{ lib, env, rompr }:
rec {
backups = {
rootDir = varDir;
};
varDir = "/var/lib/rompr";
activationScript = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions
'';
webRoot = rompr;
apache = rec {
user = "wwwrun";
group = "wwwrun";
modules = [ "headers" "mime" "proxy_fcgi" ];
root = webRoot;
vhostConf = socket: ''
Alias /rompr ${root}
Options Indexes FollowSymLinks
DirectoryIndex index.php
AllowOverride all
Require all granted
Order allow,deny
Allow from all
ErrorDocument 404 /rompr/404.php
AddType image/x-icon .ico
SetHandler "proxy:unix:${socket}|fcgi://localhost"
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
Use LDAPConnect
Require ldap-group cn=users,cn=mpd,ou=services,dc=immae,dc=eu
'';
};
phpFpm = rec {
basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
pool = {
"listen.owner" = apache.user;
"listen.group" = apache.group;
"pm" = "ondemand";
"pm.max_children" = "60";
"pm.process_idle_timeout" = "60";
# Needed to avoid clashes in browser cookies (same domain)
"php_value[session.name]" = "RomprPHPSESSID";
"php_admin_value[open_basedir]" = "${basedir}:/tmp";
"php_admin_value[session.save_path]" = "${varDir}/phpSessions";
"php_flag[magic_quotes_gpc]" = "Off";
"php_flag[track_vars]" = "On";
"php_flag[register_globals]" = "Off";
"php_admin_flag[allow_url_fopen]" = "On";
"php_value[include_path]" = "${webRoot}";
"php_admin_value[upload_tmp_dir]" = "${varDir}/prefs";
"php_admin_value[post_max_size]" = "32M";
"php_admin_value[upload_max_filesize]" = "32M";
"php_admin_value[memory_limit]" = "256M";
};
};
}