{

if ((${'tt-rss'}{'status'} || 'enabled') eq 'enabled'){

    my $alias = ((${'tt-rss'}{'AliasOnPrimary'} || 'enabled') eq 'enabled' ) ? 'Alias /tt-rss /usr/share/tt-rss':'';
    my $allow = ((${'tt-rss'}{'access'} || 'private') eq 'public') ? 'all granted':"ip $localAccess $externalSSLAccess";
    my $auth = ((${'tt-rss'}{'Authentication'} || 'http') eq 'http') ? "AuthName \"Tiny Tiny RSS\"\n" .
                    "    AuthType Basic\n" .
                    "    AuthBasicProvider external\n" .
                    "    AuthExternal pwauth\n" : '';
  my $php =<<'_EOF';
    AddType application/x-httpd-php .php
    <FilesMatch \.php$>
	SetHandler "proxy:unix:/var/run/php-fpm/php74-tt-rss.sock|fcgi://localhost"
    </FilesMatch>
_EOF

    $OUT .=<<"_EOF";

$alias

<Directory /usr/share/tt-rss>
    $php
    SSLRequireSSL on
_EOF

    if ( $auth ) {
	$OUT .= "    $auth\n" .
		"    <RequireAll>\n" .
		"        Require $allow\n" .
                "        Require valid-user\n" .
		"    </RequireAll>\n";
    } else {
	$OUT .= "Require $allow\n";
    }

    $OUT .=<<_EOF;
</Directory>

<Directory /usr/share/tt-rss/schema>
    Require all denied
</Directory>

_EOF
}
else{
    $OUT .= "    # TT-RSS is disabled\n";
}

}
