diff options
Diffstat (limited to 'pkgs/servers/http/nginx/generic.nix')
| -rw-r--r-- | pkgs/servers/http/nginx/generic.nix | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix new file mode 100644 index 000000000000..6817f18bd1db --- /dev/null +++ b/pkgs/servers/http/nginx/generic.nix @@ -0,0 +1,72 @@ +{ stdenv, fetchurl, fetchFromGitHub, openssl, zlib, pcre, libxml2, libxslt, expat +, gd, geoip +, withStream ? false +, modules ? [] +, hardening ? true +, version, sha256, ... +}: + +with stdenv.lib; + +stdenv.mkDerivation { + name = "nginx-${version}"; + + src = fetchurl { + url = "http://nginx.org/download/nginx-${version}.tar.gz"; + inherit sha256; + }; + + + buildInputs = + [ openssl zlib pcre libxml2 libxslt gd geoip ] + ++ concatMap (mod: mod.inputs or []) modules; + + configureFlags = [ + "--with-http_ssl_module" + "--with-http_v2_module" + "--with-http_realip_module" + "--with-http_addition_module" + "--with-http_xslt_module" + "--with-http_image_filter_module" + "--with-http_geoip_module" + "--with-http_sub_module" + "--with-http_dav_module" + "--with-http_flv_module" + "--with-http_mp4_module" + "--with-http_gunzip_module" + "--with-http_gzip_static_module" + "--with-http_auth_request_module" + "--with-http_random_index_module" + "--with-http_secure_link_module" + "--with-http_degradation_module" + "--with-http_stub_status_module" + "--with-ipv6" + # Install destination problems + # "--with-http_perl_module" + ] ++ optional withStream "--with-stream" + ++ optional (elem stdenv.system (with platforms; linux ++ freebsd)) "--with-file-aio" + ++ map (mod: "--add-module=${mod.src}") modules; + + NIX_CFLAGS_COMPILE = [ "-I${libxml2.dev}/include/libxml2" ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations"; + + preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules) + + optionalString (hardening && (stdenv.cc.cc.isGNU or false)) '' + configureFlagsArray=( + --with-cc-opt="-fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2" + --with-ld-opt="-pie -Wl,-z,relro,-z,now" + ) + '' + ; + + postInstall = '' + mv $out/sbin $out/bin + ''; + + meta = { + description = "A reverse proxy and lightweight webserver"; + homepage = http://nginx.org; + license = licenses.bsd2; + platforms = platforms.all; + maintainers = with maintainers; [ thoughtpolice raskin ]; + }; +} |