movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-15 14:09:17 +03:00
Code Issues Projects Releases Packages Wiki Activity

apache-httpd

Browse source 
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
This commit is contained in:
Marc Weber 2016-11-12 15:35:32 +01:00
parent fbc7f75a84
commit b51f165334
2 changed files with 52 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

43
nixos/modules/services/web-servers/apache-httpd/default.nix
View file

@ -16,7 +16,17 @@ let
phpMajorVersion = head (splitString "." php.version); phpMajorVersion = head (splitString "." php.version);
getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80; defaultListen = cfg: if cfg.enableSSL
then [{ip = "*"; port = 443;}]
else [{ip = "*"; port = 80;}];
getListen = cfg:
let list = (lib.optional (cfg.port != 0) {ip = "*"; port = cfg.port;}) ++ cfg.listen;
in if list == []
then defaultListen cfg
else list;
listenToString = l: "${l.ip}:${toString l.port}";
extraModules = attrByPath ["extraModules"] [] mainCfg; extraModules = attrByPath ["extraModules"] [] mainCfg;
extraForeignModules = filter isAttrs extraModules; extraForeignModules = filter isAttrs extraModules;
@ -25,10 +35,13 @@ let
makeServerInfo = cfg: { makeServerInfo = cfg: {
# Canonical name must not include a trailing slash. # Canonical name must not include a trailing slash.
canonicalName = canonicalNames =
(if cfg.enableSSL then "https" else "http") + "://" + let defaultPort = (head (defaultListen cfg)).port; in
cfg.hostName + map (port:
(if getPort cfg != (if cfg.enableSSL then 443 else 80) then ":${toString (getPort cfg)}" else ""); (if cfg.enableSSL then "https" else "http") + "://" +
cfg.hostName +
(if port != defaultPort then ":${toString port}" else "")
) (map (x: x.port) (getListen cfg));
# Admin address: inherit from the main server if not specified for # Admin address: inherit from the main server if not specified for
# a virtual host. # a virtual host.
@ -224,7 +237,7 @@ let
++ (map (svc: svc.robotsEntries) subservices))); ++ (map (svc: svc.robotsEntries) subservices)));
in '' in ''
ServerName ${serverInfo.canonicalName} ${concatStringsSep "\n" (map (n: "ServerName ${n}") serverInfo.canonicalNames)}
${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases} ${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases}
@ -326,9 +339,10 @@ let
</IfModule> </IfModule>
${let ${let
ports = map getPort allHosts; listen = concatMap getListen allHosts;
uniquePorts = uniqList {inputList = ports;}; toStr = listen: "Listen ${listenToString listen}\n";
in concatMapStrings (port: "Listen ${toString port}\n") uniquePorts uniqueListen = uniqList {inputList = map toStr listen;};
in concatStrings uniqueListen
} }
User ${mainCfg.user} User ${mainCfg.user}
@ -382,15 +396,15 @@ let
# Always enable virtual hosts; it doesn't seem to hurt. # Always enable virtual hosts; it doesn't seem to hurt.
${let ${let
ports = map getPort allHosts; listen = concatMap getListen allHosts;
uniquePorts = uniqList {inputList = ports;}; uniqueListen = uniqList {inputList = listen;};
directives = concatMapStrings (port: "NameVirtualHost *:${toString port}\n") uniquePorts; directives = concatMapStrings (listen: "NameVirtualHost ${listenToString listen}\n") uniqueListen;
in optionalString (!version24) directives in optionalString (!version24) directives
} }
${let ${let
makeVirtualHost = vhost: '' makeVirtualHost = vhost: ''
<VirtualHost *:${toString (getPort vhost)}> <VirtualHost ${concatStringsSep " " (map listenToString (getListen vhost))}>
${perServerConf false vhost} ${perServerConf false vhost}
</VirtualHost> </VirtualHost>
''; '';
@ -628,6 +642,8 @@ in
message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; } message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; }
]; ];
warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port}";}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts);
users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton
{ name = "wwwrun"; { name = "wwwrun";
group = mainCfg.group; group = mainCfg.group;
@ -712,5 +728,4 @@ in
}; };
}; };
} }

25
nixos/modules/services/web-servers/apache-httpd/per-server-options.nix
View file

@ -28,9 +28,30 @@ with lib;
type = types.int; type = types.int;
default = 0; default = 0;
description = '' description = ''
Port for the server. 0 means use the default port: 80 for http Port for the server. Option will be removed, use <option>listen</option> instead.
and 443 for https (i.e. when enableSSL is set). '';
};
listen = mkOption {
type = types.listOf (types.submodule (
{
options = {
port = mkOption {
type = types.int;
description = "port to listen on";
};
ip = mkOption {
type = types.string;
default = "*";
description = "Ip to listen on. 0.0.0.0 for ipv4 only, * for all.";
};
};
} ));
description = ''
List of { /* ip: "*"; */ port = 80;} to listen on
''; '';
default = [];
}; };
enableSSL = mkOption { enableSSL = mkOption {