1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
{ adminer, php73, forcePhpSocket ? null }:
rec {
activationScript = {
deps = [ "httpd" ];
text = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer
install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/tmp/adminer
'';
};
webRoot = adminer;
phpFpm = rec {
user = apache.user;
group = apache.group;
phpPackage = (php73.override {
config.php.mysqlnd = true;
config.php.mysqli = false;
config.php.pdo-mysql = false;
}).overrideAttrs(old: rec {
configureFlags = old.configureFlags ++ [
"--with-mysqli=shared,mysqlnd"
];
});
phpOptions = ''
extension=${phpPackage}/lib/php/extensions/mysqli.so
'';
settings = {
"listen.owner" = apache.user;
"listen.group" = apache.group;
"pm" = "ondemand";
"pm.max_children" = "5";
"pm.process_idle_timeout" = "60";
#"php_admin_flag[log_errors]" = "on";
# Needed to avoid clashes in browser cookies (same domain)
"php_value[session.name]" = "AdminerPHPSESSID";
"php_admin_value[open_basedir]" = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer";
"php_admin_value[session.save_path]" = "/var/lib/php/sessions/adminer";
"php_admin_value[upload_tmp_dir]" = "/var/lib/php/tmp/adminer";
};
};
apache = rec {
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "_adminer";
root = "/run/current-system/webapps/${webappName}";
vhostConf = socket: ''
Alias /adminer ${root}
<Directory ${root}>
DirectoryIndex index.php
<FilesMatch "\.php$">
SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
</FilesMatch>
Use LDAPConnect
Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
</Directory>
'';
};
}
|