diff options
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 9 | ||||
-rw-r--r-- | nixos/modules/services/web-servers/nginx/gitweb.nix | 29 |
2 files changed, 17 insertions, 21 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index dee877f1c114..938a8a1fe334 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -9,15 +9,16 @@ let serverName = if vhostConfig.serverName != null then vhostConfig.serverName else vhostName; + acmeDirectory = config.security.acme.directory; in vhostConfig // { inherit serverName; } // (optionalAttrs vhostConfig.enableACME { - sslCertificate = "/var/lib/acme/${serverName}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${serverName}/key.pem"; + sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem"; }) // (optionalAttrs (vhostConfig.useACMEHost != null) { - sslCertificate = "/var/lib/acme/${vhostConfig.useACMEHost}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${vhostConfig.useACMEHost}/key.pem"; + sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem"; }) ) cfg.virtualHosts; enableIPv6 = config.networking.enableIPv6; diff --git a/nixos/modules/services/web-servers/nginx/gitweb.nix b/nixos/modules/services/web-servers/nginx/gitweb.nix index 344c1f7b8aa4..3dc3ebc7e4c2 100644 --- a/nixos/modules/services/web-servers/nginx/gitweb.nix +++ b/nixos/modules/services/web-servers/nginx/gitweb.nix @@ -22,36 +22,31 @@ in config = mkIf config.services.nginx.gitweb.enable { - systemd.sockets.gitweb = { - description = "GitWeb Listen Socket"; - listenStreams = [ "/run/gitweb.sock" ]; - socketConfig = { - Accept = "false"; - SocketUser = "nginx"; - SocketGroup = "nginx"; - SocketMode = "0600"; - }; - wantedBy = [ "sockets.target" ]; - }; systemd.services.gitweb = { description = "GitWeb service"; - script = "${git}/share/gitweb/gitweb.cgi --fcgi"; + script = "${pkgs.git}/share/gitweb/gitweb.cgi --fastcgi --nproc=1"; + environment = { + FCGI_SOCKET_PATH = "/run/gitweb/gitweb.sock"; + }; serviceConfig = { - Type = "simple"; - StandardInput = "socket"; User = "nginx"; Group = "nginx"; + RuntimeDirectory = [ "gitweb" ]; }; + wantedBy = [ "multi-user.target" ]; }; services.nginx = { virtualHosts.default = { - locations."/gitweb" = { - root = "${pkgs.git}/share/gitweb"; + locations."/gitweb/" = { + root = "${pkgs.git}/share"; + tryFiles = "$uri @gitweb"; + }; + locations."@gitweb" = { extraConfig = '' include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param GITWEB_CONFIG ${cfg.gitwebConfigFile}; - fastcgi_pass unix:/run/gitweb.sock; + fastcgi_pass unix:/run/gitweb/gitweb.sock; ''; }; }; |