about summary refs log tree commit diff
path: root/nixos/modules/services/web-servers/nginx/default.nix
diff options
context:
space:
mode:
authorCurtis Jiang <jqqqqqqqqqq@gmail.com>2022-10-29 16:48:36 -0400
committerCurtis Jiang <jqqqqqqqqqq@gmail.com>2022-11-15 02:00:03 +0000
commit81cd6b06f96c4343ad0932f117acd89237cea477 (patch)
treecd5f9c0aedf7ee2e359921aa10893f0e15cae70e /nixos/modules/services/web-servers/nginx/default.nix
parent83733b5537f348d5b0d86271a08a2662d965b220 (diff)
downloadnixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar.gz
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar.bz2
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar.lz
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar.xz
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.tar.zst
nixlib-81cd6b06f96c4343ad0932f117acd89237cea477.zip
nixos/nginx: add default listen port options
Diffstat (limited to 'nixos/modules/services/web-servers/nginx/default.nix')
-rw-r--r--nixos/modules/services/web-servers/nginx/default.nix26


1 files changed, 22 insertions, 4 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
index 9cbac370612f..850df015b4b3 100644
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@@ -198,8 +198,8 @@ let
 
       ${optionalString cfg.statusPage ''
         server {
-          listen 80;
-          ${optionalString enableIPv6 "listen [::]:80;" }
+          listen ${cfg.defaultHTTPListenPort};
+          ${optionalString enableIPv6 "listen [::]:${cfg.defaultHTTPListenPort};" }
 
           server_name localhost;
 
@@ -246,8 +246,8 @@ let
           if vhost.listen != [] then vhost.listen
           else
             let addrs = if vhost.listenAddresses != [] then vhost.listenAddresses else cfg.defaultListenAddresses;
-            in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = 443; ssl = true; }) addrs)
-              ++ optionals (!onlySSL) (map (addr: { inherit addr; port = 80; ssl = false; }) addrs);
+            in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = cfg.defaultSSLListenPort; ssl = true; }) addrs)
+              ++ optionals (!onlySSL) (map (addr: { inherit addr; port = cfg.defaultHTTPListenPort; ssl = false; }) addrs);
 
         hostListen =
           if vhost.forceSSL
@@ -449,6 +449,24 @@ in
         '';
       };
 
+      defaultHTTPListenPort = mkOption {
+        type = types.port;
+        default = 80;
+        example = 8080;
+        description = lib.mdDoc ''
+          If vhosts do not specify listen.port, use these ports for HTTP by default.
+        '';
+      };
+
+      defaultSSLListenPort = mkOption {
+        type = types.port;
+        default = 443;
+        example = 8443;
+        description = lib.mdDoc ''
+          If vhosts do not specify listen.port, use these ports for SSL by default.
+        '';
+      };
+
       package = mkOption {
         default = pkgs.nginxStable;
         defaultText = literalExpression "pkgs.nginxStable";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-04 18:57:31 +0000