pm.max_children = 60 | ||
66 | pm.process_idle_timeout = 60 | ||
67 | 64 | ||
68 | ; Needed to avoid clashes in browser cookies (same domain) | 65 | # Needed to avoid clashes in browser cookies (same domain) |
69 | php_value[session.name] = LdapPHPSESSID | 66 | "php_value[session.name]" = "LdapPHPSESSID"; |
70 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/phpldapadmin" | 67 | "php_admin_value[open_basedir]" = "${basedir}:/tmp:/var/lib/php/sessions/phpldapadmin"; |
71 | php_admin_value[session.save_path] = "/var/lib/php/sessions/phpldapadmin" | 68 | "php_admin_value[session.save_path]" = "/var/lib/php/sessions/phpldapadmin"; |
72 | ''; | 69 | }; |
73 | }; | 70 | }; |
74 | } | 71 | } |