movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixos/gancio: actually enable ssl by default.

Browse source
This commit is contained in:
Jean-Baptiste Giraudeau 2024-09-09 14:25:07 +02:00
parent 5af6aefbcc
commit 58ec286785
No known key found for this signature in database
GPG key ID: 7CEF8C9CC2D9933B
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
nixos/modules/services/web-apps/gancio.nix
View file

@ -157,11 +157,18 @@ in
}; };
nginx = mkOption { nginx = mkOption {
type = types.submodule (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }); type = types.submodule (
lib.recursiveUpdate (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) {
# enable encryption by default,
# as sensitive login credentials should not be transmitted in clear text.
options.forceSSL.default = true;
options.enableACME.default = true;
}
);
default = { }; default = { };
example = { example = {
enableACME = true; enableACME = false;
forceSSL = true; forceSSL = false;
}; };
description = "Extra configuration for the nginx virtual host of gancio."; description = "Extra configuration for the nginx virtual host of gancio.";
}; };
@ -260,8 +267,6 @@ in
virtualHosts."${cfg.settings.hostname}" = mkMerge [ virtualHosts."${cfg.settings.hostname}" = mkMerge [
cfg.nginx cfg.nginx
{ {
enableACME = mkDefault true;
forceSSL = mkDefault true;
locations = { locations = {
"/" = { "/" = {
index = "index.html"; index = "index.html";