1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
{ lib, env, writeText, stdenv, fetchedGithub }:
let
yourls = let
plugins = {
ldap = stdenv.mkDerivation (fetchedGithub ./yourls-ldap-plugin.json // rec {
installPhase = ''
mkdir -p $out
cp plugin.php $out/
'';
});
};
in rec {
activationScript = ''
install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls
'';
config = writeText "config.php" ''
<?php
define( 'YOURLS_DB_USER', '${env.mysql.user}' );
define( 'YOURLS_DB_PASS', '${env.mysql.password}' );
define( 'YOURLS_DB_NAME', '${env.mysql.database}' );
define( 'YOURLS_DB_HOST', '${env.mysql.host}' );
define( 'YOURLS_DB_PREFIX', 'yourls_' );
define( 'YOURLS_SITE', 'https://tools.immae.eu/url' );
define( 'YOURLS_HOURS_OFFSET', 0 );
define( 'YOURLS_LANG', ''' );
define( 'YOURLS_UNIQUE_URLS', true );
define( 'YOURLS_PRIVATE', true );
define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' );
$yourls_user_passwords = array();
define( 'YOURLS_DEBUG', false );
define( 'YOURLS_URL_CONVERT', 36 );
$yourls_reserved_URL = array();
define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' );
define( 'LDAPAUTH_PORT', '636' );
define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' );
define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' );
define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' );
define( 'LDAPAUTH_GROUP_ATTR', 'memberof' );
define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu');
define( 'LDAPAUTH_USERCACHE_TYPE', 0);
'';
webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec {
installPhase = ''
mkdir -p $out
cp -a */ *.php $out/
cp sample-robots.txt $out/robots.txt
ln -sf ${config} $out/includes/config.php
${builtins.concatStringsSep "\n" (
lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins
)}
'';
});
apache = {
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
vhostConf = ''
Alias /url "${webRoot}"
<Directory "${webRoot}">
<FilesMatch "\.php$">
SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
</FilesMatch>
AllowOverride None
Require all granted
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /url/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ /url/yourls-loader.php [L]
</IfModule>
DirectoryIndex index.php
</Directory>
'';
};
phpFpm = rec {
basedir = builtins.concatStringsSep ":" (
[ webRoot config ]
++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
socket = "/var/run/phpfpm/yourls.sock";
pool = ''
listen = ${socket}
user = ${apache.user}
group = ${apache.group}
listen.owner = ${apache.user}
listen.group = ${apache.group}
pm = ondemand
pm.max_children = 60
pm.process_idle_timeout = 60
; Needed to avoid clashes in browser cookies (same domain)
php_value[session.name] = YourlsPHPSESSID
php_admin_value[open_basedir] = "${basedir}:/tmp"
php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls"
'';
};
};
in
yourls
|
