| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
php.buildEnv: Make the exported php package overridable, improve handling of currently enabled extensions, etc
|
| | | |
|
| | | |
|
| |\ \
| |/
|/| |
nixos/httpd: modernize module standards
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| | |
This was introduced in https://github.com/NixOS/nixpkgs/commit/c801cd1a047efa51055fd04698e316ddd503fd1b
but it no longer seems necessary.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
After the recent rewrite, enabled extensions are passed to php programs
through an extra ini file by a wrapper. Since httpd uses shared module
instead of program, the wrapper did not affect it and no extensions
other than built-ins were loaded.
To fix this, we are passing the extension config another way – by adding it
to the service's generated config.
For now we are hardcoding the path to the ini file. It would be nice to add
the path to the passthru and use that once the PHP expression settles down.
|
| | | |
|
| |/
|
|
| |
Add missing type information to manually specified enable options or replace them by mkEnableOption where appropriate.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This commit:
1. Updates the path of the traefik package, so that the out output is
used.
2. Adapts the configuration settings and options to Traefik v2.
3. Formats the NixOS traefik service using nixfmt.
|
| | |
|
| |\
| |
| | |
nixos/phpfpm: add example to socket
|
| | | |
|
| | |
| |
| |
| | |
Fixes a typo introduced in https://github.com/NixOS/nixpkgs/pull/83611
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
After upgrading to NixOS 20.03, I've got the following warning:
nginx: [warn] could not build optimal types_hash, you should increase either types_hash_max_size: 2048 or types_hash_bucket_size: 64; ignoring types_hash_bucket_size
The documentation states that "if nginx emits the message requesting
to increase either hash max size or hash bucket size then the first
parameter should first be increased" (aka types_hash_max_size).
In 19.03, the size of mime.types was around 100 entries. In 20.03, we
are around 900 entries. This is due to ff0148d868bd which makes nginx
use mailcap mime.types.
|
| |/
|
|
|
|
|
|
| |
In ff0148d868bd, nginx configuration was modified to use mime.types
from mailcap package as it is more complete. However, there are two
places where mime.types is included in configuration. When the user
was setting `cfg.httpConfig`, the mime.types from nginx was still
used. This commit fix that by moving the common snippet in a variable
of its own and ensure it is used at both places.
|
| |\
| |
| | |
nixos/nginx: use Mozilla Intermediate TLS configuration
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The configuration at https://ssl-config.mozilla.org/#server=nginx&config=intermediate
is reliably kept up-to-date in terms of security and compatible with a
wide range of clients. They've probably had more care and thought put
into them than our defaults, and will be easier to keep updated in
the future.
The only removed (rather than changed) configuration option here is
ssl_ecdh_curve, per https://github.com/mozilla/server-side-tls/issues/189.
Resolves #80952.
|
| |/ |
|
| |\
| |
| | |
nixos/caddy: resync with upstream unit file
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
match nginx
|
| |/ |
|
| |\
| |
| | |
unit: 1.13.0 -> 1.14.0
|
| | | |
|
| |\ \
| | |
| | | |
nixos/nginx/gitweb: add some (crucial) options
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This replaces some hardcoded values in nginx's VirtualHosts's
configuration with customizable options. Previous values are kept as
default, so nothing should break for existing users.
Co-Authored-By: Florian Klink <flokli@flokli.de>
|
| |\ \ \
| | | |
| | | | |
nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command
|
| | | | |
| | | |
| | | |
| | | | |
in the apachectl command
|
| |\| | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
reload enabled (#76179)
nixos/nginx: don't hide nginx config errors on nixos-rebuild --switch
with reload enabled
Closes https://github.com/NixOS/nixpkgs/issues/73455
|
| | | |/
| |/| |
|
| | |\ \
| | | |
| | | | |
nixos/httpd: support overridable virtual hosts
|
| | | | |
| | | |
| | | |
| | | | |
virtualHosts option type from listOf to attrsOf, add ACME integration
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The commit b0bbacb52134a7e731e549f4c0a7a2a39ca6b481 was a bit too fast
It did set executable bit for log files.
Also, it didn't account for other directories in state dir:
```
# ls -la /var/spool/nginx/
total 32
drwxr-x--- 8 nginx nginx 4096 Dec 26 12:00 .
drwxr-xr-x 4 root root 4096 Oct 10 20:24 ..
drwx------ 2 root root 4096 Oct 10 20:24 client_body_temp
drwx------ 2 root root 4096 Oct 10 20:24 fastcgi_temp
drwxr-x--- 2 nginx nginx 4096 Dec 26 12:00 logs
drwx------ 2 root root 4096 Oct 10 20:24 proxy_temp
drwx------ 2 root root 4096 Oct 10 20:24 scgi_temp
drwx------ 2 root root 4096 Oct 10 20:24 uwsgi_temp
```
With proposed change, only ownership is changed for state files, and mode is left as is
except that statedir/logs is now group accessible.
|
| | |/ /
| | |
| | |
| | |
| | | |
This change brings pre-existing installations (where the logfiles
are owned by root) in line with the new permssions (where logfiles
are owned by the nginx user)
|
| | |\ \
| | | |
| | | | |
nginx: do not run anything as root
|
| | | | | |
|
| | |/ / |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A centralized list for these renames is not good because:
- It breaks disabledModules for modules that have a rename defined
- Adding/removing renames for a module means having to find them in the
central file
- Merge conflicts due to multiple people editing the central file
|