about summary refs log tree commit diff
path: root/nixpkgs/pkgs/servers/http/nginx/generic.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/servers/http/nginx/generic.nix')
-rw-r--r--nixpkgs/pkgs/servers/http/nginx/generic.nix153
1 files changed, 153 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/http/nginx/generic.nix b/nixpkgs/pkgs/servers/http/nginx/generic.nix
new file mode 100644
index 000000000000..80bc1458ad7a
--- /dev/null
+++ b/nixpkgs/pkgs/servers/http/nginx/generic.nix
@@ -0,0 +1,153 @@
+{ stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt
+, nixosTests
+, substituteAll, gd, geoip, perl
+, withDebug ? false
+, withStream ? true
+, withMail ? false
+, modules ? []
+, ...
+}:
+
+{ pname ? "nginx"
+, version
+, nginxVersion ? version
+, src ? null # defaults to upstream nginx ${version}
+, sha256 ? null # when not specifying src
+, configureFlags ? []
+, buildInputs ? []
+, fixPatch ? p: p
+, preConfigure ? ""
+, postInstall ? null
+, meta ? null
+}:
+
+with stdenv.lib;
+
+let
+
+  mapModules = attrPath: flip concatMap modules
+    (mod:
+      let supports = mod.supports or (_: true);
+      in
+        if supports nginxVersion then mod.${attrPath} or []
+        else throw "Module at ${toString mod.src} does not support nginx version ${nginxVersion}!");
+
+in
+
+stdenv.mkDerivation {
+  inherit pname;
+  inherit version;
+  inherit nginxVersion;
+
+  src = if src != null then src else fetchurl {
+    url = "https://nginx.org/download/nginx-${version}.tar.gz";
+    inherit sha256;
+  };
+
+  buildInputs = [ openssl zlib pcre libxml2 libxslt gd geoip perl ]
+    ++ buildInputs
+    ++ mapModules "inputs";
+
+  configureFlags = [
+    "--with-http_ssl_module"
+    "--with-http_v2_module"
+    "--with-http_realip_module"
+    "--with-http_addition_module"
+    "--with-http_xslt_module"
+    "--with-http_geoip_module"
+    "--with-http_sub_module"
+    "--with-http_dav_module"
+    "--with-http_flv_module"
+    "--with-http_mp4_module"
+    "--with-http_gunzip_module"
+    "--with-http_gzip_static_module"
+    "--with-http_auth_request_module"
+    "--with-http_random_index_module"
+    "--with-http_secure_link_module"
+    "--with-http_degradation_module"
+    "--with-http_stub_status_module"
+    "--with-threads"
+    "--with-pcre-jit"
+    "--http-log-path=/var/log/nginx/access.log"
+    "--error-log-path=/var/log/nginx/error.log"
+    "--pid-path=/var/log/nginx/nginx.pid"
+    "--http-client-body-temp-path=/var/cache/nginx/client_body"
+    "--http-proxy-temp-path=/var/cache/nginx/proxy"
+    "--http-fastcgi-temp-path=/var/cache/nginx/fastcgi"
+    "--http-uwsgi-temp-path=/var/cache/nginx/uwsgi"
+    "--http-scgi-temp-path=/var/cache/nginx/scgi"
+  ] ++ optionals withDebug [
+    "--with-debug"
+  ] ++ optionals withStream [
+    "--with-stream"
+    "--with-stream_geoip_module"
+    "--with-stream_realip_module"
+    "--with-stream_ssl_module"
+    "--with-stream_ssl_preread_module"
+  ] ++ optionals withMail [
+    "--with-mail"
+    "--with-mail_ssl_module"
+  ] ++ optional (perl != null) [
+    "--with-http_perl_module"
+    "--with-perl=${perl}/bin/perl"
+    "--with-perl_modules_path=lib/perl5"
+  ]
+    ++ optional (gd != null) "--with-http_image_filter_module"
+    ++ optional (with stdenv.hostPlatform; isLinux || isFreeBSD) "--with-file-aio"
+    ++ configureFlags
+    ++ map (mod: "--add-module=${mod.src}") modules;
+
+  NIX_CFLAGS_COMPILE = toString ([
+    "-I${libxml2.dev}/include/libxml2"
+    "-Wno-error=implicit-fallthrough"
+  ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations");
+
+  configurePlatforms = [];
+
+  preConfigure = preConfigure
+    + concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules;
+
+  patches = map fixPatch ([
+    (substituteAll {
+      src = ./nix-etag-1.15.4.patch;
+      preInstall = ''
+        export nixStoreDir="$NIX_STORE" nixStoreDirLen="''${#NIX_STORE}"
+      '';
+    })
+    ./nix-skip-check-logs-path.patch
+  ] ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+    (fetchpatch {
+      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/102-sizeof_test_fix.patch";
+      sha256 = "0i2k30ac8d7inj9l6bl0684kjglam2f68z8lf3xggcc2i5wzhh8a";
+    })
+    (fetchpatch {
+      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/101-feature_test_fix.patch";
+      sha256 = "0v6890a85aqmw60pgj3mm7g8nkaphgq65dj4v9c6h58wdsrc6f0y";
+    })
+    (fetchpatch {
+      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/103-sys_nerr.patch";
+      sha256 = "0s497x6mkz947aw29wdy073k8dyjq8j99lax1a1mzpikzr4rxlmd";
+    })
+  ] ++ mapModules "patches");
+
+  hardeningEnable = optional (!stdenv.isDarwin) "pie";
+
+  enableParallelBuilding = true;
+
+  postInstall = if postInstall != null then postInstall else ''
+    mv $out/sbin $out/bin
+  '';
+
+  passthru = {
+    modules = modules;
+    tests.nginx = nixosTests.nginx;
+  };
+
+  meta = if meta != null then meta else {
+    description = "A reverse proxy and lightweight webserver";
+    homepage    = "http://nginx.org";
+    license     = licenses.bsd2;
+    platforms   = platforms.all;
+    maintainers = with maintainers; [ thoughtpolice raskin fpletz globin ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-23 11:01:13 +0000