diff options
Diffstat (limited to 'modules/private/websites/tools/tools/rompr.nix')
-rw-r--r-- | modules/private/websites/tools/tools/rompr.nix | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/modules/private/websites/tools/tools/rompr.nix b/modules/private/websites/tools/tools/rompr.nix new file mode 100644 index 0000000..fea59fc --- /dev/null +++ b/modules/private/websites/tools/tools/rompr.nix | |||
@@ -0,0 +1,77 @@ | |||
1 | { lib, env, rompr }: | ||
2 | rec { | ||
3 | varDir = "/var/lib/rompr"; | ||
4 | activationScript = '' | ||
5 | install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ | ||
6 | ${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions | ||
7 | ''; | ||
8 | webRoot = rompr; | ||
9 | apache = rec { | ||
10 | user = "wwwrun"; | ||
11 | group = "wwwrun"; | ||
12 | modules = [ "headers" "mime" "proxy_fcgi" ]; | ||
13 | webappName = "tools_rompr"; | ||
14 | root = "/run/current-system/webapps/${webappName}"; | ||
15 | vhostConf = '' | ||
16 | Alias /rompr ${root} | ||
17 | |||
18 | <Directory ${root}> | ||
19 | Options Indexes FollowSymLinks | ||
20 | DirectoryIndex index.php | ||
21 | AllowOverride all | ||
22 | Require all granted | ||
23 | Order allow,deny | ||
24 | Allow from all | ||
25 | ErrorDocument 404 /rompr/404.php | ||
26 | AddType image/x-icon .ico | ||
27 | |||
28 | <FilesMatch "\.php$"> | ||
29 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | ||
30 | </FilesMatch> | ||
31 | </Directory> | ||
32 | |||
33 | <Directory ${root}/albumart/small> | ||
34 | Header Set Cache-Control "max-age=0, no-store" | ||
35 | Header Set Cache-Control "no-cache, must-revalidate" | ||
36 | </Directory> | ||
37 | |||
38 | <Directory ${root}/albumart/asdownloaded> | ||
39 | Header Set Cache-Control "max-age=0, no-store" | ||
40 | Header Set Cache-Control "no-cache, must-revalidate" | ||
41 | </Directory> | ||
42 | |||
43 | <LocationMatch "^/rompr"> | ||
44 | Use LDAPConnect | ||
45 | Require ldap-group cn=users,cn=mpd,ou=services,dc=immae,dc=eu | ||
46 | </LocationMatch> | ||
47 | ''; | ||
48 | }; | ||
49 | phpFpm = rec { | ||
50 | basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; | ||
51 | socket = "/var/run/phpfpm/rompr.sock"; | ||
52 | pool = '' | ||
53 | listen = ${socket} | ||
54 | user = ${apache.user} | ||
55 | group = ${apache.group} | ||
56 | listen.owner = ${apache.user} | ||
57 | listen.group = ${apache.group} | ||
58 | pm = ondemand | ||
59 | pm.max_children = 60 | ||
60 | pm.process_idle_timeout = 60 | ||
61 | |||
62 | ; Needed to avoid clashes in browser cookies (same domain) | ||
63 | php_value[session.name] = RomprPHPSESSID | ||
64 | php_admin_value[open_basedir] = "${basedir}:/tmp" | ||
65 | php_admin_value[session.save_path] = "${varDir}/phpSessions" | ||
66 | php_flag[magic_quotes_gpc] = Off | ||
67 | php_flag[track_vars] = On | ||
68 | php_flag[register_globals] = Off | ||
69 | php_admin_flag[allow_url_fopen] = On | ||
70 | php_value[include_path] = ${webRoot} | ||
71 | php_admin_value[upload_tmp_dir] = "${varDir}/prefs" | ||
72 | php_admin_value[post_max_size] = 32M | ||
73 | php_admin_value[upload_max_filesize] = 32M | ||
74 | php_admin_value[memory_limit] = 256M | ||
75 | ''; | ||
76 | }; | ||
77 | } | ||