blob: 055334ebefc8a01c3eab77882934f79388bfb3c9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
{ lib, env, stdenv, fetchedGithub }:
let
rompr = let
in rec {
varDir = "/var/lib/rompr";
activationScript = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions
'';
webRoot = stdenv.mkDerivation (fetchedGithub ./rompr.json // rec {
installPhase = ''
cp -a . $out
ln -sf ../../../../../../${varDir}/prefs $out/prefs
ln -sf ../../../../../../${varDir}/albumart $out/albumart
'';
});
apache = {
user = "wwwrun";
group = "wwwrun";
modules = [ "headers" "mime" "proxy_fcgi" ];
vhostConf = ''
Alias /rompr ${webRoot}
<Directory ${webRoot}>
Options Indexes FollowSymLinks
DirectoryIndex index.php
AllowOverride all
Require all granted
Order allow,deny
Allow from all
ErrorDocument 404 /rompr/404.php
AddType image/x-icon .ico
<FilesMatch "\.php$">
SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
<Directory ${webRoot}/albumart/small>
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
</Directory>
<Directory ${webRoot}/albumart/asdownloaded>
Header Set Cache-Control "max-age=0, no-store"
Header Set Cache-Control "no-cache, must-revalidate"
</Directory>
<LocationMatch "^/rompr">
Use LDAPConnect
Require ldap-group cn=users,cn=mpd,ou=services,dc=immae,dc=eu
Require local
</LocationMatch>
'';
};
phpFpm = rec {
basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
socket = "/var/run/phpfpm/rompr.sock";
pool = ''
listen = ${socket}
user = ${apache.user}
group = ${apache.group}
listen.owner = ${apache.user}
listen.group = ${apache.group}
pm = ondemand
pm.max_children = 60
pm.process_idle_timeout = 60
; Needed to avoid clashes in browser cookies (same domain)
php_value[session.name] = RomprPHPSESSID
php_admin_value[open_basedir] = "${basedir}:/tmp"
php_admin_value[session.save_path] = "${varDir}/phpSessions"
php_flag[magic_quotes_gpc] = Off
php_flag[track_vars] = On
php_flag[register_globals] = Off
php_admin_flag[allow_url_fopen] = On
php_value[include_path] = ${webRoot}
php_admin_value[upload_tmp_dir] = "${varDir}/prefs"
php_admin_value[post_max_size] = 32M
php_admin_value[upload_max_filesize] = 32M
php_admin_value[memory_limit] = 256M
'';
};
};
in
rompr
|