diff options
| author | Danylo Hlynskyi <abcz2.uprola@gmail.com> | 2019-08-21 16:52:46 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-21 16:52:46 +0300 |
| commit | 855be673584bbe10a3a2aa81ad31ab3ba42b3a7f (patch) | |
| tree | 666164b38a83f1d002771ad746736dbc00e84f04 /nixos/modules | |
| parent | 9f237fe44493d99506cacb07529b056e03e0102f (diff) | |
| download | nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar.gz nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar.bz2 nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar.lz nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar.xz nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.tar.zst nixlib-855be673584bbe10a3a2aa81ad31ab3ba42b3a7f.zip | |
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads Fixes: https://github.com/NixOS/nixpkgs/issues/15906 Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476 This add 2 new features: ability to review generated Nginx config (and NixOS has sophisticated generation!) and reloading of nginx on config changes. This preserves nginx restart on package updates. I've modified nginx test to use this new feature and check reload/restart behavior. * rename to enableReload * add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 2b7fcb314041..c1a51fbf8b42 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -162,6 +162,10 @@ let ${cfg.appendConfig} ''; + configPath = if cfg.enableReload + then "/etc/nginx/nginx.conf" + else configFile; + vhosts = concatStringsSep "\n" (mapAttrsToList (vhostName: vhost: let onlySSL = vhost.onlySSL || vhost.enableSSL; @@ -431,6 +435,16 @@ in "; }; + enableReload = mkOption { + default = false; + type = types.bool; + description = '' + Reload nginx when configuration file changes (instead of restart). + The configuration file is exposed at <filename>/etc/nginx/nginx.conf</filename>. + See also <literal>systemd.services.*.restartIfChanged</literal>. + ''; + }; + stateDir = mkOption { default = "/var/spool/nginx"; description = " @@ -638,10 +652,10 @@ in preStart = '' ${cfg.preStart} - ${cfg.package}/bin/nginx -c ${configFile} -p ${cfg.stateDir} -t + ${cfg.package}/bin/nginx -c ${configPath} -p ${cfg.stateDir} -t ''; serviceConfig = { - ExecStart = "${cfg.package}/bin/nginx -c ${configFile} -p ${cfg.stateDir}"; + ExecStart = "${cfg.package}/bin/nginx -c ${configPath} -p ${cfg.stateDir}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Restart = "always"; RestartSec = "10s"; @@ -649,6 +663,21 @@ in }; }; + environment.etc."nginx/nginx.conf" = mkIf cfg.enableReload { + source = configFile; + }; + + systemd.services.nginx-config-reload = mkIf cfg.enableReload { + wantedBy = [ "nginx.service" ]; + restartTriggers = [ configFile ]; + script = '' + if ${pkgs.systemd}/bin/systemctl -q is-active nginx.service ; then + ${pkgs.systemd}/bin/systemctl reload nginx.service + fi + ''; + serviceConfig.RemainAfterExit = true; + }; + security.acme.certs = filterAttrs (n: v: v != {}) ( let vhostsConfigs = mapAttrsToList (vhostName: vhostConfig: vhostConfig) virtualHosts; |