diff options
author | Parnell Springmeyer <ixmatus@users.noreply.github.com> | 2017-11-16 12:21:02 -0600 |
---|---|---|
committer | Jörg Thalheim <Mic92@users.noreply.github.com> | 2017-11-16 18:21:02 +0000 |
commit | cb11bf73a511819ee36c4bddb97573aacda0b161 (patch) | |
tree | f4256571834c529fb6fa204f3163a7b965302574 /nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix | |
parent | 8bd10a17c6c811b423126af1d3dc37aa82a7c131 (diff) | |
download | nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar.gz nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar.bz2 nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar.lz nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar.xz nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.tar.zst nixlib-cb11bf73a511819ee36c4bddb97573aacda0b161.zip |
nixos/nghttpx: add module for the nghttpx proxy server (#31680)
* nghttpx: Add a new NixOS module for the nghttpx proxy server This change also adds a global `uid` and `gid` for a `nghttpx` user and group as well as an integration test. * nixos/nghttpx: fix building manual
Diffstat (limited to 'nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix')
-rw-r--r-- | nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix b/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix new file mode 100644 index 000000000000..33c8572bd14f --- /dev/null +++ b/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix @@ -0,0 +1,64 @@ +{ lib, ...}: +{ options = { + tls = lib.mkOption { + type = lib.types.enum [ "tls" "no-tls" ]; + default = "tls"; + description = '' + Enable or disable TLS. If true (enabled) the key and + certificate must be configured for nghttpx. + + Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f + for more detail. + ''; + }; + + sni-fwd = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + When performing a match to select a backend server, SNI host + name received from the client is used instead of the request + host. See --backend option about the pattern match. + + Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f + for more detail. + ''; + }; + + api = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Enable API access for this frontend. This enables you to + dynamically modify nghttpx at run-time therefore this feature + is disabled by default and should be turned on with care. + + Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f + for more detail. + ''; + }; + + healthmon = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Make this frontend a health monitor endpoint. Any request + received on this frontend is responded to with a 200 OK. + + Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f + for more detail. + ''; + }; + + proxyproto = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Accept PROXY protocol version 1 on frontend connection. + + Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f + for more detail. + ''; + }; + }; +} |