diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-10 13:28:20 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-10 13:28:20 +0200 |
commit | 5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010 (patch) | |
tree | a6c0f605be6de3f372ae69905b331f9f75452da7 /nixos/modules/services/web-servers/lighttpd | |
parent | 6070bc016bd2fd945b04347e25cfd3738622d2ac (diff) | |
download | nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.gz nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.bz2 nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.lz nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.xz nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.zst nixlib-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.zip |
Move all of NixOS to nixos/ in preparation of the repository merge
Diffstat (limited to 'nixos/modules/services/web-servers/lighttpd')
3 files changed, 310 insertions, 0 deletions
diff --git a/nixos/modules/services/web-servers/lighttpd/cgit.nix b/nixos/modules/services/web-servers/lighttpd/cgit.nix new file mode 100644 index 000000000000..62264f1db452 --- /dev/null +++ b/nixos/modules/services/web-servers/lighttpd/cgit.nix @@ -0,0 +1,65 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +let + cfg = config.services.lighttpd.cgit; + configFile = pkgs.writeText "cgitrc" + '' + ${cfg.configText} + ''; +in +{ + + options.services.lighttpd.cgit = { + + enable = mkOption { + default = false; + type = types.uniq types.bool; + description = '' + If true, enable cgit (fast web interface for git repositories) as a + sub-service in lighttpd. cgit will be accessible at + http://yourserver/cgit + ''; + }; + + configText = mkOption { + default = ""; + example = '' + cache-size=1000 + scan-path=/srv/git + ''; + type = types.string; + description = '' + Verbatim contents of the cgit runtime configuration file. Documentation + (with cgitrc example file) is available in "man cgitrc". Or online: + http://git.zx2c4.com/cgit/tree/cgitrc.5.txt + ''; + }; + + }; + + config = mkIf cfg.enable { + + # make the cgitrc manpage available + environment.systemPackages = [ pkgs.cgit ]; + + services.lighttpd.extraConfig = '' + $HTTP["url"] =~ "^/cgit" { + cgi.assign = ( + "cgit.cgi" => "${pkgs.cgit}/cgit/cgit.cgi" + ) + alias.url = ( + "/cgit.css" => "${pkgs.cgit}/cgit/cgit.css", + "/cgit.png" => "${pkgs.cgit}/cgit/cgit.png", + "/cgit" => "${pkgs.cgit}/cgit/cgit.cgi" + ) + setenv.add-environment = ( + "CGIT_CONFIG" => "${configFile}" + ) + } + ''; + + }; + +} diff --git a/nixos/modules/services/web-servers/lighttpd/default.nix b/nixos/modules/services/web-servers/lighttpd/default.nix new file mode 100644 index 000000000000..f9e40fc4b541 --- /dev/null +++ b/nixos/modules/services/web-servers/lighttpd/default.nix @@ -0,0 +1,178 @@ +# NixOS module for lighttpd web server + +{ config, pkgs, ... }: + +with pkgs.lib; + +let + + cfg = config.services.lighttpd; + + needModRedirect = cfg.gitweb.enable; + needModAlias = cfg.cgit.enable or cfg.gitweb.enable; + needModSetenv = cfg.cgit.enable or cfg.gitweb.enable; + needModCgi = cfg.cgit.enable or cfg.gitweb.enable; + needModStatus = cfg.mod_status; + needModUserdir = cfg.mod_userdir; + + configFile = if cfg.configText != "" then + pkgs.writeText "lighttpd.conf" '' + ${cfg.configText} + '' + else + pkgs.writeText "lighttpd.conf" '' + server.document-root = "${cfg.document-root}" + server.port = ${toString cfg.port} + server.username = "lighttpd" + server.groupname = "lighttpd" + + # As for why all modules are loaded here, instead of having small + # server.modules += () entries in each sub-service extraConfig snippet, + # read this: + # + # http://redmine.lighttpd.net/projects/1/wiki/Server_modulesDetails + # http://redmine.lighttpd.net/issues/2337 + # + # Basically, lighttpd doesn't want to load (or even silently ignore) a + # module for a second time, and there is no way to check if a module has + # been loaded already. So if two services were to put the same module in + # server.modules += (), that would break the lighttpd configuration. + server.modules = ( + ${optionalString needModRedirect ''"mod_redirect",''} + ${optionalString needModAlias ''"mod_alias",''} + ${optionalString needModSetenv ''"mod_setenv",''} + ${optionalString needModCgi ''"mod_cgi",''} + ${optionalString needModStatus ''"mod_status",''} + ${optionalString needModUserdir ''"mod_userdir",''} + "mod_accesslog" + ) + + # Logging (logs end up in systemd journal) + accesslog.use-syslog = "enable" + server.errorlog-use-syslog = "enable" + + mimetype.assign = ( + ".html" => "text/html", + ".htm" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" + ) + + static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" ) + index-file.names = ( "index.html" ) + + ${if cfg.mod_userdir then '' + userdir.path = "public_html" + '' else ""} + + ${if cfg.mod_status then '' + status.status-url = "/server-status" + status.statistics-url = "/server-statistics" + status.config-url = "/server-config" + '' else ""} + + ${cfg.extraConfig} + ''; + +in + +{ + + options = { + + services.lighttpd = { + + enable = mkOption { + default = false; + type = types.uniq types.bool; + description = '' + Enable the lighttpd web server. + ''; + }; + + port = mkOption { + default = 80; + type = types.uniq types.int; + description = '' + TCP port number for lighttpd to bind to. + ''; + }; + + document-root = mkOption { + default = "/srv/www"; + type = types.uniq types.string; + description = '' + Document-root of the web server. Must be readable by the "lighttpd" user. + ''; + }; + + mod_userdir = mkOption { + default = false; + type = types.uniq types.bool; + description = '' + If true, requests in the form /~user/page.html are rewritten to take + the file public_html/page.html from the home directory of the user. + ''; + }; + + mod_status = mkOption { + default = false; + type = types.uniq types.bool; + description = '' + Show server status overview at /server-status, statistics at + /server-statistics and list of loaded modules at /server-config. + ''; + }; + + configText = mkOption { + default = ""; + type = types.string; + example = ''...verbatim config file contents...''; + description = '' + Overridable config file contents to use for lighttpd. By default, use + the contents automatically generated by NixOS. + ''; + }; + + extraConfig = mkOption { + default = ""; + type = types.string; + description = '' + These configuration lines will be appended to the generated lighttpd + config file. Note that this mechanism does not work when the manual + <option>configText</option> option is used. + ''; + }; + + }; + + }; + + config = mkIf cfg.enable { + + systemd.services.lighttpd = { + description = "Lighttpd Web Server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + preStart = '' + ${if cfg.cgit.enable then '' + mkdir -p /var/cache/cgit + chown lighttpd:lighttpd /var/cache/cgit + '' else ""} + ''; + serviceConfig.ExecStart = "${pkgs.lighttpd}/sbin/lighttpd -D -f ${configFile}"; + # SIGINT => graceful shutdown + serviceConfig.KillSignal = "SIGINT"; + }; + + users.extraUsers.lighttpd = { + group = "lighttpd"; + description = "lighttpd web server privilege separation user"; + uid = config.ids.uids.lighttpd; + }; + + users.extraGroups.lighttpd.gid = config.ids.gids.lighttpd; + }; +} diff --git a/nixos/modules/services/web-servers/lighttpd/gitweb.nix b/nixos/modules/services/web-servers/lighttpd/gitweb.nix new file mode 100644 index 000000000000..d759d8144b64 --- /dev/null +++ b/nixos/modules/services/web-servers/lighttpd/gitweb.nix @@ -0,0 +1,67 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +let + cfg = config.services.lighttpd.gitweb; + gitwebConfigFile = pkgs.writeText "gitweb.conf" '' + # path to git projects (<project>.git) + $projectroot = "${cfg.projectroot}"; + ${cfg.extraConfig} + ''; + +in +{ + + options.services.lighttpd.gitweb = { + + enable = mkOption { + default = false; + type = types.uniq types.bool; + description = '' + If true, enable gitweb in lighttpd. Access it at http://yourserver/gitweb + ''; + }; + + projectroot = mkOption { + default = "/srv/git"; + type = types.uniq types.string; + description = '' + Path to git projects (bare repositories) that should be served by + gitweb. Must not end with a slash. + ''; + }; + + extraConfig = mkOption { + default = ""; + type = types.uniq types.string; + description = '' + Verbatim configuration text appended to the generated gitweb.conf file. + ''; + }; + + }; + + config = mkIf cfg.enable { + + services.lighttpd.extraConfig = '' + $HTTP["url"] =~ "^/gitweb" { + cgi.assign = ( + ".cgi" => "${pkgs.perl}/bin/perl" + ) + url.redirect = ( + "^/gitweb$" => "/gitweb/" + ) + alias.url = ( + "/gitweb/static/" => "${pkgs.git}/share/gitweb/static/", + "/gitweb/" => "${pkgs.git}/share/gitweb/gitweb.cgi" + ) + setenv.add-environment = ( + "GITWEB_CONFIG" => "${gitwebConfigFile}" + ) + } + ''; + + }; + +} |