1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-22 14:45:27 +00:00
Commit graph

677 commits

Author SHA1 Message Date
gnidorah 9029ed933c nixos/gitweb: add gitwebTheme option 2018-04-17 20:07:01 +03:00
Jörg Thalheim 41ec2c2223
Merge pull request #38362 from orbekk/acme-path
fix: nixos/nginx certificate location
2018-04-09 09:02:51 +01:00
gnidorah 073089914e nixos/nginx: fix gitweb submodule 2018-04-06 22:36:03 +03:00
Kjetil Ørbekk 8614e22297 fix: nixos/nginx certificate location
Fix issue when using a cert location other than the default.
2018-04-02 20:34:01 -04:00
Wout Mertens b4e92e0b34
Merge pull request #37921 from gnidorah/gitweb
nixos/nginx: add gitweb sub-service
2018-03-30 00:18:44 +02:00
gnidorah 05b535c850 git: add more deps to gitweb 2018-03-29 16:46:11 +03:00
gnidorah 2821d3fed7 gitweb: use common options 2018-03-29 16:45:32 +03:00
gnidorah 69a0c9721e nixos/nginx: add gitweb sub-service 2018-03-29 09:06:54 +03:00
Justin Humm 169468c406
apache-httpd: fix typo in config servedFiles 2018-03-28 03:47:25 +02:00
volth 002b460822 varnish4: init at 4.1.9; varnish6: init at 6.0.0 2018-03-20 07:10:36 +00:00
Jan Malakhovski 7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Jörg Thalheim 196e21a160 nixos/tomcat: add types + proper systemd integration
fixes #35443
2018-03-08 09:09:42 +00:00
Benjamin Smith 024220bd7f nixos/tomcat: add serverXml, environment files and log directories
* add serverXml verbatim override
* add environment file
* add log directory creation
2018-03-08 09:09:42 +00:00
Shea Levy fec543436d
nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
Joachim F 46afc63b6f
Merge pull request #32062 from volth/patch-73
nixos/varnish: check .vcl syntax at compile time
2018-02-20 19:22:28 +00:00
Niklas Hambüchen f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Hamish 3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Jan Tojnar 0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Francesco Gazzetta 356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
Jan Tojnar 41d252d7a4
nixos/nginx: allow using existing ACME certificate
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Andreas Rammhold 637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
Christoph Hrdinka d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
Niklas Hambüchen afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Bjørn Forsman b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
volth bfee336614
nixos/varnish: it does not matter where to check syntax, only when 2017-12-09 08:29:44 +00:00
Tuomas Tynkkynen cb008da167 owncloud: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
volth 25b178c745
nixos/varnish: check .vcl syntax at compile time (e.g. before nixops deployment) 2017-11-26 08:13:09 +00:00
Joachim F 822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Graham Christensen 2bbdd70b99
inginious: fix options eval 2017-11-23 09:33:59 -05:00
Bas van Dijk cb4b9b1cc1 owncloud: fix some but not all errors
* Don't set timezone when it's null

* Don't create the postgres role because the postgresqsl service
  already does that.

* Fix documentation

* Add a test suite
2017-10-31 23:03:33 +01:00
Graham Christensen e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Piotr Bogdan 3165c56db9 apache-httpd/wordpress: disable built-in WordPress autoupdater 2017-10-31 17:37:11 +00:00
Bas van Dijk 527781ebc4 apache-httpd: fix nix evaluation error
This only sets the timezone when it's not null to prevent:

  error: cannot coerce null to a string, at
  nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Jan Tojnar 3c48a1e06d nixos/services.nginx: Fix globalRedirect example
Virtual host globalRedirect attribute accepts a hostname not a URL

09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Bjørn Forsman d26f8b5e00 nixos/lighttpd: add missing modules to allKnownModules
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:

  mod_authn_gssapi
  mod_authn_ldap
  mod_geoip

(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
Joerg Thalheim c2c843adf7 nixos/traefik: guard example path 2017-10-04 14:51:20 +01:00
Joerg Thalheim a3200348b7 nixos/traefik: owner/group should be changed recursivly 2017-10-04 11:59:38 +01:00
Joerg Thalheim 3468c9e5cc nixos/traefik: create /var/lib/traefik with correct permissions 2017-10-04 11:49:42 +01:00
Hamish Hutchings 2e5297217d nixos/traefik create service 2017-10-04 11:26:39 +01:00
Samuel Dionne-Riel 0b1c73f4da mediawiki: 1.27.3 -> 1.29.1 2017-09-24 22:49:22 -04:00
Robin Gloster 97a2cd0748
nginx: module fix example
Closes #28926
2017-09-03 14:05:32 +02:00
Robin Gloster 7cd46a0594
nginx module: add proxyResolveWhileRunning option 2017-08-30 21:01:53 +02:00
Robin Gloster 4ffa9ddb30
nginx module: allow basic configuration of upstreams 2017-08-30 21:01:53 +02:00
Franz Pletz 759daba980
nginx module: first proxy_set_header takes precendence 2017-08-30 21:01:52 +02:00
Franz Pletz 65c2203ffc
nginx module: add option for proxying websocket requests 2017-08-30 21:01:52 +02:00
Franz Pletz 530282eebe
nginx module: fix applying recommended proxy headers
Previously, if proxy_set_header would be used in an extraConfig of
a location, the headers defined in the http block by
recommendedProxySettings would be cleared. As this is not the intended
behaviour, these settings are now included from a separate file if
needed.
2017-08-30 21:01:52 +02:00
Robin Gloster 0371f2b5cc
nginx module: clean up SSL/listen handling 2017-08-30 21:01:52 +02:00
Franz Pletz 8e622d2689
phpfpm service: allow netlink sockets for sendmail
Fixes #26611.
2017-08-29 00:41:31 +02:00
Peter Hoeg ecdabb1b5b Merge pull request #28481 from mpcsh/master
nixos/caddy: improve documentation
2017-08-25 09:56:40 +08:00
Mark Cohen 8511a3378b nixos/caddy: improve documentation
There was no documentation for the "config" option, and it wasn't quite
clear whether it was supposed to be a file, a string, or what. This
commit removes that ambiguity.
2017-08-24 13:39:06 -04:00
Joachim F f1514a5876 Merge pull request #27699 from volth/varnish-fixes-sq
nixos/varnish: made compatible with varnish 5.1.2, add modules
2017-08-22 22:01:00 +00:00
Franz Pletz cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
This interferes with sendmail because suid won't work. Fixes #26611.
2017-08-21 19:24:17 +02:00
Wout Mertens 339330b322 Merge pull request #27426 from rnhmjoj/nginx
nginx: make enabling SSL port-specific
2017-08-07 16:46:28 +02:00
Robin Gloster 94a2cba8d9
nginx module: add resolver config 2017-08-04 02:15:46 +02:00
Robin Gloster 75bbcd4215
nginx module: include uwsgi_params 2017-08-04 02:15:01 +02:00
Bjørn Forsman aff0725a7d nixos/lighttpd: add enableUpstreamMimeTypes option
enableUpstreamMimeTypes controls whether to include the list of mime
types bundled with lighttpd (upstream). This option is enabled by
default and gives a much more complete mime type list than we currently
have. If you disable this, no mime types will be added by NixOS and you
will have to add your own mime types in services.lighttpd.extraConfig.
2017-07-29 14:24:40 +02:00
Bjørn Forsman b339e6e13f nixos/lighttpd: update list of allowed module names
* mod_dirlisting is auto-loaded by lighttpd and should not be explicitly
  loaded in the configuration file.
* The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when
  lighttpd is built with "enableMagnet" and "enableMysql".
2017-07-29 14:24:40 +02:00
rnhmjoj a912a6a291
nginx: make enabling SSL port-specific 2017-07-27 03:45:53 +02:00
Volth c6128d2feb nixos/varnish: made compatible with varnish 5.2.1, add modules
* nixos/varnish: command line compatible with varnish 5.2.1, fixes
https://github.com/NixOS/nixpkgs/issues/27409
* nixos/varnish: add support for modules (services.varnish.extraModules)
* varnish-modules: init at 0.10.2
* varnish-geoip: init at 1.0.2
* varnish-rtstatus: init at 1.2.0
* varnish-digest: init at 1.0.1
* added services.varnish.extraCommandLine option
2017-07-26 23:32:49 +00:00
Wout Mertens c4783a982b nginx: add gzip_vary to recommended settings
Google PageSpeed recommends turning this on to allow proxies to cache
2017-07-17 20:15:59 +02:00
Franz Pletz 951b932456 Merge pull request #27403 from rnhmjoj/nginx
nginx: make listen addresses configurable
2017-07-16 13:50:18 +02:00
rnhmjoj e40f3bea3e
nginx: make listen addresses configurable 2017-07-14 21:26:54 +02:00
Bjørn Forsman 407b56986e nixos/lighttpd: fix indent (tab -> space) 2017-07-14 20:37:25 +02:00
Pascal Bach 0fb8456b13 minio service: add additional config options
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Volth 99b8d5ebe6 lighttpd: add collectd submodule 2017-06-29 22:41:22 +00:00
Pascal Bach aa66c9ad37 minio service: add inital service
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
Ekaterina Vaartis c0df448d54 apache-httpd: fix mod_perl by refering to apacheHttpdPackages (#26579) 2017-06-15 13:07:14 +02:00
Franz Pletz ac5258edb2
caddy service: don't use extra dotdir in dataDir 2017-06-13 21:21:59 +02:00
Franz Pletz 071815cb24
caddy service: sync with upstream systemd unit
Increases security and fixes minor issues.
2017-06-13 21:21:59 +02:00
Eric Sagnes 5b30f246cb varnish module: remove unneeded gcc runtime dependency 2017-05-17 16:14:29 +02:00
Graham Christensen 4d44810fe7 Merge pull request #25365 from armijnhemel/mediawiki
mediawiki: 1.27.1 -> 1.27.3
2017-05-07 06:58:32 -04:00
goibhniu 248a06695f Merge pull request #22236 from Baughn/mediawiki
apache-httpd: Add 'extensions' config option for mediawiki
2017-05-01 19:17:36 +02:00
Armijn Hemel cdebfa80ab mediawiki: 1.27.1 -> 1.27.3 2017-04-30 22:38:00 +02:00
Bjørn Forsman d916ce2ef4 nixos/lighttpd: set $HOME for gitweb sub-service
This allows gitweb to expand '~' in /etc/gitconfig. Without a $HOME
variable, it fails to list any projects and instead show the text
"No such projects found" in the UI.

Setting $HOME to the gitweb project root seems like a sensible value.
2017-04-11 22:54:31 +02:00
Bas van Dijk 6f2eca1744 wordpress: replace the dbPassword option with dbPasswordFile (#24146)
We shouldn't force users to store passwords in the world-readable Nix store.
2017-03-28 17:38:16 +02:00
Nikolay Amiantov 417844b596 phpfpm service: don't use private /tmp
This breaks local PostgreSQL connections.
2017-03-25 14:52:44 +01:00
Domen Kožar 02129a8788 Merge pull request #23672 from edanaher/nginx-alias
Nginx alias directive
2017-03-21 15:04:02 +01:00
Franz Pletz c13922f012
nginx: explicitly use stable version
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.

Fixes #21665.
2017-03-20 20:04:09 +01:00
Franz Pletz fff8cc79df Merge pull request #23279 from mbbx6spp/make-nginx-module-less-gross
nginx service: add commonHttpConfig option
2017-03-20 19:03:20 +01:00
Franz Pletz 9536169074
nixos/treewide: remove boolean examples for options
They contain no useful information and increase the length of the
autogenerated options documentation.

See discussion in #18816.
2017-03-17 23:36:19 +01:00
Graham Christensen e4c0613470 Merge pull request #23674 from c0bw3b/sec/jboss7
JBoss AS: list known vulnerability
2017-03-15 17:33:27 -04:00
Bas van Dijk 308c09d41f wordpress: security upgrade: 4.7.2 -> 4.7.3 & other improvements (#23837)
* Moved the wordpress sources derivation to the attribute pkgs.wordpress. This
  makes it easier to override.

* Also introduce the `package` option for the wordpress virtual host config which
  defaults to pkgs.wordpress.

* Also fixed the test in nixos/tests/wordpress.nix.
2017-03-14 16:11:51 +01:00
Renaud 72619a86c9 JBoss AS: list known vulnerability
CVE-2015-7501

Warning in JBoss module
2017-03-13 18:45:19 +01:00
Franz Pletz 323d0fdd5a
phpfpm module: set correct nixos sendmail path 2017-03-11 09:39:12 +01:00
Evan Danaher a09246948c nginx: disallow alias directive on server level; it doesn't work. 2017-03-09 16:54:44 -05:00
Evan Danaher e7358b192a nginx: Assert that either root or alias is null.
If both are set, nginx won't start.  More error checking is certainly in
order, but this seems like a reasonable start.
2017-03-09 13:02:49 -05:00
Evan Danaher ff2e2e82cc nginx: Add alias configuration option for hosts and locations.
It's like root, but doesn't keep the prefix.
2017-03-09 13:02:29 -05:00
Franz Pletz d7674dabba
phpfpm service: fix phpOptions
Broken due to #23216.
2017-03-07 15:08:55 +01:00
Susan Potter 251b9ca0e7
nginx service: add commonHttpConfig option 2017-02-28 09:36:56 -06:00
Franz Pletz ec4ead0bfe
phpfpm service: add target and slice 2017-02-28 00:00:57 +01:00
Franz Pletz e3d58dae7f
phpfpm service: one service per pool for isolation 2017-02-27 23:38:53 +01:00
Fabian Schmitthenner ae67f060f2 phpfpm: eliminate build at evaluation time
phpfpm currently uses `readFile` to read the php.ini file from the
phpPackage. This causes php to be build at evaluation time.

This eliminates the use of readFile and builds the php.ini at build
time.
2017-02-26 23:35:12 +01:00
Franz Pletz 26a2822cf0
nginx service: restart instead of stop to reduce downtime
cc #23127
2017-02-25 20:12:37 +01:00
Franz Pletz 3a4dd97c55
nginx module: fix acme if vhost name != serverName
cc #21931 @bobvanderlinden
2017-02-25 08:04:38 +01:00
Joachim F 6dbe55ca68 Merge pull request #20456 from ericsagnes/feat/loaf-dep-1
Use attrsOf in place of loaOf when relevant
2017-02-19 15:49:25 +01:00
Robin Gloster 6e12406e30
Revert "nginx: Format the config file"
This reverts commit e362a3d5c9.

See #22883
2017-02-16 22:45:00 +01:00
davidak d4766e789b caddy: set file descriptor limit to 8192, fixes #22454
the value is recommended for production use
a warning is produced when not set
2017-02-11 01:44:29 +01:00
Franz Pletz 65a1762a9b
nginx module: make acme group overrideable easily 2017-02-08 23:50:59 +01:00
Graham Christensen 7db1f727f3
moodle: Remove due to continued security issues. 2017-02-08 09:10:45 -05:00
Svein Ove Aas e362a3d5c9 nginx: Format the config file 2017-02-07 16:19:11 +01:00
Joachim Schiele d491728653 httpd: added serviceExpression which extends the serviceType concept -> allows that httpd services can live outside of nixpkgs (#22269) 2017-02-06 01:08:58 +01:00
Bas van Dijk 5cc75352f8 wordpress: 4.7.1 -> 4.7.2
See: https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
2017-02-02 16:41:32 +01:00
Svein Ove Aas 9b2d4a9fce apache-httpd: Add 'extensions' config option 2017-01-28 19:21:56 +00:00
Bob van der Linden d9987f360a nginx: added serverName option for virtualHosts
This allows overriding the `server_name` attribute of virtual
hosts. By doing so it is possible to have multiple virtualHost
definitions that share the same `server_name`. This is useful in
particular when you need a HTTP as well as a HTTPS virtualhost: same
server_name, different port.
2017-01-25 14:55:55 +01:00
Graham Christensen c0f3b8d629
wordpress: 4.6.1 -> 4.7.1 for multiple CVEs
CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
2017-01-19 22:53:49 -05:00
Sheena Artrip 5c5648b1f6
caddy: add package config option 2017-01-13 22:29:26 -05:00
Dan Peebles df7b4f4f6f httpd module: don't create documentRoot directory if it doesn't exist
It hides bugs and do you ever actually want to serve up an empty directory?
It was pretty confusing to me when it tried to write into a read-only store
path because I accidentally pointed it to the wrong store path.
2017-01-05 21:19:16 -05:00
volth 9bb6d91c73 httpd: setuptools is not top-level 2017-01-05 17:37:33 +00:00
Jörg Thalheim c23032a8b1 docker: update service units from upstream
All the new options in detail:

Enable docker in multi-user.target make container created with restart=always
to start. We still want socket activation as it decouples dependencies between
the existing of /var/run/docker.sock and the docker daemon. This means that
services can rely on the availability of this socket. Fixes #11478 #21303

  wantedBy = ["multi-user.target"];

This allows us to remove the postStart hack, as docker reports on its own when
it is ready.

  Type=notify

The following will set unset some limits because overhead in kernel's ressource
accounting was observed. Note that these limit only apply to containerd.
Containers will have their own limit set.

  LimitNPROC=infinity
  LimitCORE=infinity
  TasksMax=infinity

Upgrades may require schema migrations. This can delay the startup of dockerd.

  TimeoutStartSec=0

Allows docker to create its own cgroup subhierarchy to apply ressource limits on
containers.

  Delegate=true

When dockerd is killed, container should be not affected to allow
`live restore` to work.

  KillMode=process
2016-12-23 21:39:38 +01:00
tv de44544ceb nginx service: use default_server parameter instead of default (#21371) 2016-12-23 11:52:44 +01:00
Felix Richter d8478c7912 services.nginx: allow startup with ipv6 disabled (#21360)
currently services.nginx does not start up if `networking.enableIPv6 = false`
the commit changes the nginx behavior to handle this case accordingly.
The commit resolves #21308
2016-12-23 11:49:35 +01:00
Rok Garbas e6fa6b21e1 apacheHttpdPackages.mod_perl: init at 2.0.10 2016-12-22 13:36:44 +01:00
Nikolay Amiantov 9cca8e3f87 uwsgi service: fix for new pythonPackages 2016-12-08 21:03:41 +03:00
Michael Raskin 36010e7046 Merge pull request #20366 from MarcWeber/submit/apache-port-to-listen
apache-httpd
2016-11-26 13:37:02 +00:00
Eric Sagnes 821e8d4681 zope2 module: instance option loaOf -> attrsOf 2016-11-16 16:34:00 +09:00
Marc Weber b51f165334 apache-httpd
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Philipp Hausmann 632282300a nginx service: Add missing port toString conversion (#20252) 2016-11-08 13:34:04 +01:00
Eric Sagnes 797d40767d fcgiwrap module: use enum 2016-11-04 13:04:52 +09:00
Frederik Rietdijk 7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Emery Hemingway b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Frederik Rietdijk e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Robin Gloster d05d063572
nginx: set correct acme permissions 2016-10-20 11:18:25 +02:00
Frederik Rietdijk 104c50dd1a Python: remove modules and pythonFull 2016-10-10 10:33:24 +02:00
Franz Pletz a3ec0f1593
nixos/nginx: reload on acme cert renewal 2016-10-09 12:55:24 +02:00
Peter Hoeg 47a8f1ea85 php-fpm: add reload support
Upstream recommends sending USR2 for a graceful reload.
2016-10-06 10:22:24 +08:00
Peter Hoeg 5a6626f47c php fpm: add systemd support
PHP FPM will now notify systemd when it's done initializing and ready to
serve requests.

Additionally ```systemctl status phpfpm``` will now show statistics such
as:

```
Status: "Processes active: 0, idle: 8, Requests: 0, slow: 0, Traffic: 0req/sec"
```
2016-10-05 23:30:31 +08:00
Joachim F 0906a0f197 Merge pull request #18491 from groxxda/network-interfaces
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Joachim F 7e80c42b0e Merge pull request #18511 from ericsagnes/feat/remove-optionSet
modules: optionSet -> submodule
2016-10-01 17:57:45 +02:00
Joachim F 4d3282a8fe Merge pull request #18993 from ericsagnes/mod/php-fpm
php-fpm module: cleanup
2016-09-29 13:14:32 +02:00
Graham Christensen e2688e072d
moodle: mark as broken
https://github.com/NixOS/nixpkgs/issues/18856
2016-09-28 08:52:18 -04:00
Graham Christensen 8504237863
mediawiki: 1.23.13 -> 1.27.1 2016-09-26 21:53:36 -04:00
Eric Sagnes b14ecbb96f php-fpm module: cleanup
- Added example for the pool option
- Unified PHP-FPM spelling
2016-09-27 10:20:22 +09:00
Graham Christensen 4671806183
wordpress: 4.3.1 -> 4.6.1 + add a test 2016-09-26 19:36:07 -04:00
Wilhelm Schuster 54c5154b90 nginx module: Add option to configure events block 2016-09-26 12:16:53 +02:00
Alexander Ried 3ada966bd5 treewide: minor format / style / documentation fixes 2016-09-13 11:19:22 +02:00
Joachim Fasting 3dc69799b6 tomcat: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Eric Sagnes 03ee88f666 zope2 module: optionSet -> submodule 2016-09-13 12:53:12 +09:00
Eric Sagnes c16d03ddc5 winstone module: optionSet -> submodule 2016-09-13 12:53:12 +09:00
danbst 63f9ef9f19 tomcat service: bump default tomcat to 8.5
See migration changelogs at
- 7.0 -> 8.0: https://tomcat.apache.org/migration-8.html
- 8.0 -> 8.5: https://tomcat.apache.org/migration-85.html
2016-09-09 18:29:12 +02:00
danbst a01d4ee3f4 tomcat: add danbst as maintainer 2016-09-09 18:29:12 +02:00
danbst f1072611a4 tomcat service: call shutdown in preStop, because postStop is too late (systemd kills process) 2016-09-09 18:29:12 +02:00
danbst 0c2d943529 tomcat: split default webapps to separate output (~6M) 2016-09-09 18:29:12 +02:00
Alexander Ried e84b803300 security.acme: remove loop when no fallbackHost is given 2016-09-06 17:47:00 +02:00
Robin Gloster c011aa86ab
nginx module: add index and tryFiles 2016-08-25 23:27:56 +00:00
Robin Lambertz dacc3fa985 phpfpm: allow old config format as well (#17754) 2016-08-15 14:41:26 +02:00
Robin Gloster 3cf5d5ebed nginx module: fixup events in config 2016-08-09 17:11:28 +00:00
Robin Gloster b0b0a45bb1 nginx module: fix cfg.config backwards compatibility
fixes #17604
2016-08-09 12:02:21 +00:00
Al Zohali 2aba1c4962 phpfpm service: restructured pool configuration
From @fpletz: Keep poolConfigs option for backwards-compatibility.

The original commit 6b3f5b5a42 was previously
reverted by c7860cae1a but the issues were
resolved.
2016-08-08 05:53:53 +02:00
Christian Kauhaus ea7e705cd9 varnish: fix localstatedir for varnish* tools (#17508)
The varnish tools (varnishstat, varnishlog, ...) tried to load the VSM
file from a spurious var directory in the Nix store. Fix the default so
the tools "just work" when also keeping services.varnish.stateDir at the
default.

Notes:
- The tools use $localstatedir/$HOSTNAME so I've adapted the default for
  stateDir as well to contain hostName.
- Added postStop action to remove the localstatedir. There is no point
  in keeping it around when varnish does not run, as it regenerates it
  on startup anyway.

Fixes #7495
2016-08-04 15:25:23 +02:00
Franz Pletz c90a43f4c5 nginx module: fix evaluation of root location option 2016-08-01 19:38:10 +02:00
Robin Gloster a193fecf0e nginx module: improve statusPage generated code
Adds ::1 as allowed host and turns of access_log for the status page.
2016-07-28 11:59:13 +00:00
Robin Gloster 3ccfca7d6b nginx module: httpConfig backward compatibility
Revert httpConfig its old behaviour and make it mutually exclusive to
the new structured configuration. Adds appendHttpConfig to have the
ability to write custom config in the generated http block.
2016-07-28 11:59:13 +00:00
Robin Gloster 511410789b nginx module: make client_max_body_size configurable 2016-07-28 11:59:13 +00:00
Tristan Helmich 8c61b3af03 nginx: fixed duplicate http declaration 2016-07-28 11:59:13 +00:00
Robin Gloster 91680de317 nginx module: add statusPage option 2016-07-28 11:59:13 +00:00
Robin Gloster a294ad01b3 nginx module: make recommended settings optional 2016-07-28 11:59:13 +00:00
Robin Gloster 186a8400ed nginx module: make httpConfig backward compatible 2016-07-28 11:59:13 +00:00
Robin Gloster 5dd7cf964a nginx module: improve documentation 2016-07-28 11:59:13 +00:00
Franz Pletz de8008a1b1 nginx module: Enable http2 2016-07-28 11:59:13 +00:00
Franz Pletz e982aeae6a nginx module: Add default proxy headers for tomcat 2016-07-28 11:59:13 +00:00
Robin Gloster 3830a890ab nginx module: add option to make vhost default 2016-07-28 11:59:13 +00:00
Robin Gloster 138945500e nginx module: implement basic auth 2016-07-28 11:59:13 +00:00
Robin Gloster ff12ee35b7 nginx module: redirect to same protocol 2016-07-28 11:59:13 +00:00
Robin Gloster e18f8e8b66 nginx module: turn off basic auth on acme locations 2016-07-28 11:59:13 +00:00
Franz Pletz 4e5c7913e9 nginx module: Add acmeFallbackHost vhost option 2016-07-28 11:59:13 +00:00
Franz Pletz 811f243ce6 nginx module: Add extraConfig for locations 2016-07-28 11:59:13 +00:00
Franz Pletz d5a097fdb6 nginx module: Don't create acme certs if acme is not enabled 2016-07-28 11:59:13 +00:00
Tristan Helmich c61157b7e6 nginx module: Add dhParams option 2016-07-28 11:59:13 +00:00
Tristan Helmich 35d76a72ab nginx module: Add sslCiphers option 2016-07-28 11:59:13 +00:00
Tristan Helmich 8bd1f401bb nginx module: Add sslProtocols option 2016-07-28 11:59:13 +00:00
Tristan Helmich 900b311a38 nginx module: Fix ACME extraDomains, fix challenge url to not redirect to allow renewals 2016-07-28 11:59:13 +00:00
Tristan Helmich 4676983990 nginx module: Add ACME support for ssl sites 2016-07-28 11:59:13 +00:00
Robin Gloster f298be9ef4 nginx module: declarative config 2016-07-28 11:58:37 +00:00
Robin Gloster 356c2fe00d Revert "nginx: Verify that configuration is syntactically correct" (#17337) 2016-07-28 13:55:06 +02:00
Bjørn Forsman c7860cae1a Revert "phpfpm service: restructured pool configuration"
This reverts commit 6b3f5b5a42 because it
introduced a non-backwards compatible change in the phpfpm interface,
without really needing to. The new interface, if needed, can be re-added
alongside the old interface.

Commit 98e419c0e2 ("tt-rss service: init at 16.3")
depends on the new interface, so this commit updates the tt-rss service
to work with the old services.phpfpm.poolConfigs interface.
2016-07-27 23:53:58 +02:00
Robin Lambertz 103805dec5 nginx: Verify that configuration is syntactically correct (#17208) 2016-07-27 22:24:08 +02:00
Bjørn Forsman 0a2174f195 nixos/lighttpd: move cgit setup to cgit.nix
To where it really belongs. Separation of concern.
2016-07-26 15:37:24 +02:00
Rok Garbas d73c115aa4 Merge pull request #16132 from zohl/tt-rss
tt-rss service: init at 16.3
2016-07-21 20:48:18 +02:00
davidak 83bdc8e858 caddy service: add options to change ACME certificate authority (#16969)
and agree to let's encrypt subscriber agreement
2016-07-21 01:51:09 +02:00
davidak d2164cfcda caddy service: fix nix store output path
systemd[11376]: caddy.service: Failed at step EXEC spawning /nix/store/ghpcwj6paccc92l1gk7ykb6gf2i2w6fi-go1.6-caddy-0.8.3/bin/caddy: No such file or directory
2016-07-14 22:04:55 +02:00
Eric Sagnes ff074ec7a4 apache-httpd: add phpPackage option 2016-06-22 21:24:25 +09:00
Frederik Rietdijk 9e2866d5de Merge pull request #16086 from layus/inginious
INGInious: provide a NixOS module
2016-06-21 16:37:29 +02:00
Al Zohali 6b3f5b5a42 phpfpm service: restructured pool configuration 2016-06-20 01:00:03 +03:00
Guillaume Maudoux 0fef9ed3ed inginious: init NixOS module 2016-06-14 11:09:21 +02:00
zimbatm a95229a963 Merge pull request #15677 from womfoo/mod_auth_mellon
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
Kranium Gikos Mendoza 25fbac5b52 mod_auth_mellon: init at 0.12.0 2016-05-23 02:02:25 +08:00
Vladimír Čunát 73f1f5eb39 imagemagick: split dev output to fix #9604
Also fixup references to imagemagick.
2016-05-22 13:41:15 +02:00
Vladimír Čunát 65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
Eric Sagnes a8bc5b67f8 php: add default php.ini 2016-04-29 15:26:20 +09:00
Nikolay Amiantov ab0a0c004e makeSearchPathOutputs: refactor to makeSearchPathOutput 2016-04-25 13:24:39 +03:00
Nikolay Amiantov 8b7ebaffeb replace makeSearchPath tree-wise to take care of possible multiple outputs 2016-04-13 22:09:41 +03:00
Vladimír Čunát 39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
joachifm 245f200dd8 Merge pull request #11987 from angus-g/caddy
Add Caddy and its NixOS module
2016-04-11 09:20:21 +02:00
Vladimír Čunát 30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Eelco Dolstra 133e6e1ea6 httpd.service: Support reload
This is useful when ACME has generated a new TLS certificate.
2016-04-07 17:53:46 +02:00
Lluís Batlle i Rossell e1bcc27f1a Making trac/ldap handle httpd 2.4.
The option authzldapauthoritative had been removed in 2.4

I pushed this into 16.03 instead of master first. My fault.
(cherry picked from commit 516f47efef)
2016-04-07 11:40:22 +02:00
Angus Gibson bb6408ba16 caddy service: initial implementation 2016-04-05 23:45:54 +00:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Nikolay Amiantov 25754a5fc2 uwsgi service: use python.buildEnv, fix PATH 2016-03-27 19:23:01 +03:00
Vladimír Čunát c801cd1a04 php: fixup build when configured with httpd via nixos 2016-03-11 11:54:53 +01:00
Vladimír Čunát 1952d5d5f7 nixos/foswiki: basic working service definition
Activation is as simple as:
  services.httpd = {
    enable = true;
    adminAddr = "nobody@example.com";
    extraSubservices = [ {
      serviceType = "foswiki";
    } ];
  };
2016-03-08 16:38:43 +01:00
Vladimír Čunát 09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra f3d94cfc23 Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
This reverts commit cad8957eab. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel cad8957eab Add the tool "nixos-typecheck" that can check an option declaration to:
- Enforce that an option declaration has a "defaultText" if and only if the
   type of the option derives from "package", "packageSet" or "nixpkgsConfig"
   and if a "default" attribute is defined.

 - Enforce that the value of the "example" attribute is wrapped with "literalExample"
   if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".

 - Warn if a "defaultText" is defined in an option declaration if the type of
   the option does not derive from "package", "packageSet" or "nixpkgsConfig".

 - Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
Graham Christensen 7df907b272 moodle: 2.8.5 -> 2.8.10 for CVE-2016-0724 CVE-2016-0725 2016-02-27 17:22:14 -06:00
Domen Kožar 04422bb3ca Merge pull request #8630 from lihop/nixos/fix-formatting
nixos: fix formatting of option examples
2016-02-27 10:08:37 +00:00
Vladimír Čunát 3cf9cd8bc3 Merge #12796: nixos docs: show references to packages
(version 2) A better implementation of #10039, after #12357.
This time I did more thorough checking.

See commit messages for details.
2016-02-27 10:48:12 +01:00
Leroy Hopson 25fd9e31a2 phpfpm service: fix formatting of example 2016-02-27 22:25:40 +13:00
zimbatm 09c14170d8 Merge pull request #13125 from abbradar/uwsgi
Refactor uWSGI
2016-02-23 22:32:54 +00:00
zimbatm a7715e3e06 Merge pull request #10231 from zimbatm/apache-intermediate-ssl
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Nikolay Amiantov b6c49abba0 uwsgi service: update documentation 2016-02-19 18:09:27 +03:00
Nikolay Amiantov e48c991131 uwsgi service: refactor, throw more errors and drop simultaneous Python 2/3 in path 2016-02-19 18:09:26 +03:00
aszlig 7bdcfb33f4
nixos: Provide a defaultText for type = package
We don't want to build all those things along with the manual, so that's
what the defaultText attribute is for.

Unfortunately a few of them were missing, so let's add them.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-17 21:12:24 +01:00
Vladimír Čunát d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra 86c2a0f783 mediawiki: 1.23.9 -> 1.23.13 2016-02-11 11:24:44 +01:00
Vladimír Čunát 4fede53c09 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-02-03 14:47:14 +01:00
Vladimír Čunát 889351af8b Revert "Merge #12357: nixos docs: show references to packages"
The PR wasn't good enough yet.
This reverts commit b2a37ceeea, reversing
changes made to 7fa9a1abce.
2016-02-03 12:16:33 +01:00
Vladimír Čunát b2a37ceeea Merge #12357: nixos docs: show references to packages 2016-02-03 10:07:27 +01:00
Tuomas Tynkkynen 13b3f3f246 treewide: Mass replace 'openssl}/bin' to refer the 'bin' output 2016-02-01 20:46:16 +02:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Vladimír Čunát 3bcf8ae879 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Sander van der Burg b1d6e6a38b Fix running apache tomcat as a daemon 2016-01-12 14:32:22 +00:00
Robin Gloster 88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Augustin Borsu c17a60b636 owncloud httpd-service: add package option
Owncloud package used can now be set in configuration.nix using
package option.
2015-12-02 20:37:41 +01:00
Augustin Borsu 9d5bf282c7 owncloud httpd-service: fix trusted_domain when unset
When an empty string was given as trusted_domain, the trusted
domain was set to be empty string instead of not beeing set.
2015-12-02 20:37:33 +01:00
Augustin Borsu 16fd6c1cf0 owncloud: 7.0.5 -> 7.0.10 +
Commit changes default version to 7.0.10, 7.0.5 version is kept for
people reluctant to update. Needed info has also been added for
versions 8.0, 8.1 and 8.2 only the latest minor version of each
major version is included.
2015-12-02 20:36:40 +01:00
Augustin Borsu e08ffc472c owncloud httpd-service: add urlPrefix option
This option allows user to specify a url prefix for owncloud.
By default it is set to "" and the document root will be set
to owncloud's dir.
If a prefix is set, e.g. urlPrefix = "/owncloud"
an alias will be created using that prefix to point to owncloud's
dir and owncloud will be available at http://localhost/owncloud
2015-12-02 20:36:26 +01:00
Aristid Breitkreuz 0b9c4af74a Merge pull request #11342 from basvandijk/wordpress-4.3.1
wordpress: 4.3 -> 4.3.1
2015-11-29 20:51:57 +01:00
Luca Bruno 920b1d3591 Merge branch 'master' into closure-size 2015-11-29 16:50:26 +01:00
Bas van Dijk af500630e8 wordpress: use the correct mysql pidDir 2015-11-29 15:46:43 +01:00
Bas van Dijk f48f916fd1 wordpress: 4.3 -> 4.3.1 2015-11-29 12:50:00 +01:00
Luca Bruno a412927924 Merge remote-tracking branch 'origin/master' into closure-size 2015-11-25 21:37:30 +01:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Domen Kožar b76519069d Merge pull request #9733 from basvandijk/wordpress-fix-extraConfig
wordpress: execute the extraConfig before loading wp-settings.php
2015-11-16 13:16:10 +01:00
Guillaume Maudoux 60ba5ad479 lighttpd: fix mod_rewrite appearing twice 2015-11-14 15:52:25 +01:00
Tuomas Tynkkynen 58dfef2792 treewide: Fix references to apacheHttpd_2_* 2015-10-28 10:23:03 +01:00
Vladimír Čunát c5579c9184 subversion: fixup some referrers after splitting 2015-10-28 10:22:59 +01:00
zimbatm f5f039eeb4 apache-httpd: harden default SSL cipher list
A couple of tweaks on the SSL cipher list.

Disabled RC4 which is now considered broken.
https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what

Enabled Forward Secrecy for modern browsers.
https://en.wikipedia.org/wiki/Forward_secrecy

Without the change, NixOS servers are capped at Grade B on
https://www.ssllabs.com/ssltest/index.html
2015-10-05 17:19:53 +01:00
Eelco Dolstra 89e983786a Manual: Remove store path references 2015-09-24 11:50:58 +02:00
Bas van Dijk 5cf5e7ff4c wordpress: allow extending Wordpress's .htaccess file 2015-09-10 13:21:38 +02:00
Bas van Dijk a9332583eb wordpress: Execute the extraConfig before loading wp-settings.php
This is needed so that settings defined in extraConfig actually get handled.
2015-09-09 01:12:10 +02:00
Bas van Dijk 88d9fd93c6 wordpress: 4.2.2 -> 4.3 2015-09-08 10:36:44 +02:00
Domen Kožar ba5919ef3b nginx: include mimetypes mapping
(cherry picked from commit b01eebf021)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-09-07 14:43:19 +02:00
Domen Kožar 71e67797d6 Revert "reverse_proxy module: helper to run nginx as reverse proxy"
This reverts commit e6f0cd336d.

These modifications are too specific to use cases and shouldn't be part of
nginx module.
2015-09-07 14:18:31 +02:00
ts468 12d3de1caa Merge pull request #9103 from ts468/upstream.nginx
reverse_proxy module: helper to run nginx as reverse proxy
2015-08-30 18:32:07 +02:00
Eelco Dolstra 9d82f7e53e Revert "Apache service module: allow compression"
This reverts commit 164f6ff2a8 per
https://github.com/NixOS/nixpkgs/pull/9407#issuecomment-134523359
(it's too site-specific). Furthermore this should be an option at the
virtual host level.
2015-08-28 12:41:06 +02:00
Thomas Strobel e6f0cd336d reverse_proxy module: helper to run nginx as reverse proxy 2015-08-28 09:33:08 +02:00
Wout Mertens 164f6ff2a8 Apache service module: allow compression 2015-08-23 15:13:52 +02:00
Luca Bruno 883517f37c phpfpm: use latest php 2015-07-17 18:09:50 +02:00
Eelco Dolstra 9fa19cfcea apache-httpd: Don't set default content encodings
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.

If people want such encodings, they should set them in their own NixOS
configuration.
2015-07-07 12:12:49 +02:00
Leroy Hopson 1eb50ebbf2 shellinabox service: intial implementation 2015-07-04 21:18:13 +12:00
Joachim Schiele 11cd596aea wordpress: language downloads are now reproducible 2015-07-03 13:06:44 +02:00
Joachim Schiele 011993c86a wordpress: usability updates 2015-06-25 16:21:14 +02:00
Russell O'Connor 46f06ccde7 uwsgi-service: Add user/group for uwsgi service.
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
Eelco Dolstra 19ffa212af types.uniq types.int -> types.int
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
Eelco Dolstra c738b309ee types.uniq types.bool -> types.bool 2015-06-15 18:10:26 +02:00
Arseniy Seroka 8150cf11b0 Merge pull request #7605 from ip1981/wiki
Mediawiki updates
2015-04-28 19:00:27 +03:00
Jaka Hudoklin 7b878a7ca9 Merge pull request #7555 from offlinehacker/nixos/nginx/reload
nixos/nginx: enable service/config reload
2015-04-28 14:12:21 +02:00
Igor Pashev 4855b0b3fb Mediawiki 1.23.9 2015-04-28 08:05:16 +00:00
Igor Pashev bca76e46f0 Apache servedFiles: fixed a typo in example 2015-04-28 08:05:15 +00:00
Igor Pashev 8388bd3280 wiki: do not rewrite served files 2015-04-28 08:05:08 +00:00
Eelco Dolstra 534b84a9ac Don't require sslServerChain to be set 2015-04-27 18:24:16 +02:00
Jaka Hudoklin 494d1820e3 nixos/nginx: enable service/config reload 2015-04-25 15:17:06 +02:00
Eelco Dolstra 574173f0e6 Merge pull request #7027 from ecraven/apache-sslchain
apache-httpd: adding support for sslServerChain
2015-04-13 16:48:20 +02:00
Peter Feigl 3837ef82ad fixing documentation 2015-04-13 15:42:01 +02:00
Peter Feigl e5b3918f85 apache-httpd: adding support for sslServerChain 2015-04-13 15:41:10 +02:00
Peter Feigl 69b18fc4b6 fixing indentation 2015-04-13 13:46:42 +02:00
Peter Feigl 44ea83b986 changed config to only include the minimum necessary 2015-04-13 13:10:04 +02:00
Peter Feigl 49eb77b26c apache-httpd: adding subservice moodle 2015-04-13 13:06:39 +02:00
Joachim Schiele 85c454ab1d Merge pull request #6785 from qknight/wordpress
zef hemel's wordpress.nix adapted to extraSubservices
2015-04-13 10:27:55 +02:00
Luca Bruno cb45b7ec3e Revert "nixos: Multiple service instances, apply to nginx. See #6784"
This reverts commit 7ef59c4fe2.

Wrong push! Sorry!
2015-03-18 14:09:24 +00:00
Luca Bruno 7ef59c4fe2 nixos: Multiple service instances, apply to nginx. See #6784 2015-03-18 14:07:29 +00:00
Philip Potter 7ad6dac43b owncloud: don't store plaintext adminPassword in nix store
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
Joachim Schiele d74ea7d34f zef hemels' wordpress.nix adapted to extraSubservices 2015-03-13 14:19:48 +01:00
lethalman f72d1abb79 Merge pull request #5846 from arno01/nginx
nginx service improvements
2015-03-13 11:41:27 +01:00
lethalman 70527b87a1 Merge pull request #6440 from k0ral/fcgiwrap
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
Eelco Dolstra 8cb3e3b864 httpd: Disable insecure protocols/ciphers by default
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
koral d9078d03a3 Updated fcgiwrap's systemd unit to match upstream version. 2015-02-18 21:19:12 +00:00
Jaka Hudoklin 41ae4d1af9 add limesurvey package and nixos module 2015-02-07 23:18:51 +01:00
Nikolay Amiantov 51681449da uwsgi: add nixos module 2015-02-02 22:23:42 +03:00
Matej Cotman 3ed3977166 owncloud: make .htaccess available 2015-01-21 22:49:22 +01:00
Matej Cotman 7494bd389e apache-httpd: add owncloud 2015-01-21 22:49:22 +01:00
Matej Cotman 6630e3e4fe apache-httpd: add restartSec option 2015-01-21 22:49:22 +01:00
Andrey Arapov b1b9efdbe1 nginx service improvements
Adding Restart, RestartSec, StartLimitInterval to ensure that the service
is started in case if it can't assign (bind) the address as often it takes longer
for the network (e.g. dhcpcd) to get the IP assigned.
2015-01-19 10:46:45 +01:00
William A. Kennington III dd7efcbf36 java: More default cleanups 2015-01-07 14:55:41 -08:00
Tobias Geerinckx-Rice c64257b8e5 Fix user-facing typos (mainly in descriptions) 2014-12-30 03:31:03 +01:00
Eelco Dolstra cfe26e4438 Fix using Apache httpd 2.2 2014-12-15 13:13:17 +01:00
Nikolay Amiantov d0773dae54 nixos/nginx: add more types 2014-12-10 04:45:10 +03:00
Igor Pashev 1dd53cc990 Mediawiki: updated for Apache 2.4 2014-11-26 16:51:30 +01:00
Longrin Wischnewski 490232bd2e apache-httpd: add mod_access_compat for compatibility with old httpd-22 configurations 2014-11-12 13:18:02 +01:00
Rickard Nilsson 2b3c3d0e32 Fixes to Apache 2.4 configuration 2014-11-06 21:58:40 +01:00
Eelco Dolstra b3eb981a95 apache-httpd: Make 2.4 the default
The NixOS 14.11 release is a good time to finally make 2.4 the
default.
2014-11-06 14:55:44 +01:00
Bjørn Forsman fca51849ec nixos/lighttpd: add services.lighttpd.enableModules option
This option makes the coupling between lighttpd and its sub-services
more "loose".

While the option is a list, its purpose is to provide a "set" of needed
modules to load for lighttpd to function correctly with its config. The
NixOS lighttpd module ensures that lighttpd modules are loaded no more
than once (because lighttpd dislikes that), and in the correct order.

Also add an assertion that all modules listed in .enableModules are
valid.
2014-10-05 19:15:19 +02:00
Eelco Dolstra 0de982d75b httpd: Add option for specifying robots.txt 2014-09-18 19:05:26 +02:00
Eelco Dolstra 837a0c05e5 httpd: Don't emit robots.txt if there are no robots entries 2014-09-18 18:48:28 +02:00
Bjørn Forsman a44de69d06 nixos/tomcat: make package version configurable 2014-09-11 22:32:16 +02:00
Igor Pashev 5c6e4e7433 Updated Mediawiki to 1.23.3
Removed mediawiki-postgresql-fixes.patch (fixed upstream)
2014-09-07 17:50:51 +02:00
Strahinja Popovic fe3f7716f0 Enabled access to binaries of needed tools, and worker daemons can be enabled for phabricator #3306 2014-09-03 15:46:59 +04:00
Michael Raskin 3ad91106f1 Merge pull request #3704 from sfultong/upstream-master
tomcat: update to upstream master
2014-09-02 02:09:18 +04:00
Igor Pashev 019bc6bb2b Made Mediawiki rewrite rules work for virtual hosts
Related to cdd1785cd6
2014-08-29 13:56:23 +02:00
aszlig 8a56a55bb4
nixos/manual: Use literalExample when feasible.
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.

Thanks to @devhell for reporting.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 23:41:15 +02:00
Igor Pashev cdd1785cd6 Fixed rewrite rules for Mediawiki
If Mediawiki was served from the root directory of the server
it was impossible to serve other directories.

Make sure that URLs defined in servedDirs are not rewritten.
Use case: serving local copy of MathJax
2014-08-25 11:55:57 +02:00
Michael Raskin c0da615c02 Merge pull request #3230 from robberer/module/httpd
httpd: disable logging when logFormat = "none"
2014-08-23 11:37:48 +04:00
sfultong c54a8ed1d0 Merge pull request #1 from sfultongv/sfultong-14.04
updating tomcat to version 7
2014-08-20 23:08:39 -04:00
Harald van Dijk 67a5ec4efb nixos/lighttpd: fix modules for gitweb
Setting "services.lighttpd.gitweb.enable" to true doesn't enable the
required lighttpd modules to actually make it work. The problem is that
"or" and "||" don't mean the same thing: "or" falls back to the second
operand if the first is not defined, whereas "||" is the normal logical
operator. When cfg.cgit.enable is defined, as false, the expressions
don't have the desired effect.

[Bjørn: modify commit message]
2014-08-12 21:16:01 +02:00
Peter Simons 2d326e5032 Merge remote-tracking branch 'origin/master' into staging.
Conflicts:
	pkgs/desktops/e18/enlightenment.nix
2014-08-04 16:51:47 +02:00
Chris Farmiloe 34890e7c2a nixos: Add enablePHP convinence option to services.httpd module to mimic subservices option
Fixes #2699
2014-08-03 21:11:45 +02:00
aszlig 9d3fbcd054
tomcat: Fix evaluation after e27dcff.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-03 16:09:45 +02:00
Sander van der Burg 2e44bb9ead Merge pull request #3425 from luke-clifton/lc-tomcat-jdk
Allows the JDK to be chosen in services.tomcat
2014-08-03 14:55:46 +02:00
Shea Levy 7fec575976 Fix lib functions taken from pkgs.lib instead of lib in nixos 2014-08-01 16:23:56 -04:00
Luke Clifton e27dcfff1b Allows the JDK to be chosen in services.tomcat 2014-08-01 16:52:19 +08:00
Danny Groenewegen 51494f2c33 Restore extraWorkersProperties option for apache httpd tomcat-connector, issue https://github.com/NixOS/nixpkgs/issues/2202 2014-07-31 16:51:51 +02:00
Eelco Dolstra f64d84698e Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/applications/audio/espeak/edit.nix
	pkgs/applications/audio/lmms/default.nix
	pkgs/desktops/e18/enlightenment.nix
	pkgs/games/exult/default.nix
	pkgs/os-specific/linux/alsa-plugins/default.nix
2014-07-28 11:30:49 +02:00
Bjørn Forsman 162cb556f6 nixos/lighttpd: improve sub-service option types (cgit, gitweb) 2014-07-23 22:18:37 +02:00
Bjørn Forsman 35ebc72f1c nixos/lighttpd-service: don't use types.string (it's deprecated) 2014-07-23 22:12:38 +02:00
Eelco Dolstra ff97b7dbe6 Merge remote-tracking branch 'origin/master' into staging 2014-07-14 17:04:55 +02:00
System administrator cab929c6c2 httpd: disable logging when logFormat = "none" 2014-07-10 14:32:08 +02:00
Sönke Hahn 09448101c3 mediawiki: add patch for fixing postgresql errors 2014-07-07 23:19:31 +08:00
Eelco Dolstra 95b828de42 Merge remote-tracking branch 'origin/master' into staging 2014-07-07 13:16:26 +02:00
Igor Pashev d4a320cd12 Updated Mediawiki to 1.23.1 2014-07-04 17:34:37 +02:00
Shea Levy b3cfb9084b Get all lib functions from lib, not pkgs.lib, in modules 2014-07-02 12:28:18 -04:00
Eelco Dolstra 06fc1ec34d Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/servers/serfdom/default.nix
2014-07-01 11:25:41 +02:00
Eelco Dolstra 40f7b0f9df Another attempt to eradicate ensureDir
See c556a6ea46.
2014-06-30 14:56:10 +02:00
Michael Raskin 02266194ea Merge pull request #2894 from kirelagin/fixusergroup
Fix conditional handling of users and groups in some services
2014-06-30 10:16:20 +04:00
Austin Seipp 91f1dda340 Merge pull request #2980 from bluescreen303/php-fpm
phpfpm: add option for setting php.ini file
2014-06-18 16:08:21 -05:00
Mathijs Kwik 35df71ac1d phpfpm: add option for setting php.ini file 2014-06-16 22:44:18 +02:00
Mathijs Kwik a97bef3e8c nixos/nginx: fix group and stateDir permissions
furthermore, I don't think adding nginx to systemPackages is of any use.
2014-06-16 22:43:58 +02:00
Kirill Elagin f81434bdfe Fix trying to add users to non-existent groups 2014-06-11 13:36:15 +04:00
Kirill Elagin 1208dd4df0 Fix configuring apache with extra user/group
This fix is consistent with all the other modules.
2014-06-11 13:17:42 +04:00
Kirill Elagin 80721cdd41 Revert "Fix configuring httpd with custom user/group."
This reverts commit 08f9da2e8e.
2014-06-11 13:17:00 +04:00
Rob Vermaas 08f9da2e8e Fix configuring httpd with custom user/group. 2014-06-11 10:18:37 +02:00
Luca Bruno 94c2661503 tomcat: fix service to be a daemon, and run tomcat in script rather than preStart 2014-06-06 14:04:35 +02:00
Luca Bruno 12f06b3cc3 fcgiwrap: new package
Simple server for running CGI applications over FastCGI

https://nginx.localdomain.pl/wiki/FcgiWrap
2014-06-04 10:20:19 +02:00
Strahinja Popovic 25e0d51a67 Phabricator, a web application, snapshot of 2014-05-12 2014-05-12 19:59:40 +02:00
Eelco Dolstra 2dfbe55421 Remove use of obsolete flags 2014-04-29 10:13:21 +02:00
Eelco Dolstra 4fb50f071f Manual: Typo fixes 2014-04-19 22:59:25 +02:00
Eelco Dolstra 29027fd1e1 Rewrite ‘with pkgs.lib’ -> ‘with lib’
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
2014-04-14 16:26:48 +02:00
Eelco Dolstra d2155649af Merge branch 'containers'
Fixes #2105.
2014-04-10 15:55:51 +02:00
aszlig 5dd14a1059
nixos/phpfpm: Add option to set PHP package.
This allows to easily override the used PHP package, especially for
example if you want to use PHP 5.5 or if you want to override the
derivation.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-10 07:52:26 +02:00
Shea Levy a1a167bc8b nginx module: Enable modularly specifying servers 2014-03-17 23:31:56 -04:00
Eelco Dolstra 28b7d67d08 httpd: Don't require keys.target
This has the unintended side-effect of restarting httpd every time we
run switch-to-configuration, even if httpd hasn't changed (because
we're doing a "stop keys.target" now).  So use a "Wants" dependency
instead.
2014-03-17 15:01:10 +01:00
Rickard Nilsson 91e6d7411e winstone NixOS module: Make it possible to set systemd service name 2014-03-12 23:28:38 +01:00
Rickard Nilsson f24940330b New NixOS module: services.winstone, for running instances of the Winstone Java Servlet container 2014-03-12 23:14:09 +01:00
Rickard Nilsson 4e23573138 phpfpm module: Make extraConfig and poolConfigs mergeable by switching option type to types.lines 2014-03-12 11:45:31 +01:00
Rickard Nilsson 562a8ca4a2 Add phpfpm NixOS service module 2014-03-12 11:38:50 +01:00
Domen Kožar 97a0dd9eb9 nixos: set all package options to have type package 2014-02-27 13:22:29 +01:00
Shea Levy f7c04b1e6b mediawiki: Don't rewrite /images if uploads are enabled 2014-02-27 07:17:10 -05:00
Shea Levy 1e7300ad67 mediawiki rewrite rules only needed with no urlPrefix 2014-02-27 07:17:10 -05:00