{ adminer, php74, myPhpPackages, lib, forcePhpSocket ? null }:
rec {
  activationScript = {
    deps = [ "httpd" ];
    text = ''
      install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer
      '';
  };
  webRoot = adminer;
  phpFpm = rec {
    user = apache.user;
    group = apache.group;
    phpPackage = php74.withExtensions ({ enabled, all }: (lib.remove all.mysqli enabled) ++ [myPhpPackages.mysqli_pam]);
    settings = {
      "listen.owner" = apache.user;
      "listen.group" = apache.group;
      "pm" = "ondemand";
      "pm.max_children" = "5";
      "pm.process_idle_timeout" = "60";
      #"php_admin_flag[log_errors]" = "on";
      # Needed to avoid clashes in browser cookies (same domain)
      "php_value[session.name]" = "AdminerPHPSESSID";
      "php_admin_value[open_basedir]" = "${webRoot}:/tmp:/var/lib/php/sessions/adminer";
      "php_admin_value[session.save_path]" = "/var/lib/php/sessions/adminer";
    };
  };
  apache = rec {
    user = "wwwrun";
    group = "wwwrun";
    modules = [ "proxy_fcgi" ];
    webappName = "_adminer";
    root = "/run/current-system/webapps/${webappName}";
    vhostConf = socket: ''
      Alias /adminer ${root}
      <Directory ${root}>
        DirectoryIndex index.php
        <FilesMatch "\.php$">
          SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
        </FilesMatch>

        Use LDAPConnect
        Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
        Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
      </Directory>
      '';
  };
}