Francesco Gazzetta
356eeb0d4f
nixos/mighttpd2: init
2018-01-16 21:04:09 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
...
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:
https://letsencrypt.org/docs/rate-limits/
Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Andreas Rammhold
637d5dd00c
tomcat9: 9.0.0.M17 -> 9.0.2
...
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
Christoph Hrdinka
d890212ac8
nginx module: only turn on HTTP2 when SSL is enabled
...
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
Niklas Hambüchen
afa97cb981
nginx service: Make http2 an option.
...
HTTP 2 can break some things, for example due to this Chrome bug:
https://bugs.chromium.org/p/chromium/issues/detail?id=796199
So the service hardcoding it to be enabled is not helpful.
This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Bjørn Forsman
b53407461a
nixos/lighttpd: update allKnownModules list
...
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
volth
bfee336614
nixos/varnish: it does not matter where to check syntax, only when
2017-12-09 08:29:44 +00:00
Tuomas Tynkkynen
cb008da167
owncloud: Don't build during evaluation
...
Issue #29774
2017-11-27 12:08:57 +02:00
volth
25b178c745
nixos/varnish: check .vcl syntax at compile time (e.g. before nixops deployment)
2017-11-26 08:13:09 +00:00
Joachim F
822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
...
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Graham Christensen
2bbdd70b99
inginious: fix options eval
2017-11-23 09:33:59 -05:00
Bas van Dijk
cb4b9b1cc1
owncloud: fix some but not all errors
...
* Don't set timezone when it's null
* Don't create the postgres role because the postgresqsl service
already does that.
* Fix documentation
* Add a test suite
2017-10-31 23:03:33 +01:00
Graham Christensen
e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
...
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Piotr Bogdan
3165c56db9
apache-httpd/wordpress: disable built-in WordPress autoupdater
2017-10-31 17:37:11 +00:00
Bas van Dijk
527781ebc4
apache-httpd: fix nix evaluation error
...
This only sets the timezone when it's not null to prevent:
error: cannot coerce null to a string, at
nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Jan Tojnar
3c48a1e06d
nixos/services.nginx: Fix globalRedirect example
...
Virtual host globalRedirect attribute accepts a hostname not a URL
09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Bjørn Forsman
d26f8b5e00
nixos/lighttpd: add missing modules to allKnownModules
...
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:
mod_authn_gssapi
mod_authn_ldap
mod_geoip
(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
Joerg Thalheim
c2c843adf7
nixos/traefik: guard example path
2017-10-04 14:51:20 +01:00
Joerg Thalheim
a3200348b7
nixos/traefik: owner/group should be changed recursivly
2017-10-04 11:59:38 +01:00
Joerg Thalheim
3468c9e5cc
nixos/traefik: create /var/lib/traefik with correct permissions
2017-10-04 11:49:42 +01:00
Hamish Hutchings
2e5297217d
nixos/traefik create service
2017-10-04 11:26:39 +01:00
Samuel Dionne-Riel
0b1c73f4da
mediawiki: 1.27.3 -> 1.29.1
2017-09-24 22:49:22 -04:00
Robin Gloster
97a2cd0748
nginx: module fix example
...
Closes #28926
2017-09-03 14:05:32 +02:00
Robin Gloster
7cd46a0594
nginx module: add proxyResolveWhileRunning option
2017-08-30 21:01:53 +02:00
Robin Gloster
4ffa9ddb30
nginx module: allow basic configuration of upstreams
2017-08-30 21:01:53 +02:00
Franz Pletz
759daba980
nginx module: first proxy_set_header takes precendence
2017-08-30 21:01:52 +02:00
Franz Pletz
65c2203ffc
nginx module: add option for proxying websocket requests
2017-08-30 21:01:52 +02:00
Franz Pletz
530282eebe
nginx module: fix applying recommended proxy headers
...
Previously, if proxy_set_header would be used in an extraConfig of
a location, the headers defined in the http block by
recommendedProxySettings would be cleared. As this is not the intended
behaviour, these settings are now included from a separate file if
needed.
2017-08-30 21:01:52 +02:00
Robin Gloster
0371f2b5cc
nginx module: clean up SSL/listen handling
2017-08-30 21:01:52 +02:00
Franz Pletz
8e622d2689
phpfpm service: allow netlink sockets for sendmail
...
Fixes #26611 .
2017-08-29 00:41:31 +02:00
Peter Hoeg
ecdabb1b5b
Merge pull request #28481 from mpcsh/master
...
nixos/caddy: improve documentation
2017-08-25 09:56:40 +08:00
Mark Cohen
8511a3378b
nixos/caddy: improve documentation
...
There was no documentation for the "config" option, and it wasn't quite
clear whether it was supposed to be a file, a string, or what. This
commit removes that ambiguity.
2017-08-24 13:39:06 -04:00
Joachim F
f1514a5876
Merge pull request #27699 from volth/varnish-fixes-sq
...
nixos/varnish: made compatible with varnish 5.1.2, add modules
2017-08-22 22:01:00 +00:00
Franz Pletz
cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
...
This interferes with sendmail because suid won't work. Fixes #26611 .
2017-08-21 19:24:17 +02:00
Wout Mertens
339330b322
Merge pull request #27426 from rnhmjoj/nginx
...
nginx: make enabling SSL port-specific
2017-08-07 16:46:28 +02:00
Robin Gloster
94a2cba8d9
nginx module: add resolver config
2017-08-04 02:15:46 +02:00
Robin Gloster
75bbcd4215
nginx module: include uwsgi_params
2017-08-04 02:15:01 +02:00
Bjørn Forsman
aff0725a7d
nixos/lighttpd: add enableUpstreamMimeTypes option
...
enableUpstreamMimeTypes controls whether to include the list of mime
types bundled with lighttpd (upstream). This option is enabled by
default and gives a much more complete mime type list than we currently
have. If you disable this, no mime types will be added by NixOS and you
will have to add your own mime types in services.lighttpd.extraConfig.
2017-07-29 14:24:40 +02:00
Bjørn Forsman
b339e6e13f
nixos/lighttpd: update list of allowed module names
...
* mod_dirlisting is auto-loaded by lighttpd and should not be explicitly
loaded in the configuration file.
* The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when
lighttpd is built with "enableMagnet" and "enableMysql".
2017-07-29 14:24:40 +02:00
rnhmjoj
a912a6a291
nginx: make enabling SSL port-specific
2017-07-27 03:45:53 +02:00
Volth
c6128d2feb
nixos/varnish: made compatible with varnish 5.2.1, add modules
...
* nixos/varnish: command line compatible with varnish 5.2.1, fixes
https://github.com/NixOS/nixpkgs/issues/27409
* nixos/varnish: add support for modules (services.varnish.extraModules)
* varnish-modules: init at 0.10.2
* varnish-geoip: init at 1.0.2
* varnish-rtstatus: init at 1.2.0
* varnish-digest: init at 1.0.1
* added services.varnish.extraCommandLine option
2017-07-26 23:32:49 +00:00
Wout Mertens
c4783a982b
nginx: add gzip_vary to recommended settings
...
Google PageSpeed recommends turning this on to allow proxies to cache
2017-07-17 20:15:59 +02:00
Franz Pletz
951b932456
Merge pull request #27403 from rnhmjoj/nginx
...
nginx: make listen addresses configurable
2017-07-16 13:50:18 +02:00
rnhmjoj
e40f3bea3e
nginx: make listen addresses configurable
2017-07-14 21:26:54 +02:00
Bjørn Forsman
407b56986e
nixos/lighttpd: fix indent (tab -> space)
2017-07-14 20:37:25 +02:00
Pascal Bach
0fb8456b13
minio service: add additional config options
...
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Volth
99b8d5ebe6
lighttpd: add collectd submodule
2017-06-29 22:41:22 +00:00
Pascal Bach
aa66c9ad37
minio service: add inital service
...
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
Ekaterina Vaartis
c0df448d54
apache-httpd: fix mod_perl by refering to apacheHttpdPackages ( #26579 )
2017-06-15 13:07:14 +02:00
Franz Pletz
ac5258edb2
caddy service: don't use extra dotdir in dataDir
2017-06-13 21:21:59 +02:00
Franz Pletz
071815cb24
caddy service: sync with upstream systemd unit
...
Increases security and fixes minor issues.
2017-06-13 21:21:59 +02:00
Eric Sagnes
5b30f246cb
varnish module: remove unneeded gcc runtime dependency
2017-05-17 16:14:29 +02:00
Graham Christensen
4d44810fe7
Merge pull request #25365 from armijnhemel/mediawiki
...
mediawiki: 1.27.1 -> 1.27.3
2017-05-07 06:58:32 -04:00
goibhniu
248a06695f
Merge pull request #22236 from Baughn/mediawiki
...
apache-httpd: Add 'extensions' config option for mediawiki
2017-05-01 19:17:36 +02:00
Armijn Hemel
cdebfa80ab
mediawiki: 1.27.1 -> 1.27.3
2017-04-30 22:38:00 +02:00
Bjørn Forsman
d916ce2ef4
nixos/lighttpd: set $HOME for gitweb sub-service
...
This allows gitweb to expand '~' in /etc/gitconfig. Without a $HOME
variable, it fails to list any projects and instead show the text
"No such projects found" in the UI.
Setting $HOME to the gitweb project root seems like a sensible value.
2017-04-11 22:54:31 +02:00
Bas van Dijk
6f2eca1744
wordpress: replace the dbPassword option with dbPasswordFile ( #24146 )
...
We shouldn't force users to store passwords in the world-readable Nix store.
2017-03-28 17:38:16 +02:00
Nikolay Amiantov
417844b596
phpfpm service: don't use private /tmp
...
This breaks local PostgreSQL connections.
2017-03-25 14:52:44 +01:00
Domen Kožar
02129a8788
Merge pull request #23672 from edanaher/nginx-alias
...
Nginx alias directive
2017-03-21 15:04:02 +01:00
Franz Pletz
c13922f012
nginx: explicitly use stable version
...
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.
Fixes #21665 .
2017-03-20 20:04:09 +01:00
Franz Pletz
fff8cc79df
Merge pull request #23279 from mbbx6spp/make-nginx-module-less-gross
...
nginx service: add commonHttpConfig option
2017-03-20 19:03:20 +01:00
Franz Pletz
9536169074
nixos/treewide: remove boolean examples for options
...
They contain no useful information and increase the length of the
autogenerated options documentation.
See discussion in #18816 .
2017-03-17 23:36:19 +01:00
Graham Christensen
e4c0613470
Merge pull request #23674 from c0bw3b/sec/jboss7
...
JBoss AS: list known vulnerability
2017-03-15 17:33:27 -04:00
Bas van Dijk
308c09d41f
wordpress: security upgrade: 4.7.2 -> 4.7.3 & other improvements ( #23837 )
...
* Moved the wordpress sources derivation to the attribute pkgs.wordpress. This
makes it easier to override.
* Also introduce the `package` option for the wordpress virtual host config which
defaults to pkgs.wordpress.
* Also fixed the test in nixos/tests/wordpress.nix.
2017-03-14 16:11:51 +01:00
Renaud
72619a86c9
JBoss AS: list known vulnerability
...
CVE-2015-7501
Warning in JBoss module
2017-03-13 18:45:19 +01:00
Franz Pletz
323d0fdd5a
phpfpm module: set correct nixos sendmail path
2017-03-11 09:39:12 +01:00
Evan Danaher
a09246948c
nginx: disallow alias directive on server level; it doesn't work.
2017-03-09 16:54:44 -05:00
Evan Danaher
e7358b192a
nginx: Assert that either root or alias is null.
...
If both are set, nginx won't start. More error checking is certainly in
order, but this seems like a reasonable start.
2017-03-09 13:02:49 -05:00
Evan Danaher
ff2e2e82cc
nginx: Add alias configuration option for hosts and locations.
...
It's like root, but doesn't keep the prefix.
2017-03-09 13:02:29 -05:00
Franz Pletz
d7674dabba
phpfpm service: fix phpOptions
...
Broken due to #23216 .
2017-03-07 15:08:55 +01:00
Susan Potter
251b9ca0e7
nginx service: add commonHttpConfig option
2017-02-28 09:36:56 -06:00
Franz Pletz
ec4ead0bfe
phpfpm service: add target and slice
2017-02-28 00:00:57 +01:00
Franz Pletz
e3d58dae7f
phpfpm service: one service per pool for isolation
2017-02-27 23:38:53 +01:00
Fabian Schmitthenner
ae67f060f2
phpfpm: eliminate build at evaluation time
...
phpfpm currently uses `readFile` to read the php.ini file from the
phpPackage. This causes php to be build at evaluation time.
This eliminates the use of readFile and builds the php.ini at build
time.
2017-02-26 23:35:12 +01:00
Franz Pletz
26a2822cf0
nginx service: restart instead of stop to reduce downtime
...
cc #23127
2017-02-25 20:12:37 +01:00
Franz Pletz
3a4dd97c55
nginx module: fix acme if vhost name != serverName
...
cc #21931 @bobvanderlinden
2017-02-25 08:04:38 +01:00
Joachim F
6dbe55ca68
Merge pull request #20456 from ericsagnes/feat/loaf-dep-1
...
Use attrsOf in place of loaOf when relevant
2017-02-19 15:49:25 +01:00
Robin Gloster
6e12406e30
Revert "nginx: Format the config file"
...
This reverts commit e362a3d5c9
.
See #22883
2017-02-16 22:45:00 +01:00
davidak
d4766e789b
caddy: set file descriptor limit to 8192, fixes #22454
...
the value is recommended for production use
a warning is produced when not set
2017-02-11 01:44:29 +01:00
Franz Pletz
65a1762a9b
nginx module: make acme group overrideable easily
2017-02-08 23:50:59 +01:00
Graham Christensen
7db1f727f3
moodle: Remove due to continued security issues.
2017-02-08 09:10:45 -05:00
Svein Ove Aas
e362a3d5c9
nginx: Format the config file
2017-02-07 16:19:11 +01:00
Joachim Schiele
d491728653
httpd: added serviceExpression which extends the serviceType concept -> allows that httpd services can live outside of nixpkgs ( #22269 )
2017-02-06 01:08:58 +01:00
Bas van Dijk
5cc75352f8
wordpress: 4.7.1 -> 4.7.2
...
See: https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
2017-02-02 16:41:32 +01:00
Svein Ove Aas
9b2d4a9fce
apache-httpd: Add 'extensions' config option
2017-01-28 19:21:56 +00:00
Bob van der Linden
d9987f360a
nginx: added serverName option for virtualHosts
...
This allows overriding the `server_name` attribute of virtual
hosts. By doing so it is possible to have multiple virtualHost
definitions that share the same `server_name`. This is useful in
particular when you need a HTTP as well as a HTTPS virtualhost: same
server_name, different port.
2017-01-25 14:55:55 +01:00
Graham Christensen
c0f3b8d629
wordpress: 4.6.1 -> 4.7.1 for multiple CVEs
...
CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
2017-01-19 22:53:49 -05:00
Sheena Artrip
5c5648b1f6
caddy: add package config option
2017-01-13 22:29:26 -05:00
Dan Peebles
df7b4f4f6f
httpd module: don't create documentRoot directory if it doesn't exist
...
It hides bugs and do you ever actually want to serve up an empty directory?
It was pretty confusing to me when it tried to write into a read-only store
path because I accidentally pointed it to the wrong store path.
2017-01-05 21:19:16 -05:00
volth
9bb6d91c73
httpd: setuptools is not top-level
2017-01-05 17:37:33 +00:00
Jörg Thalheim
c23032a8b1
docker: update service units from upstream
...
All the new options in detail:
Enable docker in multi-user.target make container created with restart=always
to start. We still want socket activation as it decouples dependencies between
the existing of /var/run/docker.sock and the docker daemon. This means that
services can rely on the availability of this socket. Fixes #11478 #21303
wantedBy = ["multi-user.target"];
This allows us to remove the postStart hack, as docker reports on its own when
it is ready.
Type=notify
The following will set unset some limits because overhead in kernel's ressource
accounting was observed. Note that these limit only apply to containerd.
Containers will have their own limit set.
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Upgrades may require schema migrations. This can delay the startup of dockerd.
TimeoutStartSec=0
Allows docker to create its own cgroup subhierarchy to apply ressource limits on
containers.
Delegate=true
When dockerd is killed, container should be not affected to allow
`live restore` to work.
KillMode=process
2016-12-23 21:39:38 +01:00
tv
de44544ceb
nginx service: use default_server
parameter instead of default
( #21371 )
2016-12-23 11:52:44 +01:00
Felix Richter
d8478c7912
services.nginx: allow startup with ipv6 disabled ( #21360 )
...
currently services.nginx does not start up if `networking.enableIPv6 = false`
the commit changes the nginx behavior to handle this case accordingly.
The commit resolves #21308
2016-12-23 11:49:35 +01:00
Rok Garbas
e6fa6b21e1
apacheHttpdPackages.mod_perl: init at 2.0.10
2016-12-22 13:36:44 +01:00
Nikolay Amiantov
9cca8e3f87
uwsgi service: fix for new pythonPackages
2016-12-08 21:03:41 +03:00
Michael Raskin
36010e7046
Merge pull request #20366 from MarcWeber/submit/apache-port-to-listen
...
apache-httpd
2016-11-26 13:37:02 +00:00
Eric Sagnes
821e8d4681
zope2 module: instance option loaOf -> attrsOf
2016-11-16 16:34:00 +09:00
Marc Weber
b51f165334
apache-httpd
...
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Philipp Hausmann
632282300a
nginx service: Add missing port toString conversion ( #20252 )
2016-11-08 13:34:04 +01:00
Eric Sagnes
797d40767d
fcgiwrap module: use enum
2016-11-04 13:04:52 +09:00
Frederik Rietdijk
7077a270bf
Merge remote-tracking branch 'upstream/master' into HEAD
2016-10-26 13:06:43 +02:00
Emery Hemingway
b675619391
nixos: use types.lines for extraConfig
2016-10-23 19:41:43 +02:00
Frederik Rietdijk
e56832d730
Merge remote-tracking branch 'upstream/master' into HEAD
2016-10-22 17:23:24 +02:00
Robin Gloster
d05d063572
nginx: set correct acme permissions
2016-10-20 11:18:25 +02:00
Frederik Rietdijk
104c50dd1a
Python: remove modules and pythonFull
2016-10-10 10:33:24 +02:00
Franz Pletz
a3ec0f1593
nixos/nginx: reload on acme cert renewal
2016-10-09 12:55:24 +02:00
Peter Hoeg
47a8f1ea85
php-fpm: add reload support
...
Upstream recommends sending USR2 for a graceful reload.
2016-10-06 10:22:24 +08:00
Peter Hoeg
5a6626f47c
php fpm: add systemd support
...
PHP FPM will now notify systemd when it's done initializing and ready to
serve requests.
Additionally ```systemctl status phpfpm``` will now show statistics such
as:
```
Status: "Processes active: 0, idle: 8, Requests: 0, slow: 0, Traffic: 0req/sec"
```
2016-10-05 23:30:31 +08:00
Joachim F
0906a0f197
Merge pull request #18491 from groxxda/network-interfaces
...
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Joachim F
7e80c42b0e
Merge pull request #18511 from ericsagnes/feat/remove-optionSet
...
modules: optionSet -> submodule
2016-10-01 17:57:45 +02:00
Joachim F
4d3282a8fe
Merge pull request #18993 from ericsagnes/mod/php-fpm
...
php-fpm module: cleanup
2016-09-29 13:14:32 +02:00
Graham Christensen
e2688e072d
moodle: mark as broken
...
https://github.com/NixOS/nixpkgs/issues/18856
2016-09-28 08:52:18 -04:00
Graham Christensen
8504237863
mediawiki: 1.23.13 -> 1.27.1
2016-09-26 21:53:36 -04:00
Eric Sagnes
b14ecbb96f
php-fpm module: cleanup
...
- Added example for the pool option
- Unified PHP-FPM spelling
2016-09-27 10:20:22 +09:00
Graham Christensen
4671806183
wordpress: 4.3.1 -> 4.6.1 + add a test
2016-09-26 19:36:07 -04:00
Wilhelm Schuster
54c5154b90
nginx module: Add option to configure events block
2016-09-26 12:16:53 +02:00
Alexander Ried
3ada966bd5
treewide: minor format / style / documentation fixes
2016-09-13 11:19:22 +02:00
Joachim Fasting
3dc69799b6
tomcat: remove use of network-interfaces.target
2016-09-13 11:19:22 +02:00
Eric Sagnes
03ee88f666
zope2 module: optionSet -> submodule
2016-09-13 12:53:12 +09:00
Eric Sagnes
c16d03ddc5
winstone module: optionSet -> submodule
2016-09-13 12:53:12 +09:00
danbst
63f9ef9f19
tomcat service: bump default tomcat to 8.5
...
See migration changelogs at
- 7.0 -> 8.0: https://tomcat.apache.org/migration-8.html
- 8.0 -> 8.5: https://tomcat.apache.org/migration-85.html
2016-09-09 18:29:12 +02:00
danbst
a01d4ee3f4
tomcat: add danbst as maintainer
2016-09-09 18:29:12 +02:00
danbst
f1072611a4
tomcat service: call shutdown in preStop, because postStop is too late (systemd kills process)
2016-09-09 18:29:12 +02:00
danbst
0c2d943529
tomcat: split default webapps to separate output (~6M)
2016-09-09 18:29:12 +02:00
Alexander Ried
e84b803300
security.acme: remove loop when no fallbackHost is given
2016-09-06 17:47:00 +02:00
Robin Gloster
c011aa86ab
nginx module: add index and tryFiles
2016-08-25 23:27:56 +00:00
Robin Lambertz
dacc3fa985
phpfpm: allow old config format as well ( #17754 )
2016-08-15 14:41:26 +02:00
Robin Gloster
3cf5d5ebed
nginx module: fixup events in config
2016-08-09 17:11:28 +00:00
Robin Gloster
b0b0a45bb1
nginx module: fix cfg.config backwards compatibility
...
fixes #17604
2016-08-09 12:02:21 +00:00
Al Zohali
2aba1c4962
phpfpm service: restructured pool configuration
...
From @fpletz: Keep poolConfigs option for backwards-compatibility.
The original commit 6b3f5b5a42
was previously
reverted by c7860cae1a
but the issues were
resolved.
2016-08-08 05:53:53 +02:00
Christian Kauhaus
ea7e705cd9
varnish: fix localstatedir for varnish* tools ( #17508 )
...
The varnish tools (varnishstat, varnishlog, ...) tried to load the VSM
file from a spurious var directory in the Nix store. Fix the default so
the tools "just work" when also keeping services.varnish.stateDir at the
default.
Notes:
- The tools use $localstatedir/$HOSTNAME so I've adapted the default for
stateDir as well to contain hostName.
- Added postStop action to remove the localstatedir. There is no point
in keeping it around when varnish does not run, as it regenerates it
on startup anyway.
Fixes #7495
2016-08-04 15:25:23 +02:00
Franz Pletz
c90a43f4c5
nginx module: fix evaluation of root location option
2016-08-01 19:38:10 +02:00
Robin Gloster
a193fecf0e
nginx module: improve statusPage generated code
...
Adds ::1 as allowed host and turns of access_log for the status page.
2016-07-28 11:59:13 +00:00
Robin Gloster
3ccfca7d6b
nginx module: httpConfig backward compatibility
...
Revert httpConfig its old behaviour and make it mutually exclusive to
the new structured configuration. Adds appendHttpConfig to have the
ability to write custom config in the generated http block.
2016-07-28 11:59:13 +00:00
Robin Gloster
511410789b
nginx module: make client_max_body_size configurable
2016-07-28 11:59:13 +00:00
Tristan Helmich
8c61b3af03
nginx: fixed duplicate http declaration
2016-07-28 11:59:13 +00:00
Robin Gloster
91680de317
nginx module: add statusPage option
2016-07-28 11:59:13 +00:00
Robin Gloster
a294ad01b3
nginx module: make recommended settings optional
2016-07-28 11:59:13 +00:00
Robin Gloster
186a8400ed
nginx module: make httpConfig backward compatible
2016-07-28 11:59:13 +00:00
Robin Gloster
5dd7cf964a
nginx module: improve documentation
2016-07-28 11:59:13 +00:00
Franz Pletz
de8008a1b1
nginx module: Enable http2
2016-07-28 11:59:13 +00:00
Franz Pletz
e982aeae6a
nginx module: Add default proxy headers for tomcat
2016-07-28 11:59:13 +00:00
Robin Gloster
3830a890ab
nginx module: add option to make vhost default
2016-07-28 11:59:13 +00:00
Robin Gloster
138945500e
nginx module: implement basic auth
2016-07-28 11:59:13 +00:00
Robin Gloster
ff12ee35b7
nginx module: redirect to same protocol
2016-07-28 11:59:13 +00:00
Robin Gloster
e18f8e8b66
nginx module: turn off basic auth on acme locations
2016-07-28 11:59:13 +00:00
Franz Pletz
4e5c7913e9
nginx module: Add acmeFallbackHost vhost option
2016-07-28 11:59:13 +00:00
Franz Pletz
811f243ce6
nginx module: Add extraConfig for locations
2016-07-28 11:59:13 +00:00
Franz Pletz
d5a097fdb6
nginx module: Don't create acme certs if acme is not enabled
2016-07-28 11:59:13 +00:00
Tristan Helmich
c61157b7e6
nginx module: Add dhParams option
2016-07-28 11:59:13 +00:00