{ env, yourls, yourls-plugins, config }: rec { keys."webapps/tools-yourls" = { user = apache.user; group = apache.group; permissions = "0400"; text = '' SetHandler "proxy:unix:${socket}|fcgi://localhost" AllowOverride None Require all granted RewriteEngine On RewriteBase /url/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^.*$ /url/yourls-loader.php [L] DirectoryIndex index.php ''; }; phpFpm = rec { serviceDeps = [ "mysql.service" "openldap.service" ]; basedir = builtins.concatStringsSep ":" ( [ webRoot config.secrets.fullPaths."webapps/tools-yourls" ] ++ webRoot.plugins); pool = { "listen.owner" = apache.user; "listen.group" = apache.group; "pm" = "ondemand"; "pm.max_children" = "60"; "pm.process_idle_timeout" = "60"; # Needed to avoid clashes in browser cookies (same domain) "php_value[session.name]" = "YourlsPHPSESSID"; "php_admin_value[session.save_handler]" = "redis"; "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Yourls:'"; "php_admin_value[open_basedir]" = "${basedir}:/tmp"; }; }; monitoringPlugins = [ "http" ]; monitoringObjects.service = [ { service_description = "yourl website is running on tools.immae.eu"; host_name = config.hostEnv.fqdn; use = "external-web-service"; check_command = ["check_https" "tools.immae.eu" "/url/admin/" "