about summary refs log tree commit diff
path: root/pkgs/servers/http/nginx/generic.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/servers/http/nginx/generic.nix')
-rw-r--r--pkgs/servers/http/nginx/generic.nix11
1 files changed, 3 insertions, 8 deletions
diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix
index 6817f18bd1db..b1d70907e28c 100644
--- a/pkgs/servers/http/nginx/generic.nix
+++ b/pkgs/servers/http/nginx/generic.nix
@@ -49,14 +49,9 @@ stdenv.mkDerivation {
 
   NIX_CFLAGS_COMPILE = [ "-I${libxml2.dev}/include/libxml2" ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations";
 
-  preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules)
-    + optionalString (hardening && (stdenv.cc.cc.isGNU or false)) ''
-      configureFlagsArray=(
-        --with-cc-opt="-fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2"
-        --with-ld-opt="-pie -Wl,-z,relro,-z,now"
-      )
-    ''
-    ;
+  preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules);
+
+  hardeningEnable = [ "pie" ];
 
   postInstall = ''
     mv $out/sbin $out/bin
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-01 09:00:57 +0000