Merge pull request #277936 from Izorkin/update-nginx-ktls

nginx: enable ktls support by default
This commit is contained in:
Ryan Lahfa 2024-01-01 17:19:11 +01:00 committed by GitHub
commit 10af81720a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 9 deletions

View File

@ -1132,14 +1132,6 @@ in
'';
}
{
assertion = any (host: host.kTLS) (attrValues virtualHosts) -> versionAtLeast cfg.package.version "1.21.4";
message = ''
services.nginx.virtualHosts.<name>.kTLS requires nginx version
1.21.4 or above; see the documentation for services.nginx.package.
'';
}
{
assertion = all (host: !(host.enableACME && host.useACMEHost != null)) (attrValues virtualHosts);
message = ''
@ -1348,6 +1340,8 @@ in
nginx.gid = config.ids.gids.nginx;
};
boot.kernelModules = optional (versionAtLeast config.boot.kernelPackages.kernel.version "4.17") "tls";
# do not delete the default temp directories created upon nginx startup
systemd.tmpfiles.rules = [
"X /tmp/systemd-private-%b-nginx.service-*/tmp/nginx_*"

View File

@ -4,7 +4,7 @@ outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt
, nixosTests
, installShellFiles, substituteAll, removeReferencesTo, gd, geoip, perl
, withDebug ? false
, withKTLS ? false
, withKTLS ? true
, withStream ? true
, withMail ? false
, withPerl ? true