alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
218089 commits 217 branches 121 tags 4.5 GiB
Commit graph

569 commits

Author SHA1 Message Date
Jörg Thalheim 391b7b31d8
Merge pull request #81891 from emilazy/nginx-use-mozilla-tls-config 
nixos/nginx: use Mozilla Intermediate TLS configuration
 2020-03-06 14:30:28 +00:00
Emily 4ed98d69ed nixos/nginx: use Mozilla Intermediate TLS configuration 
The configuration at https://ssl-config.mozilla.org/#server=nginx&config=intermediate
is reliably kept up-to-date in terms of security and compatible with a
wide range of clients. They've probably had more care and thought put
into them than our defaults, and will be easier to keep updated in
the future.

The only removed (rather than changed) configuration option here is
ssl_ecdh_curve, per https://github.com/mozilla/server-side-tls/issues/189.

Resolves #80952.
 2020-03-06 13:08:56 +00:00
Alexander Bakker 7bbf7fa693 uwsgi: use pyhome instead of pythonpath for uwsgi vassals 2020-03-04 20:20:32 +01:00
Florian Klink 7564f4faf3
Merge pull request #78360 from serokell/mkaito/caddy-restart 
nixos/caddy: resync with upstream unit file
 2020-02-13 23:26:11 +01:00
Aaron Andersen 5b5856f6fb nixos/httpd: add http2 option 2020-02-01 19:08:02 -05:00
Aaron Andersen 0224720562 nixos/httpd: provision log directory with tmpfiles instead of mkdir 2020-01-31 20:39:25 -05:00
Aaron Andersen 01ccb67598 nixos/httpd: code cleanup 2020-01-31 20:39:12 -05:00
Aaron Andersen ae9980040f nixos/httpd: add services.httpd.virtualHosts.<name>.locations option to match nginx 2020-01-23 21:03:15 -05:00
Izorkin f2c9bcf009 nixos/unit: fix attrs 2020-01-23 20:40:49 +03:00
Yorick van Pelt 34b0167c56
nixos/caddy: resync with upstream unit file 2020-01-23 14:08:37 +01:00
Jörg Thalheim 71c19d3efa
Merge pull request #76537 from Izorkin/unit 
unit: 1.13.0 -> 1.14.0
 2020-01-21 11:39:41 +00:00
Aaron Andersen fc1bee555e
Merge pull request #75602 from vanyaklimenko/nginx-gitweb-more-options 
nixos/nginx/gitweb: add some (crucial) options
 2020-01-15 21:16:24 -05:00
Aaron Andersen 7260d2eb13
Merge pull request #77326 from aanderse/apacheHttpd 
nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command
 2020-01-15 21:02:05 -05:00
Vanya Klimenko ed52a6567c nixos/nginx/gitweb: add some (crucial) options 
This replaces some hardcoded values in nginx's VirtualHosts's
configuration with customizable options. Previous values are kept as
default, so nothing should break for existing users.

Co-Authored-By: Florian Klink <flokli@flokli.de>
 2020-01-14 00:11:10 +00:00
Léo Gaspard b31660e5bb
Merge branch 'master' into ihatemoney 2020-01-09 03:49:03 +01:00
Aaron Andersen 336a6f471f nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command 2020-01-08 10:37:46 -05:00
rnhmjoj 1d61efb7f1 treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
Danylo Hlynskyi cef68c4580
nixos/nginx: don't hide nginx config errors on nixos-rebuild --switch with reload enabled (#76179) 
nixos/nginx: don't hide nginx config errors on nixos-rebuild --switch
with reload enabled

Closes https://github.com/NixOS/nixpkgs/issues/73455
 2020-01-05 00:39:23 +02:00
Aaron Andersen 6777926911 nixos/httpd: update default ssl protocols 2019-12-30 11:24:11 -05:00
Izorkin 192df19a7c nixos/unit: fix typo 2019-12-28 22:12:45 +03:00
Aaron Andersen 4d2dd15546
Merge pull request #73113 from aanderse/httpd-vhost 
nixos/httpd: support overridable virtual hosts
 2019-12-26 08:09:08 -05:00
danbst 50d6e93dc8 nixos/nginx: fixup permissions for Nginx state dir 
The commit b0bbacb521 was a bit too fast
It did set executable bit for log files.

Also, it didn't account for other directories in state dir:
```
 # ls -la /var/spool/nginx/
total 32
drwxr-x--- 8 nginx nginx 4096 Dec 26 12:00 .
drwxr-xr-x 4 root  root  4096 Oct 10 20:24 ..
drwx------ 2 root  root  4096 Oct 10 20:24 client_body_temp
drwx------ 2 root  root  4096 Oct 10 20:24 fastcgi_temp
drwxr-x--- 2 nginx nginx 4096 Dec 26 12:00 logs
drwx------ 2 root  root  4096 Oct 10 20:24 proxy_temp
drwx------ 2 root  root  4096 Oct 10 20:24 scgi_temp
drwx------ 2 root  root  4096 Oct 10 20:24 uwsgi_temp
```

With proposed change, only ownership is changed for state files, and mode is left as is
except that statedir/logs is now group accessible.
 2019-12-26 14:16:29 +02:00
Yurii Izorkin b0bbacb521 nixos/nginx: recursively change logs directory owner/group (#76174) 
This change brings pre-existing installations (where the logfiles
are owned by root) in line with the new permssions (where logfiles
are owned by the nginx user)
 2019-12-26 13:51:10 +02:00
Aaron Andersen 79215f0df1 nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration 2019-12-24 20:27:48 -05:00
Florian Klink 0a41dae98b
Merge pull request #56255 from Izorkin/nginx-temp1 
nginx: do not run anything as root
 2019-12-20 23:34:55 +01:00
brprice 5b210859f6 nixos/nginx: drop extra semicolon in return example (#76055) 2019-12-19 21:59:01 +02:00
Izorkin 2a413da57e nixos/nginx: do not run anything as root 2019-12-15 11:21:08 +03:00
Izorkin e1e0059667 nixos/unit: update preStart script 2019-12-12 17:59:10 +03:00
Izorkin 7443d9dfd4 nixos/unit: enable sanboxing 2019-12-12 17:59:10 +03:00
Silvan Mosberger 4ee3e8b21d
nixos/treewide: Move rename.nix imports to their respective modules 
A centralized list for these renames is not good because:
- It breaks disabledModules for modules that have a rename defined
- Adding/removing renames for a module means having to find them in the
central file
- Merge conflicts due to multiple people editing the central file
 2019-12-10 02:51:19 +01:00
Vanya Klimenko 125205cd60
nixos/apache-httpd: fix typo in extraConfig description 2019-12-06 21:47:15 +03:00
paumr 5a1c15da12 improved nginx.basicAuthFile description 2019-12-03 14:05:46 +01:00
Florian Klink 4321a88f44 nixos/phpfpm: enable PrivateTmp=true 
This seems to be mostly a pre - #57677 relict. As postgresql sockets now
are not in /tmp anymore, isolate /tmp.
 2019-11-21 23:31:19 +01:00
Renaud bf6217cbf1
nixos/nginx: correct header 
Apache -> Nginx
 2019-11-18 23:25:17 +01:00
Lassulus 14961b1034
Merge pull request #72719 from bhipple/doc/comment-fix 
nixos/nginx: update comment
 2019-11-18 23:02:46 +01:00
Silvan Mosberger b4b2253459
nixos/ttyd: init (#68604) 
nixos/ttyd: init
 2019-11-14 01:37:18 +01:00
Aleksandar Topuzović 6b3cc03b45
nixos/ttyd: init 2019-11-13 23:18:47 +00:00
Franz Pletz 60f2e4f831
nixos/varnish: fix default package name 2019-11-13 16:39:45 +01:00
Aaron Andersen d68d23bb26
Merge pull request #72767 from Izorkin/phpfpm-fix 
nixos/phpfpm: fix apply global phpOptions
 2019-11-11 07:45:28 -05:00
Red Davies 62e421fbb2 nixos/httpd: module fixes enableUserDir (attendum to #72789) 2019-11-09 00:53:56 +00:00
Aaron Andersen dec234f986
Merge pull request #72789 from aanderse/httpd-again 
nixos/httpd: module cleanup
 2019-11-06 16:04:38 -05:00
Izorkin 9a27acedda nixos/phpfpm: fix apply global phpOptions 2019-11-05 23:22:30 +03:00
Aaron Andersen 5c3715379d nixos/httpd: allow user to specify a minimal list of apache modules 2019-11-04 11:21:20 -05:00
Aaron Andersen 9c28599bfe nixos/httpd: drop stateDir option, hardcode to /run/httpd 2019-11-04 07:32:28 -05:00
Benjamin Hipple 3d73b6db85 nixos/nginx: update comment 
It says Apache, but this is for Nginx; looks like a copy-paste error.
 2019-11-03 10:22:56 -05:00
Symphorien Gibol 32d2266d0d ihatemoney: init at 4.1 plus module and test 2019-11-02 12:00:00 +00:00
Silvan Mosberger dd0a47e7ae
treewide: Switch to system users (#71055) 
treewide: Switch to system users
 2019-11-01 13:26:43 +01:00
Aaron Andersen 9a91679b7a nixos/httpd: remove deprecated extraSubservices option 2019-10-20 20:16:45 -04:00
Janne Heß d6c08776ba treewide: Switch to system users 2019-10-12 22:25:28 +02:00
Robin Gloster 8e1fdad7c6
Merge pull request #70858 from manveru/nginx-map-hash-sizes 
nginx: add map_hash_*_size options
 2019-10-09 17:32:40 +02:00