diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-servers')
3 files changed, 24 insertions, 7 deletions
diff --git a/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix index bb9623347869..3fd19d425c74 100644 --- a/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -376,6 +376,8 @@ let Include ${httpd}/conf/extra/httpd-multilang-errordoc.conf Include ${httpd}/conf/extra/httpd-languages.conf + TraceEnable off + ${if enableSSL then sslConf else ""} # Fascist default - deny access to everything. @@ -495,8 +497,8 @@ in default = false; description = '' If enabled, each virtual host gets its own - <filename>access_log</filename> and - <filename>error_log</filename>, namely suffixed by the + <filename>access.log</filename> and + <filename>error.log</filename>, namely suffixed by the <option>hostName</option> of the virtual host. ''; }; @@ -639,8 +641,8 @@ in sslProtocols = mkOption { type = types.str; - default = "All -SSLv2 -SSLv3"; - example = "All -SSLv2 -SSLv3 -TLSv1"; + default = "All -SSLv2 -SSLv3 -TLSv1"; + example = "All -SSLv2 -SSLv3"; description = "Allowed SSL/TLS protocol versions."; }; } @@ -684,6 +686,9 @@ in '' ; Needed for PHP's mail() function. sendmail_path = sendmail -t -i + + ; Don't advertise PHP + expose_php = off '' + optionalString (!isNull config.time.timeZone) '' ; Apparently PHP doesn't use $TZ. diff --git a/nixpkgs/nixos/modules/services/web-servers/phpfpm/default.nix b/nixpkgs/nixos/modules/services/web-servers/phpfpm/default.nix index 152c89a2caec..97c730061bd1 100644 --- a/nixpkgs/nixos/modules/services/web-servers/phpfpm/default.nix +++ b/nixpkgs/nixos/modules/services/web-servers/phpfpm/default.nix @@ -14,11 +14,13 @@ let mapPoolConfig = n: p: { phpPackage = cfg.phpPackage; + phpOptions = cfg.phpOptions; config = p; }; mapPool = n: p: { phpPackage = p.phpPackage; + phpOptions = p.phpOptions; config = '' listen = ${p.listen} ${p.extraConfig} @@ -35,8 +37,8 @@ let ${conf} ''; - phpIni = pkgs.runCommand "php.ini" { - inherit (cfg) phpPackage phpOptions; + phpIni = pool: pkgs.runCommand "php.ini" { + inherit (pool) phpPackage phpOptions; nixDefaults = '' sendmail_path = "/run/wrappers/bin/sendmail -t -i" ''; @@ -156,6 +158,7 @@ in { ''; serviceConfig = let cfgFile = fpmCfgFile pool poolConfig.config; + iniFile = phpIni poolConfig; in { Slice = "phpfpm.slice"; PrivateDevices = true; @@ -164,7 +167,7 @@ in { # XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK"; Type = "notify"; - ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni}"; + ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}"; ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID"; }; } diff --git a/nixpkgs/nixos/modules/services/web-servers/phpfpm/pool-options.nix b/nixpkgs/nixos/modules/services/web-servers/phpfpm/pool-options.nix index 40c83cddb957..d9ad7eff71f2 100644 --- a/nixpkgs/nixos/modules/services/web-servers/phpfpm/pool-options.nix +++ b/nixpkgs/nixos/modules/services/web-servers/phpfpm/pool-options.nix @@ -25,6 +25,15 @@ with lib; { ''; }; + phpOptions = mkOption { + type = types.lines; + default = fpmCfg.phpOptions; + defaultText = "config.services.phpfpm.phpOptions"; + description = '' + "Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool." + ''; + }; + extraConfig = mkOption { type = types.lines; example = '' |