alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
77259 commits 217 branches 121 tags 4.5 GiB
Commit graph

45 commits

Author SHA1 Message Date
zimbatm a7715e3e06 Merge pull request #10231 from zimbatm/apache-intermediate-ssl 
apache-httpd: adopt mozilla's SSL configuration recommendation
 2016-02-20 19:14:51 +00:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions 
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
 2016-01-17 19:41:23 +01:00
zimbatm f5f039eeb4 apache-httpd: harden default SSL cipher list 
A couple of tweaks on the SSL cipher list.

Disabled RC4 which is now considered broken.
https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what

Enabled Forward Secrecy for modern browsers.
https://en.wikipedia.org/wiki/Forward_secrecy

Without the change, NixOS servers are capped at Grade B on
https://www.ssllabs.com/ssltest/index.html
 2015-10-05 17:19:53 +01:00
Eelco Dolstra 9d82f7e53e Revert "Apache service module: allow compression" 
This reverts commit 164f6ff2a8 per
https://github.com/NixOS/nixpkgs/pull/9407#issuecomment-134523359
(it's too site-specific). Furthermore this should be an option at the
virtual host level.
 2015-08-28 12:41:06 +02:00
Wout Mertens 164f6ff2a8 Apache service module: allow compression 2015-08-23 15:13:52 +02:00
Eelco Dolstra 9fa19cfcea apache-httpd: Don't set default content encodings 
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.

If people want such encodings, they should set them in their own NixOS
configuration.
 2015-07-07 12:12:49 +02:00
Peter Feigl e5b3918f85 apache-httpd: adding support for sslServerChain 2015-04-13 15:41:10 +02:00
Eelco Dolstra 8cb3e3b864 httpd: Disable insecure protocols/ciphers by default 
This makes us resistant to FREAK and similar attacks.
 2015-03-09 14:18:12 +01:00
Matej Cotman 6630e3e4fe apache-httpd: add restartSec option 2015-01-21 22:49:22 +01:00
Eelco Dolstra cfe26e4438 Fix using Apache httpd 2.2 2014-12-15 13:13:17 +01:00
Longrin Wischnewski 490232bd2e apache-httpd: add mod_access_compat for compatibility with old httpd-22 configurations 2014-11-12 13:18:02 +01:00
Rickard Nilsson 2b3c3d0e32 Fixes to Apache 2.4 configuration 2014-11-06 21:58:40 +01:00
Eelco Dolstra b3eb981a95 apache-httpd: Make 2.4 the default 
The NixOS 14.11 release is a good time to finally make 2.4 the
default.
 2014-11-06 14:55:44 +01:00
Eelco Dolstra 0de982d75b httpd: Add option for specifying robots.txt 2014-09-18 19:05:26 +02:00
Eelco Dolstra 837a0c05e5 httpd: Don't emit robots.txt if there are no robots entries 2014-09-18 18:48:28 +02:00
aszlig 8a56a55bb4
nixos/manual: Use literalExample when feasible. 
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.

Thanks to @devhell for reporting.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-08-27 23:41:15 +02:00
Michael Raskin c0da615c02 Merge pull request #3230 from robberer/module/httpd 
httpd: disable logging when logFormat = "none"
 2014-08-23 11:37:48 +04:00
Peter Simons 2d326e5032 Merge remote-tracking branch 'origin/master' into staging. 
Conflicts:
	pkgs/desktops/e18/enlightenment.nix
 2014-08-04 16:51:47 +02:00
Chris Farmiloe 34890e7c2a nixos: Add enablePHP convinence option to services.httpd module to mimic subservices option 
Fixes #2699
 2014-08-03 21:11:45 +02:00
System administrator cab929c6c2 httpd: disable logging when logFormat = "none" 2014-07-10 14:32:08 +02:00
Eelco Dolstra 06fc1ec34d Merge remote-tracking branch 'origin/master' into staging 
Conflicts:
	pkgs/servers/serfdom/default.nix
 2014-07-01 11:25:41 +02:00
Eelco Dolstra 40f7b0f9df Another attempt to eradicate ensureDir 
See c556a6ea46.
 2014-06-30 14:56:10 +02:00
Kirill Elagin f81434bdfe Fix trying to add users to non-existent groups 2014-06-11 13:36:15 +04:00
Kirill Elagin 1208dd4df0 Fix configuring apache with extra user/group 
This fix is consistent with all the other modules.
 2014-06-11 13:17:42 +04:00
Kirill Elagin 80721cdd41 Revert "Fix configuring httpd with custom user/group." 
This reverts commit 08f9da2e8e.
 2014-06-11 13:17:00 +04:00
Rob Vermaas 08f9da2e8e Fix configuring httpd with custom user/group. 2014-06-11 10:18:37 +02:00
Eelco Dolstra 4fb50f071f Manual: Typo fixes 2014-04-19 22:59:25 +02:00
Eelco Dolstra 29027fd1e1 Rewrite ‘with pkgs.lib’ -> ‘with lib’ 
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
 2014-04-14 16:26:48 +02:00
Eelco Dolstra 28b7d67d08 httpd: Don't require keys.target 
This has the unintended side-effect of restarting httpd every time we
run switch-to-configuration, even if httpd hasn't changed (because
we're doing a "stop keys.target" now).  So use a "Wants" dependency
instead.
 2014-03-17 15:01:10 +01:00
Domen Kožar 97a0dd9eb9 nixos: set all package options to have type package 2014-02-27 13:22:29 +01:00
Shea Levy 0d4a9e3aa6 Allow httpd subservices to set the document root 
Only the main service OR one of the subservices can set the document
root. This is used by mediawiki when it is hosted at the root of the
vhost.
 2014-02-25 07:44:45 -05:00
Rob Vermaas 9b1bd84940 httpd: Respect original order of environment eval. 2014-01-31 21:18:24 +01:00
Rob Vermaas bfa56d7657 httpd: Only add PHPRC to environment of httpd when enablePHP is true. 2014-01-31 21:14:05 +01:00
Rob Vermaas 4ccd60af00 Merge pull request #1178 from chexxor/fix-httpd-ssh 
HTTPD: Check for SSL Cert value before building with SSL support.
 2014-01-27 12:34:42 -08:00
Eelco Dolstra 886b9e27a6 httpd.nix: Support non-root operation 2013-11-18 18:04:17 +01:00
Eelco Dolstra 785eaf2cea Add some primops to lib 2013-11-12 13:48:30 +01:00
Alex Berg da654ed9a0 Check empty stringfor globalRedirect. It breaks RedirectPermanent. 2013-11-11 15:18:46 +08:00
Alex Berg df5f491893 Add HTTPD SSH assertion to check null cert/key. 2013-11-11 12:08:36 +08:00
Alex Berg 0427e7fbf2 Check for SSL Cert value before building with SSL support. 2013-11-06 11:20:14 +08:00
Eelco Dolstra be5d3a59dd Clean up some option examples 2013-10-30 18:47:43 +01:00
Eelco Dolstra 985f1f2d8a Give types to the Apache httpd options 2013-10-29 14:03:39 +01:00
Eelco Dolstra 738a6c173a Don't copy Nix expressions to the store while processing Apache subservices 2013-10-29 01:20:33 +01:00
Eelco Dolstra c9dad37f01 Remove obsolete function addDefaultOptionValues 2013-10-28 22:45:58 +01:00
Eelco Dolstra f8a9eb9f00 Implement services.httpd.virtualHosts using the module system 2013-10-28 22:45:58 +01:00
Eelco Dolstra 5c1f8cbc70 Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
Renamed from modules/services/web-servers/apache-httpd/default.nix (Browse further)