mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Code Issues Wiki Activity
190295 commits 204 branches 125 tags 10 GiB
Commit graph

504 commits

Author SHA1 Message Date
Aaron Andersen 9c9a6f380e nixos/httpd: replace ssmtp with system-sendmail 2019-04-06 06:34:46 -04:00
Jörg Thalheim 6dd7483ce1
Merge pull request #57979 from 4z3/writeNginxConfig 
nixos/nginx: use nginxfmt and gixy
 2019-04-04 20:23:58 +01:00
Bob van der Linden 65710d1df5
nixos/mighttpd2: /var/run -> /run 2019-03-24 21:15:33 +01:00
tv 59fac1a6d7 nixos/nginx: use writeNginxConfig 2019-03-23 11:16:14 +01:00
Okina Matara 40d7079f79
nixos/meguca: Add videoPaths, set postgresql version to 11 2019-03-23 01:19:29 -05:00
Dmitry Kalinkin 0e57b98b2c
Merge pull request #57596 from artemist/nginx-return 
nixos/nginx: add return option to location
 2019-03-22 14:08:33 -04:00
Samuel Leathers cafd07a54e
Merge pull request #56423 from Izorkin/nginx-unit 
unit: add service unit and update package
 2019-03-20 13:08:05 -04:00
Izorkin 42a99b1be2 nixos/unit: init service unit 2019-03-16 19:54:21 +03:00
Silvan Mosberger f8de52a2fe
Revert "nixos/nginx: support h2c" 2019-03-15 14:31:11 +01:00
Artemis Tosini fee854ed01
nixos/nginx: add return option to location 2019-03-13 17:31:01 +00:00
Jordan Johnson-Doyle 04425c6223
nixos/nginx: support h2c 2019-03-08 17:50:46 +00:00
Janne Heß 3de5726e9b nixos/nginx: Support additional listen parameters (#56835) 2019-03-06 11:42:46 +02:00
Andreas Rammhold 768336a74b
Merge pull request #56233 from jtojnar/nginx-tlsv13 
nixos/nginx: Enable TLS 1.3 support
 2019-03-03 14:19:38 +01:00
Jan Tojnar f93ff28c62 nixos/nginx: Enable TLS 1.3 support 2019-02-25 16:47:19 +01:00
Izorkin 569248b3c2 nginx: fix formating the config file 2019-02-24 19:50:58 +03:00
Izorkin 0394b177c7 nginx: formating the config file 2019-02-24 10:17:11 +03:00
Symphorien Gibol a915b33315 nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
aanderse a9358c4356 nixos/httpd: update documentation to reflect changes from https://github.com/NixOS/nixpkgs/pull/54529 (#56079) 2019-02-20 14:43:25 +02:00
Silvan Mosberger a3f85f0dc0
Merge pull request #55410 from aanderse/apache-defaults 
nixos/httpd: improve security in configuration file
 2019-02-18 03:27:18 +01:00
Aaron Andersen 5eef3590ae nixos/phpfpm: allow configuring php.ini files per-pool 2019-02-13 19:58:02 -05:00
Aaron Andersen 1bec75301b nixos/httpd: don't advertise php 2019-02-07 14:25:55 -05:00
Aaron Andersen 70be5b6bb2 nixos/httpd: disable HTTP TRACE method by default 2019-02-07 14:13:45 -05:00
Aaron Andersen dd610ce84f nixos/httpd: disable TLSv1 by default for better security 2019-02-07 14:05:44 -05:00
aanderse c6cd07707b nixos/httpd: rename apache log files to have a .log file extension (#54529) 
nixos/httpd: rename apache log files to have a .log file extension
 2019-01-31 04:04:58 +02:00
John Wiegley 0305c55888
Merge pull request #53702 from aanderse/apache-ssl-opt 
nixos/httpd: add options sslCiphers & sslProtocols
 2019-01-23 19:27:17 -08:00
Wout Mertens e445eabbe8
Merge pull request #41440 from wmertens/php-per-pool 
phpfpm: allow configuring PHP package per-pool
 2019-01-21 08:35:49 +01:00
Aaron Andersen fd5a88687c nixos/httpd: add options sslCiphers & sslProtocols 2019-01-09 11:30:19 -05:00
Bas van Dijk 6ac10cd764
Merge pull request #53399 from LumiGuide/feat-wordpress-copy-plugins 
apache-httpd/wordpress: copy plugins and themes instead of symlinking
 2019-01-07 13:41:29 +01:00
Falco Peijnenburg 9d2c9157d7 nixos/apache-httpd/wordpress: copy plugins and themes instead of symlinking 
Symlinking works for most plugins and themes, but Avada, for instance, fails to
understand the symlink, causing its file path stripping to fail. This results in
requests that look like:

https://example.com/wp-content//nix/store/...plugin/path/some-file.js

Since hard linking directories is not allowed, copying is the next best thing.
 2019-01-06 17:51:31 +01:00
volth fed7914539
Merge branch 'staging' into make-perl-pathd 2018-12-18 17:13:27 +00:00
Florian Klink 91c65721f7 owncloud: remove server 
pkgs.owncloud still pointed to owncloud 7.0.15 (from May 13 2016)

Last owncloud server update in nixpkgs was in Jun 2016.
At the same time Nextcloud forked away from it, indicating users
switched over to that.

cc @matej (original maintainer)
 2018-12-16 15:05:53 +01:00
Florian Klink 50500219af apache-httpd/limesurvey.nix: fix copypasta from owncloud 2018-12-16 15:05:53 +01:00
volth bb9557eb7c lib.makePerlPath -> perlPackages.makePerlPath 2018-12-15 03:50:31 +00:00
Jappie Klooster e576c3b385 doc: Fix insecure nginx docs (#51840) 2018-12-11 11:02:56 +00:00
Red Davies 4173b845ca mediawiki: 1.29.1 -> 1.31.1 
1.29.1 is out of support and has security vulnerabilities. 1.31.1 is current LTS.
 2018-12-03 21:04:08 +00:00
c0bw3b 5e4ceba7bf nixos/mediawiki: fetch over https 2018-11-24 23:18:26 +01:00
Pavel Goran a57bbf4e63 nixos/tomcat: add purifyOnStart option 
With this option enabled, before creating file/directories/symlinks in baseDir
according to configuration, old occurences of them are removed.

This prevents remainders of an old configuration (libraries, webapps, you name
it) from persisting after activating a new configuration.
 2018-10-29 18:26:22 +07:00
Wout Mertens 69936b5655 phpfpm: allow configuring PHP package per-pool 
props to @4levels
 2018-10-26 16:11:07 +01:00
Izorkin af8ae49395 nginx: add custom options 2018-10-23 21:04:07 +03:00
Michael Raskin 3491dd06a1
Merge pull request #47224 from pvgoran/tomcat-virtualhost-aliases 
nixos/tomcat: add aliases sub-option for virtual hosts
 2018-10-21 07:54:52 +00:00
Franz Pletz ebd38185c8 nixos/nextcloud: init 
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
Co-authored-by: Robin Gloster <mail@glob.in>
Co-authored-by: Janne Heß <janne@hess.ooo>
Co-authored-by: Florian Klink <flokli@flokli.de>
 2018-10-01 02:07:43 +09:30
Pavel Goran 5e16e671ea nixos/tomcat: add aliases sub-option for virtual hosts 2018-09-23 21:49:17 +07:00
Uli Baum 15e6e1ff6f nixos/nginx: fix type of sslTrustedCertificate option 
The option was added in 1251b34b5b
with type `types.path` but default `null`, so eval failed with
the default setting. This broke the acme and certmgr tests.

cc: @vincentbernat @fpletz
 2018-09-02 01:35:59 +02:00
Vincent Bernat 1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE 
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
 2018-08-30 22:47:41 +02:00
Vincent Bernat bd075eb914 nginx: add more gzipped MIME types 
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
 2018-08-26 21:48:55 +02:00
Vincent Bernat 06a5fb2ada nginx: use a compression level of 5 in recommended configuration 
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
 2018-08-26 21:43:34 +02:00
Okina Matara aba87b85ef nixos/hydron: Various tweaks 
Make timer persistent
Start timer after hydron
Change interval from hourly to weekly
 2018-08-15 22:00:13 -05:00
Okina Matara 36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger 150f4fe9c4
Merge pull request #44371 from pvgoran/tomcat-webapps-listOfPaths 
nixos/tomcat: allow non-package paths in services.tomcat.webapps
 2018-08-02 23:32:33 +02:00
Pavel Goran 7fb40c6503 nixos/tomcat: correct type specification for virtualHosts 
The wrong specification was introduced as part of commit 472f16d.

Fixes #44361.
 2018-08-02 23:37:09 +07:00
Pavel Goran b2b5b97468 nixos/tomcat: allow non-package paths in services.tomcat.webapps 
Resolves #44370.
 2018-08-02 23:26:21 +07:00
Tuomas Tynkkynen 96190535e5 Revert "nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1" 
This reverts commit 095fe5b43d.

Pointless renames considered harmful. All they do is force people to
spend extra work updating their configs for no benefit, and hindering
the ability to switch between unstable and stable versions of NixOS.

Like, what was the value of having the "nixos." there? I mean, by
definition anything in a NixOS module has something to do with NixOS...
 2018-07-28 00:12:55 +03:00
volth 2e979e8ceb [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
Frederik Rietdijk 1a6af9f88e
Merge pull request #43857 from volth/unused 
[bot] treewide: remove unreferenced code
 2018-07-20 21:06:32 +02:00
volth 87f5930c3f [bot]: remove unreferenced code 2018-07-20 18:48:37 +00:00
Maximilian Bosch 0adca53c79
inginious: remove 
Fallout of 9db7f15ea3ce57eee25458daf87cce7a04ea98b2 which removed
simpleldap.

@layus suggests to remove:

* https://github.com/NixOS/nixpkgs/pull/43782#issuecomment-406186881
* https://github.com/NixOS/nixpkgs/pull/31975#issuecomment-346647857
 2018-07-19 17:31:40 +02:00
Silvan Mosberger 810f91f46d
Merge pull request #43308 from Chiiruno/dev/hydron 
hydron: init at 2018-07-11
 2018-07-18 22:10:11 +02:00
Okina Matara 38f2a3efbf nixos/hydron: init 2018-07-18 13:16:50 -05:00
Silvan Mosberger b9c95c7d60
httpd: Fix typo 2018-07-13 02:59:00 +02:00
Jörg Thalheim 8cf4a4725c
Merge pull request #41823 from Chiiruno/dev/meguca 
meguca: 2018-05-26 -> 2018-06-11
 2018-07-02 15:35:42 +01:00
Florian Klink fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Okina Matara 4b91c2428b meguca: 2018-05-26 -> 2018-06-10 2018-06-29 15:56:33 -05:00
Matthew Bauer be3a8c4bdb
Merge pull request #41799 from pacien/patch-4 
cgit: Parametrise cgit subdirectory
 2018-06-28 22:13:42 -04:00
Aneesh Agrawal c2ab820d6a nixos/uwsgi: use python.withPackages 2018-06-13 22:47:22 -07:00
Notkea 8b9559e417 cgit: parametrise subdirectory 
This proposal enables the user to choose the sub-directory in which to serve cgit.
The previous default behaviour isn't altered.
 2018-06-13 00:28:52 +02:00
Uli Baum 93cbb9b72f nixos/tomcat: fix eval error introduced by #40657 2018-06-11 11:02:54 +02:00
Tristan Helmich 1daa77160e tomcat service: fix webapps default option (#40657) 
The old package tomcat.webapps does not exist
 2018-06-10 20:10:01 +02:00
Hamish Mackenzie 0e5c971af8
minio: Output server logs & startup in json format 
Currently minio logs with enhanced tty data and journalctl does not include anything useful as a result:

```
Jun 08 11:03:28 alpha minio[17813]: [78B blob data]
Jun 08 11:03:28 alpha minio[17813]: [49B blob data]
Jun 08 11:03:28 alpha minio[17813]: [19B blob data]
Jun 08 11:03:28 alpha minio[17813]: [88B blob data]
Jun 08 11:03:28 alpha minio[17813]: [45B blob data]
Jun 08 11:03:28 alpha minio[17813]: [44B blob data]
Jun 08 11:03:28 alpha minio[17813]: [57B blob data]
```

Indicating that it detected some binary output.  With the `--json` flag it logs:

```
Jun 08 11:14:58 alpha minio[18573]: {"level":"FATAL","time":"2018-06-07T23:14:58.770637778Z","error":{"message":"--address input is invalid: address 127.0.0.1: missing port in address","source":["/build/go/src/github.com/minio/minio/cmd/server-main.go:121:cmd.serverHandleCmdArgs()"]}}
```
 2018-06-08 11:22:00 +12:00
Okina Matara e2f1a05756 meguca: git-2018-05-17 -> git-2018-05-20 2018-05-26 07:03:49 -05:00
Okina Matara 14a26f0153 meguca: init at git-2018-05-17 2018-05-26 07:03:49 -05:00
Jan Tojnar bd648f321c
nixos/nginx: emphasize that useACMEHost does not create certs 
It was not entirely clean that `services.nginx.virtualHosts.<name>.useACMEHost` does not create certificates, see https://github.com/NixOS/nixpkgs/issues/40593
 2018-05-17 20:48:02 +02:00
Jan Malakhovski 095fe5b43d nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1 2018-05-12 19:27:09 +00:00
Nikolay Amiantov a08645e9be nginx module: add upstream extraConfig 2018-05-08 16:32:11 +03:00
Julien Langlois 519b64592d hitch: init at 1.4.8 + service + test (#39358) 
Add the Hitch TLS reverse proxy as an option for TLS termination.
 2018-05-01 10:36:36 +01:00
Franz Pletz dc62e8509a
nixos/caddy: fix ca api endpoint, now uses v2 2018-04-27 01:11:54 +02:00
Ben Wolsieffer 4d40adb86d nginx: allow basic auth passwords to be specified in a file 2018-04-25 15:37:09 +02:00
gnidorah 9029ed933c nixos/gitweb: add gitwebTheme option 2018-04-17 20:07:01 +03:00
Jörg Thalheim 41ec2c2223
Merge pull request #38362 from orbekk/acme-path 
fix: nixos/nginx certificate location
 2018-04-09 09:02:51 +01:00
gnidorah 073089914e nixos/nginx: fix gitweb submodule 2018-04-06 22:36:03 +03:00
Kjetil Ørbekk 8614e22297 fix: nixos/nginx certificate location 
Fix issue when using a cert location other than the default.
 2018-04-02 20:34:01 -04:00
Wout Mertens b4e92e0b34
Merge pull request #37921 from gnidorah/gitweb 
nixos/nginx: add gitweb sub-service
 2018-03-30 00:18:44 +02:00
gnidorah 05b535c850 git: add more deps to gitweb 2018-03-29 16:46:11 +03:00
gnidorah 2821d3fed7 gitweb: use common options 2018-03-29 16:45:32 +03:00
gnidorah 69a0c9721e nixos/nginx: add gitweb sub-service 2018-03-29 09:06:54 +03:00
Justin Humm 169468c406
apache-httpd: fix typo in config servedFiles 2018-03-28 03:47:25 +02:00
volth 002b460822 varnish4: init at 4.1.9; varnish6: init at 6.0.0 2018-03-20 07:10:36 +00:00
Jan Malakhovski 7079e744d4 Merge branch 'master' into staging 
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
 2018-03-10 20:38:13 +00:00
Jörg Thalheim 196e21a160 nixos/tomcat: add types + proper systemd integration 
fixes #35443
 2018-03-08 09:09:42 +00:00
Benjamin Smith 024220bd7f nixos/tomcat: add serverXml, environment files and log directories 
* add serverXml verbatim override
* add environment file
* add log directory creation
 2018-03-08 09:09:42 +00:00
Shea Levy fec543436d
nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
Joachim F 46afc63b6f
Merge pull request #32062 from volth/patch-73 
nixos/varnish: check .vcl syntax at compile time
 2018-02-20 19:22:28 +00:00
Niklas Hambüchen f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Hamish 3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Jan Tojnar 0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme 
nixos/nginx: allow using existing ACME certificate
 2018-01-29 01:38:45 +01:00
Francesco Gazzetta 356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
Jan Tojnar 41d252d7a4
nixos/nginx: allow using existing ACME certificate 
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
 2018-01-15 13:48:45 +01:00
Andreas Rammhold 637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2 
also renamed from tomcatUnstable to tomcat9
 2018-01-09 01:31:06 +01:00
Christoph Hrdinka d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled 
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
 2017-12-28 00:32:24 +01:00
Niklas Hambüchen afa97cb981 nginx service: Make http2 an option. 
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
 2017-12-19 19:59:15 +01:00