blob: 339948fb9691368bf7449b80928f86dfdc23ba27 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
{ lib, pkgs, config, ... }:
let
cfg = config.myServices.websites.tools.db;
in {
options.myServices.websites.tools.db = {
enable = lib.mkEnableOption "enable database's website";
};
config = lib.mkIf cfg.enable {
services.websites.env.tools.modules = [ "proxy_fcgi" ];
security.acme.certs.eldiron.extraDomainNames = [ "db-1.immae.eu" ];
services.websites.env.tools.vhostConfs.db-1 = {
certName = "eldiron";
hosts = ["db-1.immae.eu" ];
root = null;
extraConfig = [ ''
Alias /adminer ${pkgs.webapps-adminer}
<Directory ${pkgs.webapps-adminer}>
DirectoryIndex index.php
<FilesMatch "\.php$">
SetHandler "proxy:unix:${config.services.phpfpm.pools.adminer.socket}|fcgi://localhost"
</FilesMatch>
Use LDAPConnect
Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
</Directory>
''
];
};
};
}
|