aboutsummaryrefslogtreecommitdiff
path: root/modules/private/websites/tools/tools
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/websites/tools/tools')
-rw-r--r--modules/private/websites/tools/tools/adminer.nix49
-rw-r--r--modules/private/websites/tools/tools/default.nix129
-rw-r--r--modules/private/websites/tools/tools/dokuwiki.nix29
-rw-r--r--modules/private/websites/tools/tools/grocy.nix29
-rw-r--r--modules/private/websites/tools/tools/kanboard.nix29
-rw-r--r--modules/private/websites/tools/tools/ldap.nix29
-rw-r--r--modules/private/websites/tools/tools/rompr.nix47
-rw-r--r--modules/private/websites/tools/tools/shaarli.nix29
-rw-r--r--modules/private/websites/tools/tools/ttrss.nix31
-rw-r--r--modules/private/websites/tools/tools/wallabag.nix33
-rw-r--r--modules/private/websites/tools/tools/yourls.nix29
11 files changed, 226 insertions, 237 deletions
diff --git a/modules/private/websites/tools/tools/adminer.nix b/modules/private/websites/tools/tools/adminer.nix
index 907e37f..52a132c 100644
--- a/modules/private/websites/tools/tools/adminer.nix
+++ b/modules/private/websites/tools/tools/adminer.nix
@@ -1,4 +1,4 @@
1{ adminer }: 1{ adminer, php73, forcePhpSocket ? null }:
2rec { 2rec {
3 activationScript = { 3 activationScript = {
4 deps = [ "httpd" ]; 4 deps = [ "httpd" ];
@@ -9,22 +9,33 @@ rec {
9 }; 9 };
10 webRoot = adminer; 10 webRoot = adminer;
11 phpFpm = rec { 11 phpFpm = rec {
12 socket = "/var/run/phpfpm/adminer.sock"; 12 user = apache.user;
13 pool = '' 13 group = apache.group;
14 user = ${apache.user} 14 phpPackage = (php73.override {
15 group = ${apache.group} 15 config.php.mysqlnd = true;
16 listen.owner = ${apache.user} 16 config.php.mysqli = false;
17 listen.group = ${apache.group} 17 config.php.pdo-mysql = false;
18 pm = ondemand 18 }).overrideAttrs(old: rec {
19 pm.max_children = 5 19 configureFlags = old.configureFlags ++ [
20 pm.process_idle_timeout = 60 20 "--with-mysqli=shared,mysqlnd"
21 ;php_admin_flag[log_errors] = on 21 ];
22 ; Needed to avoid clashes in browser cookies (same domain) 22 });
23 php_value[session.name] = AdminerPHPSESSID 23 phpOptions = ''
24 php_admin_value[open_basedir] = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer" 24 extension=${phpPackage}/lib/php/extensions/mysqli.so
25 php_admin_value[session.save_path] = "/var/lib/php/sessions/adminer" 25 '';
26 php_admin_value[upload_tmp_dir] = "/var/lib/php/tmp/adminer" 26 settings = {
27 ''; 27 "listen.owner" = apache.user;
28 "listen.group" = apache.group;
29 "pm" = "ondemand";
30 "pm.max_children" = "5";
31 "pm.process_idle_timeout" = "60";
32 #"php_admin_flag[log_errors]" = "on";
33 # Needed to avoid clashes in browser cookies (same domain)
34 "php_value[session.name]" = "AdminerPHPSESSID";
35 "php_admin_value[open_basedir]" = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer";
36 "php_admin_value[session.save_path]" = "/var/lib/php/sessions/adminer";
37 "php_admin_value[upload_tmp_dir]" = "/var/lib/php/tmp/adminer";
38 };
28 }; 39 };
29 apache = rec { 40 apache = rec {
30 user = "wwwrun"; 41 user = "wwwrun";
@@ -32,12 +43,12 @@ rec {
32 modules = [ "proxy_fcgi" ]; 43 modules = [ "proxy_fcgi" ];
33 webappName = "_adminer"; 44 webappName = "_adminer";
34 root = "/run/current-system/webapps/${webappName}"; 45 root = "/run/current-system/webapps/${webappName}";
35 vhostConf = '' 46 vhostConf = socket: ''
36 Alias /adminer ${root} 47 Alias /adminer ${root}
37 <Directory ${root}> 48 <Directory ${root}>
38 DirectoryIndex index.php 49 DirectoryIndex index.php
39 <FilesMatch "\.php$"> 50 <FilesMatch "\.php$">
40 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 51 SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
41 </FilesMatch> 52 </FilesMatch>
42 53
43 Use LDAPConnect 54 Use LDAPConnect
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 5dc0981..5e0d446 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -40,6 +40,7 @@ let
40 }; 40 };
41 41
42 cfg = config.myServices.websites.tools.tools; 42 cfg = config.myServices.websites.tools.tools;
43 pcfg = config.services.phpfpm.pools;
43in { 44in {
44 options.myServices.websites.tools.tools = { 45 options.myServices.websites.tools.tools = {
45 enable = lib.mkEnableOption "enable tools website"; 46 enable = lib.mkEnableOption "enable tools website";
@@ -92,7 +93,7 @@ in {
92 AllowOverride all 93 AllowOverride all
93 Require all granted 94 Require all granted
94 <FilesMatch "\.php$"> 95 <FilesMatch "\.php$">
95 SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost" 96 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
96 </FilesMatch> 97 </FilesMatch>
97 </Directory> 98 </Directory>
98 '' 99 ''
@@ -115,21 +116,21 @@ in {
115 AllowOverride all 116 AllowOverride all
116 Require all granted 117 Require all granted
117 <FilesMatch "\.php$"> 118 <FilesMatch "\.php$">
118 SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost" 119 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
119 </FilesMatch> 120 </FilesMatch>
120 </Directory> 121 </Directory>
121 '' 122 ''
122 adminer.apache.vhostConf 123 (adminer.apache.vhostConf pcfg.adminer.socket)
123 ympd.apache.vhostConf 124 ympd.apache.vhostConf
124 ttrss.apache.vhostConf 125 (ttrss.apache.vhostConf pcfg.ttrss.socket)
125 wallabag.apache.vhostConf 126 (wallabag.apache.vhostConf pcfg.wallabag.socket)
126 yourls.apache.vhostConf 127 (yourls.apache.vhostConf pcfg.yourls.socket)
127 rompr.apache.vhostConf 128 (rompr.apache.vhostConf pcfg.rompr.socket)
128 shaarli.apache.vhostConf 129 (shaarli.apache.vhostConf pcfg.shaarli.socket)
129 dokuwiki.apache.vhostConf 130 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
130 ldap.apache.vhostConf 131 (ldap.apache.vhostConf pcfg.ldap.socket)
131 kanboard.apache.vhostConf 132 (kanboard.apache.vhostConf pcfg.kanboard.socket)
132 grocy.apache.vhostConf 133 (grocy.apache.vhostConf pcfg.grocy.socket)
133 ]; 134 ];
134 }; 135 };
135 136
@@ -226,38 +227,36 @@ in {
226 227
227 services.phpfpm.pools = { 228 services.phpfpm.pools = {
228 tools = { 229 tools = {
229 listen = "/var/run/phpfpm/tools.sock"; 230 user = "wwwrun";
230 extraConfig = '' 231 group = "wwwrun";
231 user = wwwrun 232 settings = {
232 group = wwwrun 233 "listen.owner" = "wwwrun";
233 listen.owner = wwwrun 234 "listen.group" = "wwwrun";
234 listen.group = wwwrun 235 "pm" = "dynamic";
235 pm = dynamic 236 "pm.max_children" = "60";
236 pm.max_children = 60 237 "pm.start_servers" = "2";
237 pm.start_servers = 2 238 "pm.min_spare_servers" = "1";
238 pm.min_spare_servers = 1 239 "pm.max_spare_servers" = "10";
239 pm.max_spare_servers = 10
240 240
241 ; Needed to avoid clashes in browser cookies (same domain) 241 # Needed to avoid clashes in browser cookies (same domain)
242 php_value[session.name] = ToolsPHPSESSID 242 "php_value[session.name]" = "ToolsPHPSESSID";
243 php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp" 243 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp";
244 ''; 244 };
245 }; 245 };
246 devtools = { 246 devtools = {
247 listen = "/var/run/phpfpm/devtools.sock"; 247 user = "wwwrun";
248 extraConfig = '' 248 group = "wwwrun";
249 user = wwwrun 249 settings = {
250 group = wwwrun 250 "listen.owner" = "wwwrun";
251 listen.owner = wwwrun 251 "listen.group" = "wwwrun";
252 listen.group = wwwrun 252 "pm" = "dynamic";
253 pm = dynamic 253 "pm.max_children" = "60";
254 pm.max_children = 60 254 "pm.start_servers" = "2";
255 pm.start_servers = 2 255 "pm.min_spare_servers" = "1";
256 pm.min_spare_servers = 1 256 "pm.max_spare_servers" = "10";
257 pm.max_spare_servers = 10
258 257
259 php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" 258 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
260 ''; 259 };
261 phpOptions = config.services.phpfpm.phpOptions + '' 260 phpOptions = config.services.phpfpm.phpOptions + ''
262 extension=${pkgs.php}/lib/php/extensions/mysqli.so 261 extension=${pkgs.php}/lib/php/extensions/mysqli.so
263 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so 262 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
@@ -265,45 +264,51 @@ in {
265 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so 264 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
266 ''; 265 '';
267 }; 266 };
268 adminer = { 267 adminer = adminer.phpFpm;
269 listen = adminer.phpFpm.socket;
270 extraConfig = adminer.phpFpm.pool;
271 };
272 ttrss = { 268 ttrss = {
273 listen = ttrss.phpFpm.socket; 269 user = "wwwrun";
274 extraConfig = ttrss.phpFpm.pool; 270 group = "wwwrun";
271 settings = ttrss.phpFpm.pool;
275 }; 272 };
276 wallabag = { 273 wallabag = {
277 listen = wallabag.phpFpm.socket; 274 user = "wwwrun";
278 extraConfig = wallabag.phpFpm.pool; 275 group = "wwwrun";
276 settings = wallabag.phpFpm.pool;
279 }; 277 };
280 yourls = { 278 yourls = {
281 listen = yourls.phpFpm.socket; 279 user = "wwwrun";
282 extraConfig = yourls.phpFpm.pool; 280 group = "wwwrun";
281 settings = yourls.phpFpm.pool;
283 }; 282 };
284 rompr = { 283 rompr = {
285 listen = rompr.phpFpm.socket; 284 user = "wwwrun";
286 extraConfig = rompr.phpFpm.pool; 285 group = "wwwrun";
286 settings = rompr.phpFpm.pool;
287 }; 287 };
288 shaarli = { 288 shaarli = {
289 listen = shaarli.phpFpm.socket; 289 user = "wwwrun";
290 extraConfig = shaarli.phpFpm.pool; 290 group = "wwwrun";
291 settings = shaarli.phpFpm.pool;
291 }; 292 };
292 dokuwiki = { 293 dokuwiki = {
293 listen = dokuwiki.phpFpm.socket; 294 user = "wwwrun";
294 extraConfig = dokuwiki.phpFpm.pool; 295 group = "wwwrun";
296 settings = dokuwiki.phpFpm.pool;
295 }; 297 };
296 ldap = { 298 ldap = {
297 listen = ldap.phpFpm.socket; 299 user = "wwwrun";
298 extraConfig = ldap.phpFpm.pool; 300 group = "wwwrun";
301 settings = ldap.phpFpm.pool;
299 }; 302 };
300 kanboard = { 303 kanboard = {
301 listen = kanboard.phpFpm.socket; 304 user = "wwwrun";
302 extraConfig = kanboard.phpFpm.pool; 305 group = "wwwrun";
306 settings = kanboard.phpFpm.pool;
303 }; 307 };
304 grocy = { 308 grocy = {
305 listen = grocy.phpFpm.socket; 309 user = "wwwrun";
306 extraConfig = grocy.phpFpm.pool; 310 group = "wwwrun";
311 settings = grocy.phpFpm.pool;
307 }; 312 };
308 }; 313 };
309 314
diff --git a/modules/private/websites/tools/tools/dokuwiki.nix b/modules/private/websites/tools/tools/dokuwiki.nix
index d66e85d..26c04b7 100644
--- a/modules/private/websites/tools/tools/dokuwiki.nix
+++ b/modules/private/websites/tools/tools/dokuwiki.nix
@@ -26,12 +26,12 @@ rec {
26 modules = [ "proxy_fcgi" ]; 26 modules = [ "proxy_fcgi" ];
27 webappName = "tools_dokuwiki"; 27 webappName = "tools_dokuwiki";
28 root = "/run/current-system/webapps/${webappName}"; 28 root = "/run/current-system/webapps/${webappName}";
29 vhostConf = '' 29 vhostConf = socket: ''
30 Alias /dokuwiki "${root}" 30 Alias /dokuwiki "${root}"
31 <Directory "${root}"> 31 <Directory "${root}">
32 DirectoryIndex index.php 32 DirectoryIndex index.php
33 <FilesMatch "\.php$"> 33 <FilesMatch "\.php$">
34 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 34 SetHandler "proxy:unix:${socket}|fcgi://localhost"
35 </FilesMatch> 35 </FilesMatch>
36 36
37 AllowOverride All 37 AllowOverride All
@@ -44,20 +44,17 @@ rec {
44 serviceDeps = [ "openldap.service" ]; 44 serviceDeps = [ "openldap.service" ];
45 basedir = builtins.concatStringsSep ":" ( 45 basedir = builtins.concatStringsSep ":" (
46 [ webRoot varDir ] ++ webRoot.plugins); 46 [ webRoot varDir ] ++ webRoot.plugins);
47 socket = "/var/run/phpfpm/dokuwiki.sock"; 47 pool = {
48 pool = '' 48 "listen.owner" = apache.user;
49 user = ${apache.user} 49 "listen.group" = apache.group;
50 group = ${apache.group} 50 "pm" = "ondemand";
51 listen.owner = ${apache.user} 51 "pm.max_children" = "60";
52 listen.group = ${apache.group} 52 "pm.process_idle_timeout" = "60";
53 pm = ondemand
54 pm.max_children = 60
55 pm.process_idle_timeout = 60
56 53
57 ; Needed to avoid clashes in browser cookies (same domain) 54 # Needed to avoid clashes in browser cookies (same domain)
58 php_value[session.name] = DokuwikiPHPSESSID 55 "php_value[session.name]" = "DokuwikiPHPSESSID";
59 php_admin_value[open_basedir] = "${basedir}:/tmp" 56 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
60 php_admin_value[session.save_path] = "${varDir}/phpSessions" 57 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
61 ''; 58 };
62 }; 59 };
63} 60}
diff --git a/modules/private/websites/tools/tools/grocy.nix b/modules/private/websites/tools/tools/grocy.nix
index 1b8da20..a98d8ac 100644
--- a/modules/private/websites/tools/tools/grocy.nix
+++ b/modules/private/websites/tools/tools/grocy.nix
@@ -18,12 +18,12 @@ rec {
18 modules = [ "proxy_fcgi" ]; 18 modules = [ "proxy_fcgi" ];
19 webappName = "tools_grocy"; 19 webappName = "tools_grocy";
20 root = "/run/current-system/webapps/${webappName}"; 20 root = "/run/current-system/webapps/${webappName}";
21 vhostConf = '' 21 vhostConf = socket: ''
22 Alias /grocy "${root}" 22 Alias /grocy "${root}"
23 <Directory "${root}"> 23 <Directory "${root}">
24 DirectoryIndex index.php 24 DirectoryIndex index.php
25 <FilesMatch "\.php$"> 25 <FilesMatch "\.php$">
26 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 26 SetHandler "proxy:unix:${socket}|fcgi://localhost"
27 </FilesMatch> 27 </FilesMatch>
28 28
29 AllowOverride All 29 AllowOverride All
@@ -35,21 +35,18 @@ rec {
35 phpFpm = rec { 35 phpFpm = rec {
36 basedir = builtins.concatStringsSep ":" ( 36 basedir = builtins.concatStringsSep ":" (
37 [ grocy grocy.yarnModules varDir ]); 37 [ grocy grocy.yarnModules varDir ]);
38 socket = "/var/run/phpfpm/grocy.sock"; 38 pool = {
39 pool = '' 39 "listen.owner" = apache.user;
40 user = ${apache.user} 40 "listen.group" = apache.group;
41 group = ${apache.group} 41 "pm" = "ondemand";
42 listen.owner = ${apache.user} 42 "pm.max_children" = "60";
43 listen.group = ${apache.group} 43 "pm.process_idle_timeout" = "60";
44 pm = ondemand
45 pm.max_children = 60
46 pm.process_idle_timeout = 60
47 44
48 ; Needed to avoid clashes in browser cookies (same domain) 45 # Needed to avoid clashes in browser cookies (same domain)
49 php_value[session.name] = grocyPHPSESSID 46 "php_value[session.name]" = "grocyPHPSESSID";
50 php_admin_value[open_basedir] = "${basedir}:/tmp" 47 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
51 php_admin_value[session.save_path] = "${varDir}/phpSessions" 48 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
52 ''; 49 };
53 }; 50 };
54} 51}
55 52
diff --git a/modules/private/websites/tools/tools/kanboard.nix b/modules/private/websites/tools/tools/kanboard.nix
index 1880cbd..0f6fefc 100644
--- a/modules/private/websites/tools/tools/kanboard.nix
+++ b/modules/private/websites/tools/tools/kanboard.nix
@@ -49,7 +49,7 @@ rec {
49 modules = [ "proxy_fcgi" ]; 49 modules = [ "proxy_fcgi" ];
50 webappName = "tools_kanboard"; 50 webappName = "tools_kanboard";
51 root = "/run/current-system/webapps/${webappName}"; 51 root = "/run/current-system/webapps/${webappName}";
52 vhostConf = '' 52 vhostConf = socket: ''
53 Alias /kanboard "${root}" 53 Alias /kanboard "${root}"
54 <Directory "${root}"> 54 <Directory "${root}">
55 DirectoryIndex index.php 55 DirectoryIndex index.php
@@ -58,7 +58,7 @@ rec {
58 Require all granted 58 Require all granted
59 59
60 <FilesMatch "\.php$"> 60 <FilesMatch "\.php$">
61 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 61 SetHandler "proxy:unix:${socket}|fcgi://localhost"
62 </FilesMatch> 62 </FilesMatch>
63 </Directory> 63 </Directory>
64 <DirectoryMatch "${root}/data"> 64 <DirectoryMatch "${root}/data">
@@ -69,20 +69,17 @@ rec {
69 phpFpm = rec { 69 phpFpm = rec {
70 serviceDeps = [ "postgresql.service" "openldap.service" ]; 70 serviceDeps = [ "postgresql.service" "openldap.service" ];
71 basedir = builtins.concatStringsSep ":" [ webRoot varDir "/var/secrets/webapps/tools-kanboard" ]; 71 basedir = builtins.concatStringsSep ":" [ webRoot varDir "/var/secrets/webapps/tools-kanboard" ];
72 socket = "/var/run/phpfpm/kanboard.sock"; 72 pool = {
73 pool = '' 73 "listen.owner" = apache.user;
74 user = ${apache.user} 74 "listen.group" = apache.group;
75 group = ${apache.group} 75 "pm" = "ondemand";
76 listen.owner = ${apache.user} 76 "pm.max_children" = "60";
77 listen.group = ${apache.group} 77 "pm.process_idle_timeout" = "60";
78 pm = ondemand
79 pm.max_children = 60
80 pm.process_idle_timeout = 60
81 78
82 ; Needed to avoid clashes in browser cookies (same domain) 79 # Needed to avoid clashes in browser cookies (same domain)
83 php_value[session.name] = KanboardPHPSESSID 80 "php_value[session.name]" = "KanboardPHPSESSID";
84 php_admin_value[open_basedir] = "${basedir}:/tmp" 81 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
85 php_admin_value[session.save_path] = "${varDir}/phpSessions" 82 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
86 ''; 83 };
87 }; 84 };
88} 85}
diff --git a/modules/private/websites/tools/tools/ldap.nix b/modules/private/websites/tools/tools/ldap.nix
index e58a9bd..0c1a21f 100644
--- a/modules/private/websites/tools/tools/ldap.nix
+++ b/modules/private/websites/tools/tools/ldap.nix
@@ -39,12 +39,12 @@ rec {
39 modules = [ "proxy_fcgi" ]; 39 modules = [ "proxy_fcgi" ];
40 webappName = "tools_ldap"; 40 webappName = "tools_ldap";
41 root = "/run/current-system/webapps/${webappName}"; 41 root = "/run/current-system/webapps/${webappName}";
42 vhostConf = '' 42 vhostConf = socket: ''
43 Alias /ldap "${root}" 43 Alias /ldap "${root}"
44 <Directory "${root}"> 44 <Directory "${root}">
45 DirectoryIndex index.php 45 DirectoryIndex index.php
46 <FilesMatch "\.php$"> 46 <FilesMatch "\.php$">
47 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 47 SetHandler "proxy:unix:${socket}|fcgi://localhost"
48 </FilesMatch> 48 </FilesMatch>
49 49
50 AllowOverride None 50 AllowOverride None
@@ -55,20 +55,17 @@ rec {
55 phpFpm = rec { 55 phpFpm = rec {
56 serviceDeps = [ "openldap.service" ]; 56 serviceDeps = [ "openldap.service" ];
57 basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ]; 57 basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ];
58 socket = "/var/run/phpfpm/ldap.sock"; 58 pool = {
59 pool = '' 59 "listen.owner" = apache.user;
60 user = ${apache.user} 60 "listen.group" = apache.group;
61 group = ${apache.group} 61 "pm" = "ondemand";
62 listen.owner = ${apache.user} 62 "pm.max_children" = "60";
63 listen.group = ${apache.group} 63 "pm.process_idle_timeout" = "60";
64 pm = ondemand
65 pm.max_children = 60
66 pm.process_idle_timeout = 60
67 64
68 ; Needed to avoid clashes in browser cookies (same domain) 65 # Needed to avoid clashes in browser cookies (same domain)
69 php_value[session.name] = LdapPHPSESSID 66 "php_value[session.name]" = "LdapPHPSESSID";
70 php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/phpldapadmin" 67 "php_admin_value[open_basedir]" = "${basedir}:/tmp:/var/lib/php/sessions/phpldapadmin";
71 php_admin_value[session.save_path] = "/var/lib/php/sessions/phpldapadmin" 68 "php_admin_value[session.save_path]" = "/var/lib/php/sessions/phpldapadmin";
72 ''; 69 };
73 }; 70 };
74} 71}
diff --git a/modules/private/websites/tools/tools/rompr.nix b/modules/private/websites/tools/tools/rompr.nix
index 75adabe..106164c 100644
--- a/modules/private/websites/tools/tools/rompr.nix
+++ b/modules/private/websites/tools/tools/rompr.nix
@@ -15,7 +15,7 @@ rec {
15 modules = [ "headers" "mime" "proxy_fcgi" ]; 15 modules = [ "headers" "mime" "proxy_fcgi" ];
16 webappName = "tools_rompr"; 16 webappName = "tools_rompr";
17 root = "/run/current-system/webapps/${webappName}"; 17 root = "/run/current-system/webapps/${webappName}";
18 vhostConf = '' 18 vhostConf = socket: ''
19 Alias /rompr ${root} 19 Alias /rompr ${root}
20 20
21 <Directory ${root}> 21 <Directory ${root}>
@@ -29,7 +29,7 @@ rec {
29 AddType image/x-icon .ico 29 AddType image/x-icon .ico
30 30
31 <FilesMatch "\.php$"> 31 <FilesMatch "\.php$">
32 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 32 SetHandler "proxy:unix:${socket}|fcgi://localhost"
33 </FilesMatch> 33 </FilesMatch>
34 </Directory> 34 </Directory>
35 35
@@ -51,29 +51,26 @@ rec {
51 }; 51 };
52 phpFpm = rec { 52 phpFpm = rec {
53 basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; 53 basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
54 socket = "/var/run/phpfpm/rompr.sock"; 54 pool = {
55 pool = '' 55 "listen.owner" = apache.user;
56 user = ${apache.user} 56 "listen.group" = apache.group;
57 group = ${apache.group} 57 "pm" = "ondemand";
58 listen.owner = ${apache.user} 58 "pm.max_children" = "60";
59 listen.group = ${apache.group} 59 "pm.process_idle_timeout" = "60";
60 pm = ondemand
61 pm.max_children = 60
62 pm.process_idle_timeout = 60
63 60
64 ; Needed to avoid clashes in browser cookies (same domain) 61 # Needed to avoid clashes in browser cookies (same domain)
65 php_value[session.name] = RomprPHPSESSID 62 "php_value[session.name]" = "RomprPHPSESSID";
66 php_admin_value[open_basedir] = "${basedir}:/tmp" 63 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
67 php_admin_value[session.save_path] = "${varDir}/phpSessions" 64 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
68 php_flag[magic_quotes_gpc] = Off 65 "php_flag[magic_quotes_gpc]" = "Off";
69 php_flag[track_vars] = On 66 "php_flag[track_vars]" = "On";
70 php_flag[register_globals] = Off 67 "php_flag[register_globals]" = "Off";
71 php_admin_flag[allow_url_fopen] = On 68 "php_admin_flag[allow_url_fopen]" = "On";
72 php_value[include_path] = ${webRoot} 69 "php_value[include_path]" = "${webRoot}";
73 php_admin_value[upload_tmp_dir] = "${varDir}/prefs" 70 "php_admin_value[upload_tmp_dir]" = "${varDir}/prefs";
74 php_admin_value[post_max_size] = 32M 71 "php_admin_value[post_max_size]" = "32M";
75 php_admin_value[upload_max_filesize] = 32M 72 "php_admin_value[upload_max_filesize]" = "32M";
76 php_admin_value[memory_limit] = 256M 73 "php_admin_value[memory_limit]" = "256M";
77 ''; 74 };
78 }; 75 };
79} 76}
diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix
index 0a75755..950d296 100644
--- a/modules/private/websites/tools/tools/shaarli.nix
+++ b/modules/private/websites/tools/tools/shaarli.nix
@@ -17,7 +17,7 @@ in rec {
17 modules = [ "proxy_fcgi" "rewrite" "env" ]; 17 modules = [ "proxy_fcgi" "rewrite" "env" ];
18 webappName = "tools_shaarli"; 18 webappName = "tools_shaarli";
19 root = "/run/current-system/webapps/${webappName}"; 19 root = "/run/current-system/webapps/${webappName}";
20 vhostConf = '' 20 vhostConf = socket: ''
21 Alias /Shaarli "${root}" 21 Alias /Shaarli "${root}"
22 22
23 Include /var/secrets/webapps/tools-shaarli 23 Include /var/secrets/webapps/tools-shaarli
@@ -27,7 +27,7 @@ in rec {
27 AllowOverride All 27 AllowOverride All
28 Require all granted 28 Require all granted
29 <FilesMatch "\.php$"> 29 <FilesMatch "\.php$">
30 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 30 SetHandler "proxy:unix:${socket}|fcgi://localhost"
31 </FilesMatch> 31 </FilesMatch>
32 </Directory> 32 </Directory>
33 ''; 33 '';
@@ -48,20 +48,17 @@ in rec {
48 phpFpm = rec { 48 phpFpm = rec {
49 serviceDeps = [ "openldap.service" ]; 49 serviceDeps = [ "openldap.service" ];
50 basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; 50 basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
51 socket = "/var/run/phpfpm/shaarli.sock"; 51 pool = {
52 pool = '' 52 "listen.owner" = apache.user;
53 user = ${apache.user} 53 "listen.group" = apache.group;
54 group = ${apache.group} 54 "pm" = "ondemand";
55 listen.owner = ${apache.user} 55 "pm.max_children" = "60";
56 listen.group = ${apache.group} 56 "pm.process_idle_timeout" = "60";
57 pm = ondemand
58 pm.max_children = 60
59 pm.process_idle_timeout = 60
60 57
61 ; Needed to avoid clashes in browser cookies (same domain) 58 # Needed to avoid clashes in browser cookies (same domain)
62 php_value[session.name] = ShaarliPHPSESSID 59 "php_value[session.name]" = "ShaarliPHPSESSID";
63 php_admin_value[open_basedir] = "${basedir}:/tmp" 60 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
64 php_admin_value[session.save_path] = "${varDir}/phpSessions" 61 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
65 ''; 62 };
66 }; 63 };
67} 64}
diff --git a/modules/private/websites/tools/tools/ttrss.nix b/modules/private/websites/tools/tools/ttrss.nix
index a8b2a93..48876d3 100644
--- a/modules/private/websites/tools/tools/ttrss.nix
+++ b/modules/private/websites/tools/tools/ttrss.nix
@@ -95,12 +95,12 @@ rec {
95 modules = [ "proxy_fcgi" ]; 95 modules = [ "proxy_fcgi" ];
96 webappName = "tools_ttrss"; 96 webappName = "tools_ttrss";
97 root = "/run/current-system/webapps/${webappName}"; 97 root = "/run/current-system/webapps/${webappName}";
98 vhostConf = '' 98 vhostConf = socket: ''
99 Alias /ttrss "${root}" 99 Alias /ttrss "${root}"
100 <Directory "${root}"> 100 <Directory "${root}">
101 DirectoryIndex index.php 101 DirectoryIndex index.php
102 <FilesMatch "\.php$"> 102 <FilesMatch "\.php$">
103 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 103 SetHandler "proxy:unix:${socket}|fcgi://localhost"
104 </FilesMatch> 104 </FilesMatch>
105 105
106 AllowOverride All 106 AllowOverride All
@@ -114,20 +114,17 @@ rec {
114 basedir = builtins.concatStringsSep ":" ( 114 basedir = builtins.concatStringsSep ":" (
115 [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ] 115 [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ]
116 ++ webRoot.plugins); 116 ++ webRoot.plugins);
117 socket = "/var/run/phpfpm/ttrss.sock"; 117 pool = {
118 pool = '' 118 "listen.owner" = apache.user;
119 user = ${apache.user} 119 "listen.group" = apache.group;
120 group = ${apache.group} 120 "pm" = "ondemand";
121 listen.owner = ${apache.user} 121 "pm.max_children" = "60";
122 listen.group = ${apache.group} 122 "pm.process_idle_timeout" = "60";
123 pm = ondemand 123
124 pm.max_children = 60 124 # Needed to avoid clashes in browser cookies (same domain)
125 pm.process_idle_timeout = 60 125 "php_value[session.name]" = "TtrssPHPSESSID";
126 126 "php_admin_value[open_basedir]" = "${basedir}:/tmp";
127 ; Needed to avoid clashes in browser cookies (same domain) 127 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
128 php_value[session.name] = TtrssPHPSESSID 128 };
129 php_admin_value[open_basedir] = "${basedir}:/tmp"
130 php_admin_value[session.save_path] = "${varDir}/phpSessions"
131 '';
132 }; 129 };
133} 130}
diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index 014d8a1..00e2dc9 100644
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -82,7 +82,7 @@ rec {
82 modules = [ "proxy_fcgi" ]; 82 modules = [ "proxy_fcgi" ];
83 webappName = "tools_wallabag"; 83 webappName = "tools_wallabag";
84 root = "/run/current-system/webapps/${webappName}"; 84 root = "/run/current-system/webapps/${webappName}";
85 vhostConf = '' 85 vhostConf = socket: ''
86 Alias /wallabag "${root}" 86 Alias /wallabag "${root}"
87 <Directory "${root}"> 87 <Directory "${root}">
88 AllowOverride None 88 AllowOverride None
@@ -91,7 +91,7 @@ rec {
91 CGIPassAuth On 91 CGIPassAuth On
92 92
93 <FilesMatch "\.php$"> 93 <FilesMatch "\.php$">
94 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 94 SetHandler "proxy:unix:${socket}|fcgi://localhost"
95 </FilesMatch> 95 </FilesMatch>
96 96
97 <IfModule mod_rewrite.c> 97 <IfModule mod_rewrite.c>
@@ -129,22 +129,19 @@ rec {
129 ''; 129 '';
130 serviceDeps = [ "postgresql.service" "openldap.service" ]; 130 serviceDeps = [ "postgresql.service" "openldap.service" ];
131 basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ]; 131 basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
132 socket = "/var/run/phpfpm/wallabag.sock"; 132 pool = {
133 pool = '' 133 "listen.owner" = apache.user;
134 user = ${apache.user} 134 "listen.group" = apache.group;
135 group = ${apache.group} 135 "pm" = "dynamic";
136 listen.owner = ${apache.user} 136 "pm.max_children" = "60";
137 listen.group = ${apache.group} 137 "pm.start_servers" = "2";
138 pm = dynamic 138 "pm.min_spare_servers" = "1";
139 pm.max_children = 60 139 "pm.max_spare_servers" = "10";
140 pm.start_servers = 2
141 pm.min_spare_servers = 1
142 pm.max_spare_servers = 10
143 140
144 ; Needed to avoid clashes in browser cookies (same domain) 141 # Needed to avoid clashes in browser cookies (same domain)
145 php_value[session.name] = WallabagPHPSESSID 142 "php_value[session.name]" = "WallabagPHPSESSID";
146 php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp" 143 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp";
147 php_value[max_execution_time] = 300 144 "php_value[max_execution_time]" = "300";
148 ''; 145 };
149 }; 146 };
150} 147}
diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix
index 466ceae..cb03b6c 100644
--- a/modules/private/websites/tools/tools/yourls.nix
+++ b/modules/private/websites/tools/tools/yourls.nix
@@ -48,11 +48,11 @@ rec {
48 modules = [ "proxy_fcgi" ]; 48 modules = [ "proxy_fcgi" ];
49 webappName = "tools_yourls"; 49 webappName = "tools_yourls";
50 root = "/run/current-system/webapps/${webappName}"; 50 root = "/run/current-system/webapps/${webappName}";
51 vhostConf = '' 51 vhostConf = socket: ''
52 Alias /url "${root}" 52 Alias /url "${root}"
53 <Directory "${root}"> 53 <Directory "${root}">
54 <FilesMatch "\.php$"> 54 <FilesMatch "\.php$">
55 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" 55 SetHandler "proxy:unix:${socket}|fcgi://localhost"
56 </FilesMatch> 56 </FilesMatch>
57 57
58 AllowOverride None 58 AllowOverride None
@@ -73,20 +73,17 @@ rec {
73 basedir = builtins.concatStringsSep ":" ( 73 basedir = builtins.concatStringsSep ":" (
74 [ webRoot "/var/secrets/webapps/tools-yourls" ] 74 [ webRoot "/var/secrets/webapps/tools-yourls" ]
75 ++ webRoot.plugins); 75 ++ webRoot.plugins);
76 socket = "/var/run/phpfpm/yourls.sock"; 76 pool = {
77 pool = '' 77 "listen.owner" = apache.user;
78 user = ${apache.user} 78 "listen.group" = apache.group;
79 group = ${apache.group} 79 "pm" = "ondemand";
80 listen.owner = ${apache.user} 80 "pm.max_children" = "60";
81 listen.group = ${apache.group} 81 "pm.process_idle_timeout" = "60";
82 pm = ondemand
83 pm.max_children = 60
84 pm.process_idle_timeout = 60
85 82
86 ; Needed to avoid clashes in browser cookies (same domain) 83 # Needed to avoid clashes in browser cookies (same domain)
87 php_value[session.name] = YourlsPHPSESSID 84 "php_value[session.name]" = "YourlsPHPSESSID";
88 php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" 85 "php_admin_value[open_basedir]" = "${basedir}:/tmp:/var/lib/php/sessions/yourls";
89 php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" 86 "php_admin_value[session.save_path]" = "/var/lib/php/sessions/yourls";
90 ''; 87 };
91 }; 88 };
92} 89}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-12 02:32:57 +0000