Franz Pletz
951b932456
Merge pull request #27403 from rnhmjoj/nginx
...
nginx: make listen addresses configurable
2017-07-16 13:50:18 +02:00
rnhmjoj
e40f3bea3e
nginx: make listen addresses configurable
2017-07-14 21:26:54 +02:00
Bjørn Forsman
407b56986e
nixos/lighttpd: fix indent (tab -> space)
2017-07-14 20:37:25 +02:00
Pascal Bach
0fb8456b13
minio service: add additional config options
...
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Volth
99b8d5ebe6
lighttpd: add collectd submodule
2017-06-29 22:41:22 +00:00
Pascal Bach
aa66c9ad37
minio service: add inital service
...
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
Ekaterina Vaartis
c0df448d54
apache-httpd: fix mod_perl by refering to apacheHttpdPackages ( #26579 )
2017-06-15 13:07:14 +02:00
Franz Pletz
ac5258edb2
caddy service: don't use extra dotdir in dataDir
2017-06-13 21:21:59 +02:00
Franz Pletz
071815cb24
caddy service: sync with upstream systemd unit
...
Increases security and fixes minor issues.
2017-06-13 21:21:59 +02:00
Eric Sagnes
5b30f246cb
varnish module: remove unneeded gcc runtime dependency
2017-05-17 16:14:29 +02:00
Graham Christensen
4d44810fe7
Merge pull request #25365 from armijnhemel/mediawiki
...
mediawiki: 1.27.1 -> 1.27.3
2017-05-07 06:58:32 -04:00
goibhniu
248a06695f
Merge pull request #22236 from Baughn/mediawiki
...
apache-httpd: Add 'extensions' config option for mediawiki
2017-05-01 19:17:36 +02:00
Armijn Hemel
cdebfa80ab
mediawiki: 1.27.1 -> 1.27.3
2017-04-30 22:38:00 +02:00
Bjørn Forsman
d916ce2ef4
nixos/lighttpd: set $HOME for gitweb sub-service
...
This allows gitweb to expand '~' in /etc/gitconfig. Without a $HOME
variable, it fails to list any projects and instead show the text
"No such projects found" in the UI.
Setting $HOME to the gitweb project root seems like a sensible value.
2017-04-11 22:54:31 +02:00
Bas van Dijk
6f2eca1744
wordpress: replace the dbPassword option with dbPasswordFile ( #24146 )
...
We shouldn't force users to store passwords in the world-readable Nix store.
2017-03-28 17:38:16 +02:00
Nikolay Amiantov
417844b596
phpfpm service: don't use private /tmp
...
This breaks local PostgreSQL connections.
2017-03-25 14:52:44 +01:00
Domen Kožar
02129a8788
Merge pull request #23672 from edanaher/nginx-alias
...
Nginx alias directive
2017-03-21 15:04:02 +01:00
Franz Pletz
c13922f012
nginx: explicitly use stable version
...
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.
Fixes #21665 .
2017-03-20 20:04:09 +01:00
Franz Pletz
fff8cc79df
Merge pull request #23279 from mbbx6spp/make-nginx-module-less-gross
...
nginx service: add commonHttpConfig option
2017-03-20 19:03:20 +01:00
Franz Pletz
9536169074
nixos/treewide: remove boolean examples for options
...
They contain no useful information and increase the length of the
autogenerated options documentation.
See discussion in #18816 .
2017-03-17 23:36:19 +01:00
Graham Christensen
e4c0613470
Merge pull request #23674 from c0bw3b/sec/jboss7
...
JBoss AS: list known vulnerability
2017-03-15 17:33:27 -04:00
Bas van Dijk
308c09d41f
wordpress: security upgrade: 4.7.2 -> 4.7.3 & other improvements ( #23837 )
...
* Moved the wordpress sources derivation to the attribute pkgs.wordpress. This
makes it easier to override.
* Also introduce the `package` option for the wordpress virtual host config which
defaults to pkgs.wordpress.
* Also fixed the test in nixos/tests/wordpress.nix.
2017-03-14 16:11:51 +01:00
Renaud
72619a86c9
JBoss AS: list known vulnerability
...
CVE-2015-7501
Warning in JBoss module
2017-03-13 18:45:19 +01:00
Franz Pletz
323d0fdd5a
phpfpm module: set correct nixos sendmail path
2017-03-11 09:39:12 +01:00
Evan Danaher
a09246948c
nginx: disallow alias directive on server level; it doesn't work.
2017-03-09 16:54:44 -05:00
Evan Danaher
e7358b192a
nginx: Assert that either root or alias is null.
...
If both are set, nginx won't start. More error checking is certainly in
order, but this seems like a reasonable start.
2017-03-09 13:02:49 -05:00
Evan Danaher
ff2e2e82cc
nginx: Add alias configuration option for hosts and locations.
...
It's like root, but doesn't keep the prefix.
2017-03-09 13:02:29 -05:00
Franz Pletz
d7674dabba
phpfpm service: fix phpOptions
...
Broken due to #23216 .
2017-03-07 15:08:55 +01:00
Susan Potter
251b9ca0e7
nginx service: add commonHttpConfig option
2017-02-28 09:36:56 -06:00
Franz Pletz
ec4ead0bfe
phpfpm service: add target and slice
2017-02-28 00:00:57 +01:00
Franz Pletz
e3d58dae7f
phpfpm service: one service per pool for isolation
2017-02-27 23:38:53 +01:00
Fabian Schmitthenner
ae67f060f2
phpfpm: eliminate build at evaluation time
...
phpfpm currently uses `readFile` to read the php.ini file from the
phpPackage. This causes php to be build at evaluation time.
This eliminates the use of readFile and builds the php.ini at build
time.
2017-02-26 23:35:12 +01:00
Franz Pletz
26a2822cf0
nginx service: restart instead of stop to reduce downtime
...
cc #23127
2017-02-25 20:12:37 +01:00
Franz Pletz
3a4dd97c55
nginx module: fix acme if vhost name != serverName
...
cc #21931 @bobvanderlinden
2017-02-25 08:04:38 +01:00
Joachim F
6dbe55ca68
Merge pull request #20456 from ericsagnes/feat/loaf-dep-1
...
Use attrsOf in place of loaOf when relevant
2017-02-19 15:49:25 +01:00
Robin Gloster
6e12406e30
Revert "nginx: Format the config file"
...
This reverts commit e362a3d5c9
.
See #22883
2017-02-16 22:45:00 +01:00
davidak
d4766e789b
caddy: set file descriptor limit to 8192, fixes #22454
...
the value is recommended for production use
a warning is produced when not set
2017-02-11 01:44:29 +01:00
Franz Pletz
65a1762a9b
nginx module: make acme group overrideable easily
2017-02-08 23:50:59 +01:00
Graham Christensen
7db1f727f3
moodle: Remove due to continued security issues.
2017-02-08 09:10:45 -05:00
Svein Ove Aas
e362a3d5c9
nginx: Format the config file
2017-02-07 16:19:11 +01:00
Joachim Schiele
d491728653
httpd: added serviceExpression which extends the serviceType concept -> allows that httpd services can live outside of nixpkgs ( #22269 )
2017-02-06 01:08:58 +01:00
Bas van Dijk
5cc75352f8
wordpress: 4.7.1 -> 4.7.2
...
See: https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
2017-02-02 16:41:32 +01:00
Svein Ove Aas
9b2d4a9fce
apache-httpd: Add 'extensions' config option
2017-01-28 19:21:56 +00:00
Bob van der Linden
d9987f360a
nginx: added serverName option for virtualHosts
...
This allows overriding the `server_name` attribute of virtual
hosts. By doing so it is possible to have multiple virtualHost
definitions that share the same `server_name`. This is useful in
particular when you need a HTTP as well as a HTTPS virtualhost: same
server_name, different port.
2017-01-25 14:55:55 +01:00
Graham Christensen
c0f3b8d629
wordpress: 4.6.1 -> 4.7.1 for multiple CVEs
...
CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
2017-01-19 22:53:49 -05:00
Sheena Artrip
5c5648b1f6
caddy: add package config option
2017-01-13 22:29:26 -05:00
Dan Peebles
df7b4f4f6f
httpd module: don't create documentRoot directory if it doesn't exist
...
It hides bugs and do you ever actually want to serve up an empty directory?
It was pretty confusing to me when it tried to write into a read-only store
path because I accidentally pointed it to the wrong store path.
2017-01-05 21:19:16 -05:00
volth
9bb6d91c73
httpd: setuptools is not top-level
2017-01-05 17:37:33 +00:00
Jörg Thalheim
c23032a8b1
docker: update service units from upstream
...
All the new options in detail:
Enable docker in multi-user.target make container created with restart=always
to start. We still want socket activation as it decouples dependencies between
the existing of /var/run/docker.sock and the docker daemon. This means that
services can rely on the availability of this socket. Fixes #11478 #21303
wantedBy = ["multi-user.target"];
This allows us to remove the postStart hack, as docker reports on its own when
it is ready.
Type=notify
The following will set unset some limits because overhead in kernel's ressource
accounting was observed. Note that these limit only apply to containerd.
Containers will have their own limit set.
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Upgrades may require schema migrations. This can delay the startup of dockerd.
TimeoutStartSec=0
Allows docker to create its own cgroup subhierarchy to apply ressource limits on
containers.
Delegate=true
When dockerd is killed, container should be not affected to allow
`live restore` to work.
KillMode=process
2016-12-23 21:39:38 +01:00
tv
de44544ceb
nginx service: use default_server
parameter instead of default
( #21371 )
2016-12-23 11:52:44 +01:00
Felix Richter
d8478c7912
services.nginx: allow startup with ipv6 disabled ( #21360 )
...
currently services.nginx does not start up if `networking.enableIPv6 = false`
the commit changes the nginx behavior to handle this case accordingly.
The commit resolves #21308
2016-12-23 11:49:35 +01:00
Rok Garbas
e6fa6b21e1
apacheHttpdPackages.mod_perl: init at 2.0.10
2016-12-22 13:36:44 +01:00
Nikolay Amiantov
9cca8e3f87
uwsgi service: fix for new pythonPackages
2016-12-08 21:03:41 +03:00
Michael Raskin
36010e7046
Merge pull request #20366 from MarcWeber/submit/apache-port-to-listen
...
apache-httpd
2016-11-26 13:37:02 +00:00
Eric Sagnes
821e8d4681
zope2 module: instance option loaOf -> attrsOf
2016-11-16 16:34:00 +09:00
Marc Weber
b51f165334
apache-httpd
...
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Philipp Hausmann
632282300a
nginx service: Add missing port toString conversion ( #20252 )
2016-11-08 13:34:04 +01:00
Eric Sagnes
797d40767d
fcgiwrap module: use enum
2016-11-04 13:04:52 +09:00
Frederik Rietdijk
7077a270bf
Merge remote-tracking branch 'upstream/master' into HEAD
2016-10-26 13:06:43 +02:00
Emery Hemingway
b675619391
nixos: use types.lines for extraConfig
2016-10-23 19:41:43 +02:00
Frederik Rietdijk
e56832d730
Merge remote-tracking branch 'upstream/master' into HEAD
2016-10-22 17:23:24 +02:00
Robin Gloster
d05d063572
nginx: set correct acme permissions
2016-10-20 11:18:25 +02:00
Frederik Rietdijk
104c50dd1a
Python: remove modules and pythonFull
2016-10-10 10:33:24 +02:00
Franz Pletz
a3ec0f1593
nixos/nginx: reload on acme cert renewal
2016-10-09 12:55:24 +02:00
Peter Hoeg
47a8f1ea85
php-fpm: add reload support
...
Upstream recommends sending USR2 for a graceful reload.
2016-10-06 10:22:24 +08:00
Peter Hoeg
5a6626f47c
php fpm: add systemd support
...
PHP FPM will now notify systemd when it's done initializing and ready to
serve requests.
Additionally ```systemctl status phpfpm``` will now show statistics such
as:
```
Status: "Processes active: 0, idle: 8, Requests: 0, slow: 0, Traffic: 0req/sec"
```
2016-10-05 23:30:31 +08:00
Joachim F
0906a0f197
Merge pull request #18491 from groxxda/network-interfaces
...
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Joachim F
7e80c42b0e
Merge pull request #18511 from ericsagnes/feat/remove-optionSet
...
modules: optionSet -> submodule
2016-10-01 17:57:45 +02:00
Joachim F
4d3282a8fe
Merge pull request #18993 from ericsagnes/mod/php-fpm
...
php-fpm module: cleanup
2016-09-29 13:14:32 +02:00
Graham Christensen
e2688e072d
moodle: mark as broken
...
https://github.com/NixOS/nixpkgs/issues/18856
2016-09-28 08:52:18 -04:00
Graham Christensen
8504237863
mediawiki: 1.23.13 -> 1.27.1
2016-09-26 21:53:36 -04:00
Eric Sagnes
b14ecbb96f
php-fpm module: cleanup
...
- Added example for the pool option
- Unified PHP-FPM spelling
2016-09-27 10:20:22 +09:00
Graham Christensen
4671806183
wordpress: 4.3.1 -> 4.6.1 + add a test
2016-09-26 19:36:07 -04:00
Wilhelm Schuster
54c5154b90
nginx module: Add option to configure events block
2016-09-26 12:16:53 +02:00
Alexander Ried
3ada966bd5
treewide: minor format / style / documentation fixes
2016-09-13 11:19:22 +02:00
Joachim Fasting
3dc69799b6
tomcat: remove use of network-interfaces.target
2016-09-13 11:19:22 +02:00
Eric Sagnes
03ee88f666
zope2 module: optionSet -> submodule
2016-09-13 12:53:12 +09:00
Eric Sagnes
c16d03ddc5
winstone module: optionSet -> submodule
2016-09-13 12:53:12 +09:00
danbst
63f9ef9f19
tomcat service: bump default tomcat to 8.5
...
See migration changelogs at
- 7.0 -> 8.0: https://tomcat.apache.org/migration-8.html
- 8.0 -> 8.5: https://tomcat.apache.org/migration-85.html
2016-09-09 18:29:12 +02:00
danbst
a01d4ee3f4
tomcat: add danbst as maintainer
2016-09-09 18:29:12 +02:00
danbst
f1072611a4
tomcat service: call shutdown in preStop, because postStop is too late (systemd kills process)
2016-09-09 18:29:12 +02:00
danbst
0c2d943529
tomcat: split default webapps to separate output (~6M)
2016-09-09 18:29:12 +02:00
Alexander Ried
e84b803300
security.acme: remove loop when no fallbackHost is given
2016-09-06 17:47:00 +02:00
Robin Gloster
c011aa86ab
nginx module: add index and tryFiles
2016-08-25 23:27:56 +00:00
Robin Lambertz
dacc3fa985
phpfpm: allow old config format as well ( #17754 )
2016-08-15 14:41:26 +02:00
Robin Gloster
3cf5d5ebed
nginx module: fixup events in config
2016-08-09 17:11:28 +00:00
Robin Gloster
b0b0a45bb1
nginx module: fix cfg.config backwards compatibility
...
fixes #17604
2016-08-09 12:02:21 +00:00
Al Zohali
2aba1c4962
phpfpm service: restructured pool configuration
...
From @fpletz: Keep poolConfigs option for backwards-compatibility.
The original commit 6b3f5b5a42
was previously
reverted by c7860cae1a
but the issues were
resolved.
2016-08-08 05:53:53 +02:00
Christian Kauhaus
ea7e705cd9
varnish: fix localstatedir for varnish* tools ( #17508 )
...
The varnish tools (varnishstat, varnishlog, ...) tried to load the VSM
file from a spurious var directory in the Nix store. Fix the default so
the tools "just work" when also keeping services.varnish.stateDir at the
default.
Notes:
- The tools use $localstatedir/$HOSTNAME so I've adapted the default for
stateDir as well to contain hostName.
- Added postStop action to remove the localstatedir. There is no point
in keeping it around when varnish does not run, as it regenerates it
on startup anyway.
Fixes #7495
2016-08-04 15:25:23 +02:00
Franz Pletz
c90a43f4c5
nginx module: fix evaluation of root location option
2016-08-01 19:38:10 +02:00
Robin Gloster
a193fecf0e
nginx module: improve statusPage generated code
...
Adds ::1 as allowed host and turns of access_log for the status page.
2016-07-28 11:59:13 +00:00
Robin Gloster
3ccfca7d6b
nginx module: httpConfig backward compatibility
...
Revert httpConfig its old behaviour and make it mutually exclusive to
the new structured configuration. Adds appendHttpConfig to have the
ability to write custom config in the generated http block.
2016-07-28 11:59:13 +00:00
Robin Gloster
511410789b
nginx module: make client_max_body_size configurable
2016-07-28 11:59:13 +00:00
Tristan Helmich
8c61b3af03
nginx: fixed duplicate http declaration
2016-07-28 11:59:13 +00:00
Robin Gloster
91680de317
nginx module: add statusPage option
2016-07-28 11:59:13 +00:00
Robin Gloster
a294ad01b3
nginx module: make recommended settings optional
2016-07-28 11:59:13 +00:00
Robin Gloster
186a8400ed
nginx module: make httpConfig backward compatible
2016-07-28 11:59:13 +00:00
Robin Gloster
5dd7cf964a
nginx module: improve documentation
2016-07-28 11:59:13 +00:00
Franz Pletz
de8008a1b1
nginx module: Enable http2
2016-07-28 11:59:13 +00:00
Franz Pletz
e982aeae6a
nginx module: Add default proxy headers for tomcat
2016-07-28 11:59:13 +00:00
Robin Gloster
3830a890ab
nginx module: add option to make vhost default
2016-07-28 11:59:13 +00:00
Robin Gloster
138945500e
nginx module: implement basic auth
2016-07-28 11:59:13 +00:00
Robin Gloster
ff12ee35b7
nginx module: redirect to same protocol
2016-07-28 11:59:13 +00:00
Robin Gloster
e18f8e8b66
nginx module: turn off basic auth on acme locations
2016-07-28 11:59:13 +00:00
Franz Pletz
4e5c7913e9
nginx module: Add acmeFallbackHost vhost option
2016-07-28 11:59:13 +00:00
Franz Pletz
811f243ce6
nginx module: Add extraConfig for locations
2016-07-28 11:59:13 +00:00
Franz Pletz
d5a097fdb6
nginx module: Don't create acme certs if acme is not enabled
2016-07-28 11:59:13 +00:00
Tristan Helmich
c61157b7e6
nginx module: Add dhParams option
2016-07-28 11:59:13 +00:00
Tristan Helmich
35d76a72ab
nginx module: Add sslCiphers option
2016-07-28 11:59:13 +00:00
Tristan Helmich
8bd1f401bb
nginx module: Add sslProtocols option
2016-07-28 11:59:13 +00:00
Tristan Helmich
900b311a38
nginx module: Fix ACME extraDomains, fix challenge url to not redirect to allow renewals
2016-07-28 11:59:13 +00:00
Tristan Helmich
4676983990
nginx module: Add ACME support for ssl sites
2016-07-28 11:59:13 +00:00
Robin Gloster
f298be9ef4
nginx module: declarative config
2016-07-28 11:58:37 +00:00
Robin Gloster
356c2fe00d
Revert "nginx: Verify that configuration is syntactically correct" ( #17337 )
2016-07-28 13:55:06 +02:00
Bjørn Forsman
c7860cae1a
Revert "phpfpm service: restructured pool configuration"
...
This reverts commit 6b3f5b5a42
because it
introduced a non-backwards compatible change in the phpfpm interface,
without really needing to. The new interface, if needed, can be re-added
alongside the old interface.
Commit 98e419c0e2
("tt-rss service: init at 16.3")
depends on the new interface, so this commit updates the tt-rss service
to work with the old services.phpfpm.poolConfigs interface.
2016-07-27 23:53:58 +02:00
Robin Lambertz
103805dec5
nginx: Verify that configuration is syntactically correct ( #17208 )
2016-07-27 22:24:08 +02:00
Bjørn Forsman
0a2174f195
nixos/lighttpd: move cgit setup to cgit.nix
...
To where it really belongs. Separation of concern.
2016-07-26 15:37:24 +02:00
Rok Garbas
d73c115aa4
Merge pull request #16132 from zohl/tt-rss
...
tt-rss service: init at 16.3
2016-07-21 20:48:18 +02:00
davidak
83bdc8e858
caddy service: add options to change ACME certificate authority ( #16969 )
...
and agree to let's encrypt subscriber agreement
2016-07-21 01:51:09 +02:00
davidak
d2164cfcda
caddy service: fix nix store output path
...
systemd[11376]: caddy.service: Failed at step EXEC spawning /nix/store/ghpcwj6paccc92l1gk7ykb6gf2i2w6fi-go1.6-caddy-0.8.3/bin/caddy: No such file or directory
2016-07-14 22:04:55 +02:00
Eric Sagnes
ff074ec7a4
apache-httpd: add phpPackage option
2016-06-22 21:24:25 +09:00
Frederik Rietdijk
9e2866d5de
Merge pull request #16086 from layus/inginious
...
INGInious: provide a NixOS module
2016-06-21 16:37:29 +02:00
Al Zohali
6b3f5b5a42
phpfpm service: restructured pool configuration
2016-06-20 01:00:03 +03:00
Guillaume Maudoux
0fef9ed3ed
inginious: init NixOS module
2016-06-14 11:09:21 +02:00
zimbatm
a95229a963
Merge pull request #15677 from womfoo/mod_auth_mellon
...
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
Kranium Gikos Mendoza
25fbac5b52
mod_auth_mellon: init at 0.12.0
2016-05-23 02:02:25 +08:00
Vladimír Čunát
73f1f5eb39
imagemagick: split dev output to fix #9604
...
Also fixup references to imagemagick.
2016-05-22 13:41:15 +02:00
Vladimír Čunát
65a9fa8cdc
Merge branch 'master' into staging
2016-05-08 21:24:48 +02:00
Eric Sagnes
a8bc5b67f8
php: add default php.ini
2016-04-29 15:26:20 +09:00
Nikolay Amiantov
ab0a0c004e
makeSearchPathOutputs: refactor to makeSearchPathOutput
2016-04-25 13:24:39 +03:00
Nikolay Amiantov
8b7ebaffeb
replace makeSearchPath tree-wise to take care of possible multiple outputs
2016-04-13 22:09:41 +03:00
Vladimír Čunát
39ebb01d6e
Merge branch 'staging', containing closure-size #7701
2016-04-13 09:25:28 +02:00
joachifm
245f200dd8
Merge pull request #11987 from angus-g/caddy
...
Add Caddy and its NixOS module
2016-04-11 09:20:21 +02:00
Vladimír Čunát
30f14243c3
Merge branch 'master' into closure-size
...
Comparison to master evaluations on Hydra:
- 1255515 for nixos
- 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Eelco Dolstra
133e6e1ea6
httpd.service: Support reload
...
This is useful when ACME has generated a new TLS certificate.
2016-04-07 17:53:46 +02:00
Lluís Batlle i Rossell
e1bcc27f1a
Making trac/ldap handle httpd 2.4.
...
The option authzldapauthoritative had been removed in 2.4
I pushed this into 16.03 instead of master first. My fault.
(cherry picked from commit 516f47efefc44a5465266fe4d72f9136147d2caf)
2016-04-07 11:40:22 +02:00
Angus Gibson
bb6408ba16
caddy service: initial implementation
2016-04-05 23:45:54 +00:00
Vladimír Čunát
ab15a62c68
Merge branch 'master' into closure-size
...
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Nikolay Amiantov
25754a5fc2
uwsgi service: use python.buildEnv, fix PATH
2016-03-27 19:23:01 +03:00
Vladimír Čunát
c801cd1a04
php: fixup build when configured with httpd via nixos
2016-03-11 11:54:53 +01:00
Vladimír Čunát
1952d5d5f7
nixos/foswiki: basic working service definition
...
Activation is as simple as:
services.httpd = {
enable = true;
adminAddr = "nobody@example.com";
extraSubservices = [ {
serviceType = "foswiki";
} ];
};
2016-03-08 16:38:43 +01:00
Vladimír Čunát
09af15654f
Merge master into closure-size
...
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra
f3d94cfc23
Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
...
This reverts commit cad8957eab
. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel
cad8957eab
Add the tool "nixos-typecheck" that can check an option declaration to:
...
- Enforce that an option declaration has a "defaultText" if and only if the
type of the option derives from "package", "packageSet" or "nixpkgsConfig"
and if a "default" attribute is defined.
- Enforce that the value of the "example" attribute is wrapped with "literalExample"
if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".
- Warn if a "defaultText" is defined in an option declaration if the type of
the option does not derive from "package", "packageSet" or "nixpkgsConfig".
- Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
Graham Christensen
7df907b272
moodle: 2.8.5 -> 2.8.10 for CVE-2016-0724 CVE-2016-0725
2016-02-27 17:22:14 -06:00
Domen Kožar
04422bb3ca
Merge pull request #8630 from lihop/nixos/fix-formatting
...
nixos: fix formatting of option examples
2016-02-27 10:08:37 +00:00
Vladimír Čunát
3cf9cd8bc3
Merge #12796 : nixos docs: show references to packages
...
(version 2) A better implementation of #10039 , after #12357 .
This time I did more thorough checking.
See commit messages for details.
2016-02-27 10:48:12 +01:00
Leroy Hopson
25fd9e31a2
phpfpm service: fix formatting of example
2016-02-27 22:25:40 +13:00
zimbatm
09c14170d8
Merge pull request #13125 from abbradar/uwsgi
...
Refactor uWSGI
2016-02-23 22:32:54 +00:00
zimbatm
a7715e3e06
Merge pull request #10231 from zimbatm/apache-intermediate-ssl
...
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Nikolay Amiantov
b6c49abba0
uwsgi service: update documentation
2016-02-19 18:09:27 +03:00
Nikolay Amiantov
e48c991131
uwsgi service: refactor, throw more errors and drop simultaneous Python 2/3 in path
2016-02-19 18:09:26 +03:00
aszlig
7bdcfb33f4
nixos: Provide a defaultText for type = package
...
We don't want to build all those things along with the manual, so that's
what the defaultText attribute is for.
Unfortunately a few of them were missing, so let's add them.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-17 21:12:24 +01:00
Vladimír Čunát
d039c87984
Merge branch 'master' into closure-size
2016-02-14 08:33:51 +01:00
Eelco Dolstra
86c2a0f783
mediawiki: 1.23.9 -> 1.23.13
2016-02-11 11:24:44 +01:00
Vladimír Čunát
4fede53c09
nixos manuals: bring back package references
...
This reverts most of 89e983786a
, as those references are sanitized now.
Fixes #10039 , at least most of it.
The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-02-03 14:47:14 +01:00
Vladimír Čunát
889351af8b
Revert "Merge #12357 : nixos docs: show references to packages"
...
The PR wasn't good enough yet.
This reverts commit b2a37ceeea
, reversing
changes made to 7fa9a1abce
.
2016-02-03 12:16:33 +01:00
Vladimír Čunát
b2a37ceeea
Merge #12357 : nixos docs: show references to packages
2016-02-03 10:07:27 +01:00
Tuomas Tynkkynen
13b3f3f246
treewide: Mass replace 'openssl}/bin' to refer the 'bin' output
2016-02-01 20:46:16 +02:00
Vladimír Čunát
716aac2519
Merge branch 'staging' into closure-size
2016-01-19 09:55:31 +01:00
Thomas Strobel
a04a7272aa
Add missing 'type', 'defaultText' and 'literalExample' in module definitions
...
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Vladimír Čunát
3bcf8ae879
nixos manuals: bring back package references
...
This reverts most of 89e983786a
, as those references are sanitized now.
Fixes #10039 , at least most of it.
The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Sander van der Burg
b1d6e6a38b
Fix running apache tomcat as a daemon
2016-01-12 14:32:22 +00:00
Robin Gloster
88292fdf09
jobs -> systemd.services
2016-01-07 06:39:06 +00:00
Luca Bruno
5b0352a6a4
Merge branch 'master' into closure-size
2015-12-11 18:31:00 +01:00
Augustin Borsu
c17a60b636
owncloud httpd-service: add package option
...
Owncloud package used can now be set in configuration.nix using
package option.
2015-12-02 20:37:41 +01:00
Augustin Borsu
9d5bf282c7
owncloud httpd-service: fix trusted_domain when unset
...
When an empty string was given as trusted_domain, the trusted
domain was set to be empty string instead of not beeing set.
2015-12-02 20:37:33 +01:00
Augustin Borsu
16fd6c1cf0
owncloud: 7.0.5 -> 7.0.10 +
...
Commit changes default version to 7.0.10, 7.0.5 version is kept for
people reluctant to update. Needed info has also been added for
versions 8.0, 8.1 and 8.2 only the latest minor version of each
major version is included.
2015-12-02 20:36:40 +01:00
Augustin Borsu
e08ffc472c
owncloud httpd-service: add urlPrefix option
...
This option allows user to specify a url prefix for owncloud.
By default it is set to "" and the document root will be set
to owncloud's dir.
If a prefix is set, e.g. urlPrefix = "/owncloud"
an alias will be created using that prefix to point to owncloud's
dir and owncloud will be available at http://localhost/owncloud
2015-12-02 20:36:26 +01:00
Aristid Breitkreuz
0b9c4af74a
Merge pull request #11342 from basvandijk/wordpress-4.3.1
...
wordpress: 4.3 -> 4.3.1
2015-11-29 20:51:57 +01:00
Luca Bruno
920b1d3591
Merge branch 'master' into closure-size
2015-11-29 16:50:26 +01:00
Bas van Dijk
af500630e8
wordpress: use the correct mysql pidDir
2015-11-29 15:46:43 +01:00
Bas van Dijk
f48f916fd1
wordpress: 4.3 -> 4.3.1
2015-11-29 12:50:00 +01:00
Luca Bruno
a412927924
Merge remote-tracking branch 'origin/master' into closure-size
2015-11-25 21:37:30 +01:00
Vladimír Čunát
333d69a5f0
Merge staging into closure-size
...
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Domen Kožar
b76519069d
Merge pull request #9733 from basvandijk/wordpress-fix-extraConfig
...
wordpress: execute the extraConfig before loading wp-settings.php
2015-11-16 13:16:10 +01:00
Guillaume Maudoux
60ba5ad479
lighttpd: fix mod_rewrite appearing twice
2015-11-14 15:52:25 +01:00
Tuomas Tynkkynen
58dfef2792
treewide: Fix references to apacheHttpd_2_*
2015-10-28 10:23:03 +01:00
Vladimír Čunát
c5579c9184
subversion: fixup some referrers after splitting
2015-10-28 10:22:59 +01:00
zimbatm
f5f039eeb4
apache-httpd: harden default SSL cipher list
...
A couple of tweaks on the SSL cipher list.
Disabled RC4 which is now considered broken.
https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what
Enabled Forward Secrecy for modern browsers.
https://en.wikipedia.org/wiki/Forward_secrecy
Without the change, NixOS servers are capped at Grade B on
https://www.ssllabs.com/ssltest/index.html
2015-10-05 17:19:53 +01:00
Eelco Dolstra
89e983786a
Manual: Remove store path references
2015-09-24 11:50:58 +02:00
Bas van Dijk
5cf5e7ff4c
wordpress: allow extending Wordpress's .htaccess file
2015-09-10 13:21:38 +02:00
Bas van Dijk
a9332583eb
wordpress: Execute the extraConfig before loading wp-settings.php
...
This is needed so that settings defined in extraConfig actually get handled.
2015-09-09 01:12:10 +02:00
Bas van Dijk
88d9fd93c6
wordpress: 4.2.2 -> 4.3
2015-09-08 10:36:44 +02:00
Domen Kožar
ba5919ef3b
nginx: include mimetypes mapping
...
(cherry picked from commit b01eebf021388d92a8aaba9339dcc1fa2270294d)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-09-07 14:43:19 +02:00
Domen Kožar
71e67797d6
Revert "reverse_proxy module: helper to run nginx as reverse proxy"
...
This reverts commit e6f0cd336d
.
These modifications are too specific to use cases and shouldn't be part of
nginx module.
2015-09-07 14:18:31 +02:00
ts468
12d3de1caa
Merge pull request #9103 from ts468/upstream.nginx
...
reverse_proxy module: helper to run nginx as reverse proxy
2015-08-30 18:32:07 +02:00
Eelco Dolstra
9d82f7e53e
Revert "Apache service module: allow compression"
...
This reverts commit 164f6ff2a8
per
https://github.com/NixOS/nixpkgs/pull/9407#issuecomment-134523359
(it's too site-specific). Furthermore this should be an option at the
virtual host level.
2015-08-28 12:41:06 +02:00
Thomas Strobel
e6f0cd336d
reverse_proxy module: helper to run nginx as reverse proxy
2015-08-28 09:33:08 +02:00
Wout Mertens
164f6ff2a8
Apache service module: allow compression
2015-08-23 15:13:52 +02:00
Luca Bruno
883517f37c
phpfpm: use latest php
2015-07-17 18:09:50 +02:00
Eelco Dolstra
9fa19cfcea
apache-httpd: Don't set default content encodings
...
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.
If people want such encodings, they should set them in their own NixOS
configuration.
2015-07-07 12:12:49 +02:00
Leroy Hopson
1eb50ebbf2
shellinabox service: intial implementation
2015-07-04 21:18:13 +12:00
Joachim Schiele
11cd596aea
wordpress: language downloads are now reproducible
2015-07-03 13:06:44 +02:00
Joachim Schiele
011993c86a
wordpress: usability updates
2015-06-25 16:21:14 +02:00
Russell O'Connor
46f06ccde7
uwsgi-service: Add user/group for uwsgi service.
...
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
Eelco Dolstra
19ffa212af
types.uniq types.int -> types.int
...
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
Eelco Dolstra
c738b309ee
types.uniq types.bool -> types.bool
2015-06-15 18:10:26 +02:00
Arseniy Seroka
8150cf11b0
Merge pull request #7605 from ip1981/wiki
...
Mediawiki updates
2015-04-28 19:00:27 +03:00
Jaka Hudoklin
7b878a7ca9
Merge pull request #7555 from offlinehacker/nixos/nginx/reload
...
nixos/nginx: enable service/config reload
2015-04-28 14:12:21 +02:00
Igor Pashev
4855b0b3fb
Mediawiki 1.23.9
2015-04-28 08:05:16 +00:00
Igor Pashev
bca76e46f0
Apache servedFiles: fixed a typo in example
2015-04-28 08:05:15 +00:00
Igor Pashev
8388bd3280
wiki: do not rewrite served files
2015-04-28 08:05:08 +00:00
Eelco Dolstra
534b84a9ac
Don't require sslServerChain to be set
2015-04-27 18:24:16 +02:00
Jaka Hudoklin
494d1820e3
nixos/nginx: enable service/config reload
2015-04-25 15:17:06 +02:00
Eelco Dolstra
574173f0e6
Merge pull request #7027 from ecraven/apache-sslchain
...
apache-httpd: adding support for sslServerChain
2015-04-13 16:48:20 +02:00
Peter Feigl
3837ef82ad
fixing documentation
2015-04-13 15:42:01 +02:00
Peter Feigl
e5b3918f85
apache-httpd: adding support for sslServerChain
2015-04-13 15:41:10 +02:00
Peter Feigl
69b18fc4b6
fixing indentation
2015-04-13 13:46:42 +02:00
Peter Feigl
44ea83b986
changed config to only include the minimum necessary
2015-04-13 13:10:04 +02:00
Peter Feigl
49eb77b26c
apache-httpd: adding subservice moodle
2015-04-13 13:06:39 +02:00
Joachim Schiele
85c454ab1d
Merge pull request #6785 from qknight/wordpress
...
zef hemel's wordpress.nix adapted to extraSubservices
2015-04-13 10:27:55 +02:00
Luca Bruno
cb45b7ec3e
Revert "nixos: Multiple service instances, apply to nginx. See #6784 "
...
This reverts commit 7ef59c4fe2
.
Wrong push! Sorry!
2015-03-18 14:09:24 +00:00
Luca Bruno
7ef59c4fe2
nixos: Multiple service instances, apply to nginx. See #6784
2015-03-18 14:07:29 +00:00
Philip Potter
7ad6dac43b
owncloud: don't store plaintext adminPassword in nix store
...
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
Joachim Schiele
d74ea7d34f
zef hemels' wordpress.nix adapted to extraSubservices
2015-03-13 14:19:48 +01:00
lethalman
f72d1abb79
Merge pull request #5846 from arno01/nginx
...
nginx service improvements
2015-03-13 11:41:27 +01:00
lethalman
70527b87a1
Merge pull request #6440 from k0ral/fcgiwrap
...
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
Eelco Dolstra
8cb3e3b864
httpd: Disable insecure protocols/ciphers by default
...
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
koral
d9078d03a3
Updated fcgiwrap's systemd unit to match upstream version.
2015-02-18 21:19:12 +00:00
Jaka Hudoklin
41ae4d1af9
add limesurvey package and nixos module
2015-02-07 23:18:51 +01:00
Nikolay Amiantov
51681449da
uwsgi: add nixos module
2015-02-02 22:23:42 +03:00
Matej Cotman
3ed3977166
owncloud: make .htaccess available
2015-01-21 22:49:22 +01:00
Matej Cotman
7494bd389e
apache-httpd: add owncloud
2015-01-21 22:49:22 +01:00
Matej Cotman
6630e3e4fe
apache-httpd: add restartSec option
2015-01-21 22:49:22 +01:00
Andrey Arapov
b1b9efdbe1
nginx service improvements
...
Adding Restart, RestartSec, StartLimitInterval to ensure that the service
is started in case if it can't assign (bind) the address as often it takes longer
for the network (e.g. dhcpcd) to get the IP assigned.
2015-01-19 10:46:45 +01:00
William A. Kennington III
dd7efcbf36
java: More default cleanups
2015-01-07 14:55:41 -08:00
Tobias Geerinckx-Rice
c64257b8e5
Fix user-facing typos (mainly in descriptions)
2014-12-30 03:31:03 +01:00
Eelco Dolstra
cfe26e4438
Fix using Apache httpd 2.2
2014-12-15 13:13:17 +01:00
Nikolay Amiantov
d0773dae54
nixos/nginx: add more types
2014-12-10 04:45:10 +03:00
Igor Pashev
1dd53cc990
Mediawiki: updated for Apache 2.4
2014-11-26 16:51:30 +01:00
Longrin Wischnewski
490232bd2e
apache-httpd: add mod_access_compat for compatibility with old httpd-22 configurations
2014-11-12 13:18:02 +01:00
Rickard Nilsson
2b3c3d0e32
Fixes to Apache 2.4 configuration
2014-11-06 21:58:40 +01:00
Eelco Dolstra
b3eb981a95
apache-httpd: Make 2.4 the default
...
The NixOS 14.11 release is a good time to finally make 2.4 the
default.
2014-11-06 14:55:44 +01:00
Bjørn Forsman
fca51849ec
nixos/lighttpd: add services.lighttpd.enableModules option
...
This option makes the coupling between lighttpd and its sub-services
more "loose".
While the option is a list, its purpose is to provide a "set" of needed
modules to load for lighttpd to function correctly with its config. The
NixOS lighttpd module ensures that lighttpd modules are loaded no more
than once (because lighttpd dislikes that), and in the correct order.
Also add an assertion that all modules listed in .enableModules are
valid.
2014-10-05 19:15:19 +02:00
Eelco Dolstra
0de982d75b
httpd: Add option for specifying robots.txt
2014-09-18 19:05:26 +02:00
Eelco Dolstra
837a0c05e5
httpd: Don't emit robots.txt if there are no robots entries
2014-09-18 18:48:28 +02:00
Bjørn Forsman
a44de69d06
nixos/tomcat: make package version configurable
2014-09-11 22:32:16 +02:00
Igor Pashev
5c6e4e7433
Updated Mediawiki to 1.23.3
...
Removed mediawiki-postgresql-fixes.patch (fixed upstream)
2014-09-07 17:50:51 +02:00
Strahinja Popovic
fe3f7716f0
Enabled access to binaries of needed tools, and worker daemons can be enabled for phabricator #3306
2014-09-03 15:46:59 +04:00
Michael Raskin
3ad91106f1
Merge pull request #3704 from sfultong/upstream-master
...
tomcat: update to upstream master
2014-09-02 02:09:18 +04:00
Igor Pashev
019bc6bb2b
Made Mediawiki rewrite rules work for virtual hosts
...
Related to cdd1785cd6
2014-08-29 13:56:23 +02:00
aszlig
8a56a55bb4
nixos/manual: Use literalExample when feasible.
...
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.
Thanks to @devhell for reporting.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 23:41:15 +02:00
Igor Pashev
cdd1785cd6
Fixed rewrite rules for Mediawiki
...
If Mediawiki was served from the root directory of the server
it was impossible to serve other directories.
Make sure that URLs defined in servedDirs are not rewritten.
Use case: serving local copy of MathJax
2014-08-25 11:55:57 +02:00
Michael Raskin
c0da615c02
Merge pull request #3230 from robberer/module/httpd
...
httpd: disable logging when logFormat = "none"
2014-08-23 11:37:48 +04:00
sfultong
c54a8ed1d0
Merge pull request #1 from sfultongv/sfultong-14.04
...
updating tomcat to version 7
2014-08-20 23:08:39 -04:00
Harald van Dijk
67a5ec4efb
nixos/lighttpd: fix modules for gitweb
...
Setting "services.lighttpd.gitweb.enable" to true doesn't enable the
required lighttpd modules to actually make it work. The problem is that
"or" and "||" don't mean the same thing: "or" falls back to the second
operand if the first is not defined, whereas "||" is the normal logical
operator. When cfg.cgit.enable is defined, as false, the expressions
don't have the desired effect.
[Bjørn: modify commit message]
2014-08-12 21:16:01 +02:00
Peter Simons
2d326e5032
Merge remote-tracking branch 'origin/master' into staging.
...
Conflicts:
pkgs/desktops/e18/enlightenment.nix
2014-08-04 16:51:47 +02:00
Chris Farmiloe
34890e7c2a
nixos: Add enablePHP convinence option to services.httpd module to mimic subservices option
...
Fixes #2699
2014-08-03 21:11:45 +02:00
aszlig
9d3fbcd054
tomcat: Fix evaluation after e27dcff
.
...
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-03 16:09:45 +02:00