alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

lighttpd: generate a default config file

Browse source 
Instead of forcing users to configure lighttpd manually, make it an
option. The current services.lighttpd.configText option can still be
used for manual configuration, but if it is left blank (default) we'll
use the new generated config file.

The generated config file ensures that the server drops root priveleges
and runs as the "lighttpd" user. It pulls in some new config params that
can be set in configuration.nix (here with default values):

  services.lighttpd.document-root = "/srv/www"
  services.lighttpd.port = 80
  services.lighttpd.extraConfig = ""  # appended to the generated file

And it enables access and error logging to the systemd journal.

Patch contributed by Bjørn Forsman.
This commit is contained in:
Evgeny Egorochkin 2013-05-06 13:14:01 +03:00
parent 39ba755873
commit 5e32c9c8eb
1 changed files with 61 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
modules/services/web-servers/lighttpd/default.nix
View file

@ -7,9 +7,37 @@ with pkgs.lib;
let
cfg = config.services.lighttpd;
configFile = pkgs.writeText "lighttpd.conf" ''
${cfg.configText}
'';
configFile = if cfg.configText != "" then
pkgs.writeText "lighttpd.conf" ''
${cfg.configText}
''
else
pkgs.writeText "lighttpd.conf" ''
server.document-root = "${cfg.document-root}"
server.port = ${toString cfg.port}
server.username = "lighttpd"
server.groupname = "lighttpd"
# Logging (logs end up in systemd journal)
server.modules += ("mod_accesslog")
accesslog.use-syslog = "enable"
server.errorlog-use-syslog = "enable"
mimetype.assign = (
".html" => "text/html",
".htm" => "text/html",
".txt" => "text/plain",
".jpg" => "image/jpeg",
".png" => "image/png",
".css" => "text/css"
)
static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" )
index-file.names = ( "index.html" )
${cfg.extraConfig}
'';
in
@ -23,37 +51,43 @@ in
default = false;
type = types.uniq types.bool;
description = ''
Enable the lighttpd web server. You must configure it with
services.lighttpd.configText.
Enable the lighttpd web server.
'';
};
port = mkOption {
default = 80;
type = types.uniq types.int;
description = ''
TCP port number for lighttpd to bind to.
'';
};
document-root = mkOption {
default = "/srv/www";
type = types.uniq types.string;
description = ''
Document-root of the web server. Must be readable by the "lighttpd" user.
'';
};
configText = mkOption {
default = "";
type = types.string;
example = ''
server.document-root = "/srv/www/"
server.port = 80
server.username = "lighttpd"
server.groupname = "lighttpd"
mimetype.assign = (
".html" => "text/html",
".txt" => "text/plain",
".jpg" => "image/jpeg",
".png" => "image/png"
)
static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" )
index-file.names = ( "index.html" )
'';
example = ''...verbatim config file contents...'';
description = ''
Contents of lighttpd configuration file. The user and group
"lighttpd" is available for privilege separation. See configuration
tutorial at
http://redmine.lighttpd.net/projects/lighttpd/wiki/TutorialConfiguration
or full documentation at
http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs
Overridable config file contents to use for lighttpd. By default, use
the contents automatically generated by NixOS.
'';
};
extraConfig = mkOption {
default = "";
type = types.string;
description = ''
These configuration lines will be appended to the generated lighttpd
config file. Note that this mechanism does not work when the manual
<option>configText</option> option is used.
'';
};