Commit Graph

659 Commits

Author SHA1 Message Date
Peter Hoeg
c876affce0 nixos darkhttpd: module to enable darkhttpd 2019-08-26 19:57:49 +08:00
Aaron Andersen
400c6aac71 nixos/phpfpm: deprecate extraConfig options in favor of settings options 2019-08-23 07:56:27 -04:00
Aaron Andersen
d2db3a338c nixos/phpfpm: Use systemd's RuntimeDirectory 2019-08-23 07:56:27 -04:00
Aaron Andersen
a30a1e2795 nixos/phpfpm: add user and group option to each pool 2019-08-23 07:56:27 -04:00
Aaron Andersen
62b774a700 nixos/phpfpm: add socket option to replace the listen option 2019-08-23 07:56:21 -04:00
Aaron Andersen
2b5f663015 nixos/phpfpm: merge pool-options.nix into default.nix 2019-08-23 07:54:51 -04:00
Aaron Andersen
0ce8317c46 nixos/phpfpm: deprecate poolConfigs option 2019-08-23 07:54:51 -04:00
Danylo Hlynskyi
855be67358
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads

Fixes: https://github.com/NixOS/nixpkgs/issues/15906
Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476

This add 2 new features: ability to review generated Nginx config
(and NixOS has sophisticated generation!) and reloading
of nginx on config changes. This preserves nginx restart on package
updates.

I've modified nginx test to use this new feature and check reload/restart
behavior.

* rename to enableReload

* add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
2019-08-21 16:52:46 +03:00
Timothy DeHerrera
98e6c1432e
caddy: remove 'bin' attribute 2019-08-18 18:46:21 -06:00
Marek Mahut
cb8f4b0552
Merge pull request #65439 from aanderse/httpd-extra-modules
nixos/httpd: remove duplicate module entries from httpd.conf
2019-08-13 18:51:15 +02:00
Aaron Andersen
5596b69771 nixos/httpd: remove duplicate module entries from httpd.conf 2019-07-26 17:51:06 -04:00
Aaron Andersen
455d33f514 nixos/mediawiki: init service to replace httpd subservice 2019-07-23 22:02:33 -04:00
Aaron Andersen
9b970d07f3 nixos/httpd: drop postgresql reference 2019-07-20 18:36:24 -04:00
Aaron Andersen
0fd69629c7 nixos/httpd: mark extraSubservices option as deprecated 2019-07-20 18:36:19 -04:00
Aaron Andersen
505df09d50 nixos/httpd: drop the port option 2019-07-20 18:29:46 -04:00
Graham Christensen
d51b522a6e
Merge pull request #64052 from aanderse/tomcat-connector
nixos/httpd: drop tomcat-connector httpd subservice
2019-07-19 15:25:44 -04:00
Aaron Andersen
c13fbe0551
Merge pull request #63844 from aanderse/zabbix-cleanup
nixos/zabbix: overhaul package & module
2019-07-12 06:12:51 -04:00
Aaron Andersen
08286b4f29 nixos/httpd: drop tomcat-connector httpd subservice 2019-07-11 20:58:55 -04:00
Aaron Andersen
649ec93c37 foswiki: drop package & httpd subservice 2019-07-11 19:46:30 -04:00
Aaron Andersen
6a1de5460b nixos/httpd: remove broken trac subservice 2019-07-11 19:19:27 -04:00
Aaron Andersen
6891fb4103 nixos/zabbixWeb: replace httpd subservice with new module 2019-07-11 18:45:46 -04:00
Frederik Rietdijk
fb6260fcf7
Merge pull request #64236 from NixOS/staging-next
Staging next
2019-07-10 08:52:04 +02:00
Aaron Andersen
ca336ac985
Merge pull request #64050 from aanderse/mercurial
nixos/httpd: drop mercurial httpd subservice
2019-07-09 12:54:01 -04:00
Vladimír Čunát
0746c4dbb4
Merge branch 'master' into staging-next
There are several thousand rebuilds from master already.
Hydra nixpkgs: ?compare=1528940
2019-07-06 13:44:40 +02:00
Aaron Andersen
aa05aad470 nixos/wordpress: create module to replace the httpd subservice 2019-07-03 11:47:33 -04:00
Frederik Rietdijk
25a77b7210 Merge staging-next into staging 2019-07-03 08:59:42 +02:00
Aaron Andersen
f2a499549f nixos/httpd: drop mercurial httpd subservice 2019-07-01 15:34:00 -04:00
worldofpeace
cab7c6cbd9 treewide: use dontConfigure 2019-07-01 04:23:51 -04:00
Aaron Andersen
278d867a9b Revert "Merge pull request #63156 from Izorkin/phpfpm-rootless"
This reverts commit b5478fd1a2, reversing
changes made to dbb00bfcbf.
2019-06-28 21:47:43 -04:00
Aaron Andersen
4b98e262a0 Revert "nixos/phpfpm: Remove usage of undefined variable fpmCfg"
This reverts commit 54645ce43a.
2019-06-28 21:47:17 -04:00
Elis Hirwing
54645ce43a
nixos/phpfpm: Remove usage of undefined variable fpmCfg 2019-06-27 20:39:18 +02:00
Elis Hirwing
b5478fd1a2
Merge pull request #63156 from Izorkin/phpfpm-rootless
phpfpm: do not run anything as root
2019-06-27 19:13:53 +02:00
pacien
b05870d223 nixos/cgit: fix config example
The order of the keys matters: scan-path must be the last key for other settings
to be taken into account.
2019-06-26 19:59:31 +02:00
Izorkin
eee87b460e nixos/phpfpm: remove options services.phpfpm.poolConfigs 2019-06-17 09:15:51 +03:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Izorkin
320e8ab5d7 nixos/phpfpm: do not run anything as root 2019-06-16 12:33:49 +03:00
Frederik Rietdijk
395da1280e
Merge pull request #63100 from aanderse/phabricator-remove
drop unmaintained phabricator package, service, and httpd subservice
2019-06-15 13:08:48 +02:00
Aaron Andersen
a49b546c92 nixos/httpd: remove unmaintained subservice (phabricator) 2019-06-13 17:12:13 -04:00
pacien
7cc0c50e39 nixos/cgit: mention filters in configText example 2019-06-11 15:27:56 +02:00
Aaron Andersen
fae95c2c82
Merge pull request #60021 from aanderse/httpd-cleanup
nixos/httpd: cleanup old apache2.2 syntax
2019-06-06 06:46:05 -04:00
Izorkin
5612650767 nixos/nginx: add ipv6 options to resolver 2019-06-02 19:29:30 +00:00
Matthew Bauer
f21b846afe
Merge pull request #57752 from aanderse/limesurvey
limesurvey: 2.05_plus_141210 -> 3.17.1+190408, init module
2019-06-01 17:31:15 -04:00
Matthew Bauer
002cce23f7
Merge pull request #62050 from aanderse/hydron
nixos/hydron: replace deprecated usage of PermissionsStartOnly
2019-06-01 17:29:24 -04:00
Florian Klink
5ea7a3eb21 nixos/mysql: drop services.mysql.pidDir
mysql already has its socket path hardcoded to to
/run/mysqld/mysqld.sock.
There's not much value in making the pidDir configurable, which also
points to /run/mysqld by default.

We only seem to use `services.mysql.pidDir` in the wordpress startup
script, to wait for mysql to boot up, but we can also simply wait on the
(hardcoded) socket location too.

A much nicer way to accomplish that would be to properly describe a
dependency on mysqld.service. This however is not easily doable, due to
how the apache-httpd module was designed.
2019-05-31 22:27:55 +02:00
Aaron Andersen
5cf98d29e7 nixos/limesurvey: init module to replace apache subservice 2019-05-28 23:02:34 -04:00
Aaron Andersen
d27be52b3d nixos/hydron: replace deprecated usage of PermissionsStartOnly
see #53852
2019-05-25 08:38:15 -04:00
Robin Gloster
6cf583cf2f
Merge pull request #60406 from JohnAZoidberg/remove-isnull
treewide: Remove usage of isNull
2019-05-18 09:36:24 +00:00
c0bw3b
582fd549fb winstone: drop package and service
Close #56294
Upstream package is unmaintained for years
and nixpkgs provides alternatives
2019-05-15 20:30:48 +02:00
Daniel Schaefer
786f02f7a4 treewide: Remove usage of isNull
isNull "is deprecated; just write e == null instead" says the Nix manual
2019-04-29 14:05:50 +02:00
Dan Elkouby
83c9b6ee39 nginx: use fullchain.pem for ssl_trusted_certificate
Some ACME clients do not generate full.pem, which is the same as
fullchain.pem + the certificate key (key.pem), which is not necessary
for verifying OCSP staples.
2019-04-23 12:33:19 +03:00
Aaron Andersen
e5b583bef4 nixos/httpd: cleanup old apache2.2 syntax 2019-04-20 07:32:55 -04:00
Aaron Andersen
e5d8ba59cc nixos/traefik: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
8c48c55c2d nixos/minio: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Florian Klink
2457510db4
Merge pull request #51918 from bobvanderlinden/var-run
tree-wide: nixos: /var/run -> /run
2019-04-07 20:09:46 +02:00
Léo Gaspard
07fdcb348f
Merge pull request #59056 from aanderse/mod_php-sendmail
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 20:57:58 +02:00
Aaron Andersen
9c9a6f380e nixos/httpd: replace ssmtp with system-sendmail 2019-04-06 06:34:46 -04:00
Jörg Thalheim
6dd7483ce1
Merge pull request #57979 from 4z3/writeNginxConfig
nixos/nginx: use nginxfmt and gixy
2019-04-04 20:23:58 +01:00
Bob van der Linden
65710d1df5
nixos/mighttpd2: /var/run -> /run 2019-03-24 21:15:33 +01:00
tv
59fac1a6d7 nixos/nginx: use writeNginxConfig 2019-03-23 11:16:14 +01:00
Okina Matara
40d7079f79
nixos/meguca: Add videoPaths, set postgresql version to 11 2019-03-23 01:19:29 -05:00
Dmitry Kalinkin
0e57b98b2c
Merge pull request #57596 from artemist/nginx-return
nixos/nginx: add return option to location
2019-03-22 14:08:33 -04:00
Samuel Leathers
cafd07a54e
Merge pull request #56423 from Izorkin/nginx-unit
unit: add service unit and update package
2019-03-20 13:08:05 -04:00
Izorkin
42a99b1be2 nixos/unit: init service unit 2019-03-16 19:54:21 +03:00
Silvan Mosberger
f8de52a2fe
Revert "nixos/nginx: support h2c" 2019-03-15 14:31:11 +01:00
Artemis Tosini
fee854ed01
nixos/nginx: add return option to location 2019-03-13 17:31:01 +00:00
Jordan Johnson-Doyle
04425c6223
nixos/nginx: support h2c 2019-03-08 17:50:46 +00:00
Janne Heß
3de5726e9b nixos/nginx: Support additional listen parameters (#56835) 2019-03-06 11:42:46 +02:00
Andreas Rammhold
768336a74b
Merge pull request #56233 from jtojnar/nginx-tlsv13
nixos/nginx: Enable TLS 1.3 support
2019-03-03 14:19:38 +01:00
Jan Tojnar
f93ff28c62 nixos/nginx: Enable TLS 1.3 support 2019-02-25 16:47:19 +01:00
Izorkin
569248b3c2 nginx: fix formating the config file 2019-02-24 19:50:58 +03:00
Izorkin
0394b177c7 nginx: formating the config file 2019-02-24 10:17:11 +03:00
Symphorien Gibol
a915b33315 nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
aanderse
a9358c4356 nixos/httpd: update documentation to reflect changes from https://github.com/NixOS/nixpkgs/pull/54529 (#56079) 2019-02-20 14:43:25 +02:00
Silvan Mosberger
a3f85f0dc0
Merge pull request #55410 from aanderse/apache-defaults
nixos/httpd: improve security in configuration file
2019-02-18 03:27:18 +01:00
Aaron Andersen
5eef3590ae nixos/phpfpm: allow configuring php.ini files per-pool 2019-02-13 19:58:02 -05:00
Aaron Andersen
1bec75301b nixos/httpd: don't advertise php 2019-02-07 14:25:55 -05:00
Aaron Andersen
70be5b6bb2 nixos/httpd: disable HTTP TRACE method by default 2019-02-07 14:13:45 -05:00
Aaron Andersen
dd610ce84f nixos/httpd: disable TLSv1 by default for better security 2019-02-07 14:05:44 -05:00
aanderse
c6cd07707b nixos/httpd: rename apache log files to have a .log file extension (#54529)
nixos/httpd: rename apache log files to have a .log file extension
2019-01-31 04:04:58 +02:00
John Wiegley
0305c55888
Merge pull request #53702 from aanderse/apache-ssl-opt
nixos/httpd: add options sslCiphers & sslProtocols
2019-01-23 19:27:17 -08:00
Wout Mertens
e445eabbe8
Merge pull request #41440 from wmertens/php-per-pool
phpfpm: allow configuring PHP package per-pool
2019-01-21 08:35:49 +01:00
Aaron Andersen
fd5a88687c nixos/httpd: add options sslCiphers & sslProtocols 2019-01-09 11:30:19 -05:00
Bas van Dijk
6ac10cd764
Merge pull request #53399 from LumiGuide/feat-wordpress-copy-plugins
apache-httpd/wordpress: copy plugins and themes instead of symlinking
2019-01-07 13:41:29 +01:00
Falco Peijnenburg
9d2c9157d7 nixos/apache-httpd/wordpress: copy plugins and themes instead of symlinking
Symlinking works for most plugins and themes, but Avada, for instance, fails to
understand the symlink, causing its file path stripping to fail. This results in
requests that look like:

https://example.com/wp-content//nix/store/...plugin/path/some-file.js

Since hard linking directories is not allowed, copying is the next best thing.
2019-01-06 17:51:31 +01:00
volth
fed7914539
Merge branch 'staging' into make-perl-pathd 2018-12-18 17:13:27 +00:00
Florian Klink
91c65721f7 owncloud: remove server
pkgs.owncloud still pointed to owncloud 7.0.15 (from May 13 2016)

Last owncloud server update in nixpkgs was in Jun 2016.
At the same time Nextcloud forked away from it, indicating users
switched over to that.

cc @matej (original maintainer)
2018-12-16 15:05:53 +01:00
Florian Klink
50500219af apache-httpd/limesurvey.nix: fix copypasta from owncloud 2018-12-16 15:05:53 +01:00
volth
bb9557eb7c lib.makePerlPath -> perlPackages.makePerlPath 2018-12-15 03:50:31 +00:00
Jappie Klooster
e576c3b385 doc: Fix insecure nginx docs (#51840) 2018-12-11 11:02:56 +00:00
Red Davies
4173b845ca mediawiki: 1.29.1 -> 1.31.1
1.29.1 is out of support and has security vulnerabilities. 1.31.1 is current LTS.
2018-12-03 21:04:08 +00:00
c0bw3b
5e4ceba7bf nixos/mediawiki: fetch over https 2018-11-24 23:18:26 +01:00
Pavel Goran
a57bbf4e63 nixos/tomcat: add purifyOnStart option
With this option enabled, before creating file/directories/symlinks in baseDir
according to configuration, old occurences of them are removed.

This prevents remainders of an old configuration (libraries, webapps, you name
it) from persisting after activating a new configuration.
2018-10-29 18:26:22 +07:00
Wout Mertens
69936b5655 phpfpm: allow configuring PHP package per-pool
props to @4levels
2018-10-26 16:11:07 +01:00
Izorkin
af8ae49395 nginx: add custom options 2018-10-23 21:04:07 +03:00
Michael Raskin
3491dd06a1
Merge pull request #47224 from pvgoran/tomcat-virtualhost-aliases
nixos/tomcat: add aliases sub-option for virtual hosts
2018-10-21 07:54:52 +00:00
Franz Pletz
ebd38185c8 nixos/nextcloud: init
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
Co-authored-by: Robin Gloster <mail@glob.in>
Co-authored-by: Janne Heß <janne@hess.ooo>
Co-authored-by: Florian Klink <flokli@flokli.de>
2018-10-01 02:07:43 +09:30
Pavel Goran
5e16e671ea nixos/tomcat: add aliases sub-option for virtual hosts 2018-09-23 21:49:17 +07:00
Uli Baum
15e6e1ff6f nixos/nginx: fix type of sslTrustedCertificate option
The option was added in 1251b34b5b
with type `types.path` but default `null`, so eval failed with
the default setting. This broke the acme and certmgr tests.

cc: @vincentbernat @fpletz
2018-09-02 01:35:59 +02:00
Vincent Bernat
1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
2018-08-30 22:47:41 +02:00
Vincent Bernat
bd075eb914 nginx: add more gzipped MIME types
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
2018-08-26 21:48:55 +02:00
Vincent Bernat
06a5fb2ada nginx: use a compression level of 5 in recommended configuration
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
2018-08-26 21:43:34 +02:00
Okina Matara
aba87b85ef nixos/hydron: Various tweaks
Make timer persistent
Start timer after hydron
Change interval from hourly to weekly
2018-08-15 22:00:13 -05:00
Okina Matara
36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara
d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger
150f4fe9c4
Merge pull request #44371 from pvgoran/tomcat-webapps-listOfPaths
nixos/tomcat: allow non-package paths in services.tomcat.webapps
2018-08-02 23:32:33 +02:00
Pavel Goran
7fb40c6503 nixos/tomcat: correct type specification for virtualHosts
The wrong specification was introduced as part of commit 472f16d.

Fixes #44361.
2018-08-02 23:37:09 +07:00
Pavel Goran
b2b5b97468 nixos/tomcat: allow non-package paths in services.tomcat.webapps
Resolves #44370.
2018-08-02 23:26:21 +07:00
Tuomas Tynkkynen
96190535e5 Revert "nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1"
This reverts commit 095fe5b43d.

Pointless renames considered harmful. All they do is force people to
spend extra work updating their configs for no benefit, and hindering
the ability to switch between unstable and stable versions of NixOS.

Like, what was the value of having the "nixos." there? I mean, by
definition anything in a NixOS module has something to do with NixOS...
2018-07-28 00:12:55 +03:00
volth
2e979e8ceb [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
Frederik Rietdijk
1a6af9f88e
Merge pull request #43857 from volth/unused
[bot] treewide: remove unreferenced code
2018-07-20 21:06:32 +02:00
volth
87f5930c3f [bot]: remove unreferenced code 2018-07-20 18:48:37 +00:00
Maximilian Bosch
0adca53c79
inginious: remove
Fallout of 9db7f15ea3ce57eee25458daf87cce7a04ea98b2 which removed
simpleldap.

@layus suggests to remove:

* https://github.com/NixOS/nixpkgs/pull/43782#issuecomment-406186881
* https://github.com/NixOS/nixpkgs/pull/31975#issuecomment-346647857
2018-07-19 17:31:40 +02:00
Silvan Mosberger
810f91f46d
Merge pull request #43308 from Chiiruno/dev/hydron
hydron: init at 2018-07-11
2018-07-18 22:10:11 +02:00
Okina Matara
38f2a3efbf nixos/hydron: init 2018-07-18 13:16:50 -05:00
Silvan Mosberger
b9c95c7d60
httpd: Fix typo 2018-07-13 02:59:00 +02:00
Jörg Thalheim
8cf4a4725c
Merge pull request #41823 from Chiiruno/dev/meguca
meguca: 2018-05-26 -> 2018-06-11
2018-07-02 15:35:42 +01:00
Florian Klink
fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Okina Matara
4b91c2428b meguca: 2018-05-26 -> 2018-06-10 2018-06-29 15:56:33 -05:00
Matthew Bauer
be3a8c4bdb
Merge pull request #41799 from pacien/patch-4
cgit: Parametrise cgit subdirectory
2018-06-28 22:13:42 -04:00
Aneesh Agrawal
c2ab820d6a nixos/uwsgi: use python.withPackages 2018-06-13 22:47:22 -07:00
Notkea
8b9559e417 cgit: parametrise subdirectory
This proposal enables the user to choose the sub-directory in which to serve cgit.
The previous default behaviour isn't altered.
2018-06-13 00:28:52 +02:00
Uli Baum
93cbb9b72f nixos/tomcat: fix eval error introduced by #40657 2018-06-11 11:02:54 +02:00
Tristan Helmich
1daa77160e tomcat service: fix webapps default option (#40657)
The old package tomcat.webapps does not exist
2018-06-10 20:10:01 +02:00
Hamish Mackenzie
0e5c971af8
minio: Output server logs & startup in json format
Currently minio logs with enhanced tty data and journalctl does not include anything useful as a result:

```
Jun 08 11:03:28 alpha minio[17813]: [78B blob data]
Jun 08 11:03:28 alpha minio[17813]: [49B blob data]
Jun 08 11:03:28 alpha minio[17813]: [19B blob data]
Jun 08 11:03:28 alpha minio[17813]: [88B blob data]
Jun 08 11:03:28 alpha minio[17813]: [45B blob data]
Jun 08 11:03:28 alpha minio[17813]: [44B blob data]
Jun 08 11:03:28 alpha minio[17813]: [57B blob data]
```

Indicating that it detected some binary output.  With the `--json` flag it logs:

```
Jun 08 11:14:58 alpha minio[18573]: {"level":"FATAL","time":"2018-06-07T23:14:58.770637778Z","error":{"message":"--address input is invalid: address 127.0.0.1: missing port in address","source":["/build/go/src/github.com/minio/minio/cmd/server-main.go:121:cmd.serverHandleCmdArgs()"]}}
```
2018-06-08 11:22:00 +12:00
Okina Matara
e2f1a05756 meguca: git-2018-05-17 -> git-2018-05-20 2018-05-26 07:03:49 -05:00
Okina Matara
14a26f0153 meguca: init at git-2018-05-17 2018-05-26 07:03:49 -05:00
Jan Tojnar
bd648f321c
nixos/nginx: emphasize that useACMEHost does not create certs
It was not entirely clean that `services.nginx.virtualHosts.<name>.useACMEHost` does not create certificates, see https://github.com/NixOS/nixpkgs/issues/40593
2018-05-17 20:48:02 +02:00
Jan Malakhovski
095fe5b43d nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1 2018-05-12 19:27:09 +00:00
Nikolay Amiantov
a08645e9be nginx module: add upstream extraConfig 2018-05-08 16:32:11 +03:00
Julien Langlois
519b64592d hitch: init at 1.4.8 + service + test (#39358)
Add the Hitch TLS reverse proxy as an option for TLS termination.
2018-05-01 10:36:36 +01:00
Franz Pletz
dc62e8509a
nixos/caddy: fix ca api endpoint, now uses v2 2018-04-27 01:11:54 +02:00
Ben Wolsieffer
4d40adb86d nginx: allow basic auth passwords to be specified in a file 2018-04-25 15:37:09 +02:00
gnidorah
9029ed933c nixos/gitweb: add gitwebTheme option 2018-04-17 20:07:01 +03:00
Jörg Thalheim
41ec2c2223
Merge pull request #38362 from orbekk/acme-path
fix: nixos/nginx certificate location
2018-04-09 09:02:51 +01:00
gnidorah
073089914e nixos/nginx: fix gitweb submodule 2018-04-06 22:36:03 +03:00
Kjetil Ørbekk
8614e22297 fix: nixos/nginx certificate location
Fix issue when using a cert location other than the default.
2018-04-02 20:34:01 -04:00
Wout Mertens
b4e92e0b34
Merge pull request #37921 from gnidorah/gitweb
nixos/nginx: add gitweb sub-service
2018-03-30 00:18:44 +02:00
gnidorah
05b535c850 git: add more deps to gitweb 2018-03-29 16:46:11 +03:00
gnidorah
2821d3fed7 gitweb: use common options 2018-03-29 16:45:32 +03:00
gnidorah
69a0c9721e nixos/nginx: add gitweb sub-service 2018-03-29 09:06:54 +03:00
Justin Humm
169468c406
apache-httpd: fix typo in config servedFiles 2018-03-28 03:47:25 +02:00
volth
002b460822 varnish4: init at 4.1.9; varnish6: init at 6.0.0 2018-03-20 07:10:36 +00:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Jörg Thalheim
196e21a160 nixos/tomcat: add types + proper systemd integration
fixes #35443
2018-03-08 09:09:42 +00:00
Benjamin Smith
024220bd7f nixos/tomcat: add serverXml, environment files and log directories
* add serverXml verbatim override
* add environment file
* add log directory creation
2018-03-08 09:09:42 +00:00
Shea Levy
fec543436d
nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
Joachim F
46afc63b6f
Merge pull request #32062 from volth/patch-73
nixos/varnish: check .vcl syntax at compile time
2018-02-20 19:22:28 +00:00
Niklas Hambüchen
f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Hamish
3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Jan Tojnar
0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Francesco Gazzetta
356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Andreas Rammhold
637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
Christoph Hrdinka
d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
Niklas Hambüchen
afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Bjørn Forsman
b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
volth
bfee336614
nixos/varnish: it does not matter where to check syntax, only when 2017-12-09 08:29:44 +00:00
Tuomas Tynkkynen
cb008da167 owncloud: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
volth
25b178c745
nixos/varnish: check .vcl syntax at compile time (e.g. before nixops deployment) 2017-11-26 08:13:09 +00:00
Joachim F
822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Graham Christensen
2bbdd70b99
inginious: fix options eval 2017-11-23 09:33:59 -05:00
Bas van Dijk
cb4b9b1cc1 owncloud: fix some but not all errors
* Don't set timezone when it's null

* Don't create the postgres role because the postgresqsl service
  already does that.

* Fix documentation

* Add a test suite
2017-10-31 23:03:33 +01:00
Graham Christensen
e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Piotr Bogdan
3165c56db9 apache-httpd/wordpress: disable built-in WordPress autoupdater 2017-10-31 17:37:11 +00:00
Bas van Dijk
527781ebc4 apache-httpd: fix nix evaluation error
This only sets the timezone when it's not null to prevent:

  error: cannot coerce null to a string, at
  nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Jan Tojnar
3c48a1e06d nixos/services.nginx: Fix globalRedirect example
Virtual host globalRedirect attribute accepts a hostname not a URL

09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Bjørn Forsman
d26f8b5e00 nixos/lighttpd: add missing modules to allKnownModules
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:

  mod_authn_gssapi
  mod_authn_ldap
  mod_geoip

(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
Joerg Thalheim
c2c843adf7 nixos/traefik: guard example path 2017-10-04 14:51:20 +01:00
Joerg Thalheim
a3200348b7 nixos/traefik: owner/group should be changed recursivly 2017-10-04 11:59:38 +01:00
Joerg Thalheim
3468c9e5cc nixos/traefik: create /var/lib/traefik with correct permissions 2017-10-04 11:49:42 +01:00
Hamish Hutchings
2e5297217d nixos/traefik create service 2017-10-04 11:26:39 +01:00
Samuel Dionne-Riel
0b1c73f4da mediawiki: 1.27.3 -> 1.29.1 2017-09-24 22:49:22 -04:00
Robin Gloster
97a2cd0748
nginx: module fix example
Closes #28926
2017-09-03 14:05:32 +02:00
Robin Gloster
7cd46a0594
nginx module: add proxyResolveWhileRunning option 2017-08-30 21:01:53 +02:00
Robin Gloster
4ffa9ddb30
nginx module: allow basic configuration of upstreams 2017-08-30 21:01:53 +02:00
Franz Pletz
759daba980
nginx module: first proxy_set_header takes precendence 2017-08-30 21:01:52 +02:00
Franz Pletz
65c2203ffc
nginx module: add option for proxying websocket requests 2017-08-30 21:01:52 +02:00
Franz Pletz
530282eebe
nginx module: fix applying recommended proxy headers
Previously, if proxy_set_header would be used in an extraConfig of
a location, the headers defined in the http block by
recommendedProxySettings would be cleared. As this is not the intended
behaviour, these settings are now included from a separate file if
needed.
2017-08-30 21:01:52 +02:00
Robin Gloster
0371f2b5cc
nginx module: clean up SSL/listen handling 2017-08-30 21:01:52 +02:00
Franz Pletz
8e622d2689
phpfpm service: allow netlink sockets for sendmail
Fixes #26611.
2017-08-29 00:41:31 +02:00
Peter Hoeg
ecdabb1b5b Merge pull request #28481 from mpcsh/master
nixos/caddy: improve documentation
2017-08-25 09:56:40 +08:00
Mark Cohen
8511a3378b nixos/caddy: improve documentation
There was no documentation for the "config" option, and it wasn't quite
clear whether it was supposed to be a file, a string, or what. This
commit removes that ambiguity.
2017-08-24 13:39:06 -04:00
Joachim F
f1514a5876 Merge pull request #27699 from volth/varnish-fixes-sq
nixos/varnish: made compatible with varnish 5.1.2, add modules
2017-08-22 22:01:00 +00:00
Franz Pletz
cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
This interferes with sendmail because suid won't work. Fixes #26611.
2017-08-21 19:24:17 +02:00
Wout Mertens
339330b322 Merge pull request #27426 from rnhmjoj/nginx
nginx: make enabling SSL port-specific
2017-08-07 16:46:28 +02:00
Robin Gloster
94a2cba8d9
nginx module: add resolver config 2017-08-04 02:15:46 +02:00
Robin Gloster
75bbcd4215
nginx module: include uwsgi_params 2017-08-04 02:15:01 +02:00
Bjørn Forsman
aff0725a7d nixos/lighttpd: add enableUpstreamMimeTypes option
enableUpstreamMimeTypes controls whether to include the list of mime
types bundled with lighttpd (upstream). This option is enabled by
default and gives a much more complete mime type list than we currently
have. If you disable this, no mime types will be added by NixOS and you
will have to add your own mime types in services.lighttpd.extraConfig.
2017-07-29 14:24:40 +02:00
Bjørn Forsman
b339e6e13f nixos/lighttpd: update list of allowed module names
* mod_dirlisting is auto-loaded by lighttpd and should not be explicitly
  loaded in the configuration file.
* The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when
  lighttpd is built with "enableMagnet" and "enableMysql".
2017-07-29 14:24:40 +02:00
rnhmjoj
a912a6a291
nginx: make enabling SSL port-specific 2017-07-27 03:45:53 +02:00
Volth
c6128d2feb nixos/varnish: made compatible with varnish 5.2.1, add modules
* nixos/varnish: command line compatible with varnish 5.2.1, fixes
https://github.com/NixOS/nixpkgs/issues/27409
* nixos/varnish: add support for modules (services.varnish.extraModules)
* varnish-modules: init at 0.10.2
* varnish-geoip: init at 1.0.2
* varnish-rtstatus: init at 1.2.0
* varnish-digest: init at 1.0.1
* added services.varnish.extraCommandLine option
2017-07-26 23:32:49 +00:00
Wout Mertens
c4783a982b nginx: add gzip_vary to recommended settings
Google PageSpeed recommends turning this on to allow proxies to cache
2017-07-17 20:15:59 +02:00
Franz Pletz
951b932456 Merge pull request #27403 from rnhmjoj/nginx
nginx: make listen addresses configurable
2017-07-16 13:50:18 +02:00
rnhmjoj
e40f3bea3e
nginx: make listen addresses configurable 2017-07-14 21:26:54 +02:00
Bjørn Forsman
407b56986e nixos/lighttpd: fix indent (tab -> space) 2017-07-14 20:37:25 +02:00
Pascal Bach
0fb8456b13 minio service: add additional config options
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Volth
99b8d5ebe6 lighttpd: add collectd submodule 2017-06-29 22:41:22 +00:00
Pascal Bach
aa66c9ad37 minio service: add inital service
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
Ekaterina Vaartis
c0df448d54 apache-httpd: fix mod_perl by refering to apacheHttpdPackages (#26579) 2017-06-15 13:07:14 +02:00
Franz Pletz
ac5258edb2
caddy service: don't use extra dotdir in dataDir 2017-06-13 21:21:59 +02:00