Aaron Andersen
336a6f471f
nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command
2020-01-08 10:37:46 -05:00
rnhmjoj
1d61efb7f1
treewide: use attrs instead of list for types.loaOf options
2020-01-06 10:39:18 -05:00
Aaron Andersen
6777926911
nixos/httpd: update default ssl protocols
2019-12-30 11:24:11 -05:00
Aaron Andersen
79215f0df1
nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration
2019-12-24 20:27:48 -05:00
Vanya Klimenko
125205cd60
nixos/apache-httpd: fix typo in extraConfig description
2019-12-06 21:47:15 +03:00
Red Davies
62e421fbb2
nixos/httpd: module fixes enableUserDir (attendum to #72789 )
2019-11-09 00:53:56 +00:00
Aaron Andersen
5c3715379d
nixos/httpd: allow user to specify a minimal list of apache modules
2019-11-04 11:21:20 -05:00
Aaron Andersen
9c28599bfe
nixos/httpd: drop stateDir option, hardcode to /run/httpd
2019-11-04 07:32:28 -05:00
Aaron Andersen
9a91679b7a
nixos/httpd: remove deprecated extraSubservices option
2019-10-20 20:16:45 -04:00
Joachim Fasting
bad07dfac5
tree-wide: replace uses of splitString "." with lib.versions
...
Quoting from the splitString docstring:
NOTE: this function is not performant and should never be used.
This replaces trivial uses of splitString for splitting version
strings with the (potentially builtin) splitVersion.
2019-09-26 17:42:49 +02:00
Maximilian Bosch
56a7bc05e1
nixos/treewide: drop dependencies to keys.target
...
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265 ) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).
As described in the NixOps manual[1], dependencies to keys should be
defined like this now:
``` nix
{
systemd.services.myservice = {
after = [ "secret-key.service" ];
wants = [ "secret-key.service" ];
};
}
```
However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.
[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Aaron Andersen
5596b69771
nixos/httpd: remove duplicate module entries from httpd.conf
2019-07-26 17:51:06 -04:00
Aaron Andersen
9b970d07f3
nixos/httpd: drop postgresql reference
2019-07-20 18:36:24 -04:00
Aaron Andersen
0fd69629c7
nixos/httpd: mark extraSubservices option as deprecated
2019-07-20 18:36:19 -04:00
Aaron Andersen
505df09d50
nixos/httpd: drop the port option
2019-07-20 18:29:46 -04:00
Aaron Andersen
fae95c2c82
Merge pull request #60021 from aanderse/httpd-cleanup
...
nixos/httpd: cleanup old apache2.2 syntax
2019-06-06 06:46:05 -04:00
Daniel Schaefer
786f02f7a4
treewide: Remove usage of isNull
...
isNull "is deprecated; just write e == null instead" says the Nix manual
2019-04-29 14:05:50 +02:00
Aaron Andersen
e5b583bef4
nixos/httpd: cleanup old apache2.2 syntax
2019-04-20 07:32:55 -04:00
Aaron Andersen
9c9a6f380e
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 06:34:46 -04:00
Symphorien Gibol
a915b33315
nixos: add preferLocalBuild=true; on derivations for config files
2019-02-22 20:11:27 +01:00
aanderse
a9358c4356
nixos/httpd: update documentation to reflect changes from https://github.com/NixOS/nixpkgs/pull/54529 ( #56079 )
2019-02-20 14:43:25 +02:00
Aaron Andersen
1bec75301b
nixos/httpd: don't advertise php
2019-02-07 14:25:55 -05:00
Aaron Andersen
70be5b6bb2
nixos/httpd: disable HTTP TRACE method by default
2019-02-07 14:13:45 -05:00
Aaron Andersen
dd610ce84f
nixos/httpd: disable TLSv1 by default for better security
2019-02-07 14:05:44 -05:00
aanderse
c6cd07707b
nixos/httpd: rename apache log files to have a .log file extension ( #54529 )
...
nixos/httpd: rename apache log files to have a .log file extension
2019-01-31 04:04:58 +02:00
Aaron Andersen
fd5a88687c
nixos/httpd: add options sslCiphers & sslProtocols
2019-01-09 11:30:19 -05:00
volth
87f5930c3f
[bot]: remove unreferenced code
2018-07-20 18:48:37 +00:00
Silvan Mosberger
b9c95c7d60
httpd: Fix typo
2018-07-13 02:59:00 +02:00
Florian Klink
fff5923686
nixos/modules: users.(extraUsers|extraGroup->users|group)
2018-06-30 03:02:58 +02:00
Bas van Dijk
527781ebc4
apache-httpd: fix nix evaluation error
...
This only sets the timezone when it's not null to prevent:
error: cannot coerce null to a string, at
nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Ekaterina Vaartis
c0df448d54
apache-httpd: fix mod_perl by refering to apacheHttpdPackages ( #26579 )
2017-06-15 13:07:14 +02:00
Joachim Schiele
d491728653
httpd: added serviceExpression which extends the serviceType concept -> allows that httpd services can live outside of nixpkgs ( #22269 )
2017-02-06 01:08:58 +01:00
Dan Peebles
df7b4f4f6f
httpd module: don't create documentRoot directory if it doesn't exist
...
It hides bugs and do you ever actually want to serve up an empty directory?
It was pretty confusing to me when it tried to write into a read-only store
path because I accidentally pointed it to the wrong store path.
2017-01-05 21:19:16 -05:00
Rok Garbas
e6fa6b21e1
apacheHttpdPackages.mod_perl: init at 2.0.10
2016-12-22 13:36:44 +01:00
Marc Weber
b51f165334
apache-httpd
...
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Eric Sagnes
ff074ec7a4
apache-httpd: add phpPackage option
2016-06-22 21:24:25 +09:00
Kranium Gikos Mendoza
25fbac5b52
mod_auth_mellon: init at 0.12.0
2016-05-23 02:02:25 +08:00
Eric Sagnes
a8bc5b67f8
php: add default php.ini
2016-04-29 15:26:20 +09:00
Vladimír Čunát
30f14243c3
Merge branch 'master' into closure-size
...
Comparison to master evaluations on Hydra:
- 1255515 for nixos
- 1255502
for nixpkgs
2016-04-10 11:17:52 +02:00
Eelco Dolstra
133e6e1ea6
httpd.service: Support reload
...
This is useful when ACME has generated a new TLS certificate.
2016-04-07 17:53:46 +02:00
Vladimír Čunát
c801cd1a04
php: fixup build when configured with httpd via nixos
2016-03-11 11:54:53 +01:00
Vladimír Čunát
09af15654f
Merge master into closure-size
...
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra
f3d94cfc23
Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
...
This reverts commit cad8957eab
. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel
cad8957eab
Add the tool "nixos-typecheck" that can check an option declaration to:
...
- Enforce that an option declaration has a "defaultText" if and only if the
type of the option derives from "package", "packageSet" or "nixpkgsConfig"
and if a "default" attribute is defined.
- Enforce that the value of the "example" attribute is wrapped with "literalExample"
if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".
- Warn if a "defaultText" is defined in an option declaration if the type of
the option does not derive from "package", "packageSet" or "nixpkgsConfig".
- Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
zimbatm
a7715e3e06
Merge pull request #10231 from zimbatm/apache-intermediate-ssl
...
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Vladimír Čunát
716aac2519
Merge branch 'staging' into closure-size
2016-01-19 09:55:31 +01:00
Thomas Strobel
a04a7272aa
Add missing 'type', 'defaultText' and 'literalExample' in module definitions
...
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Tuomas Tynkkynen
58dfef2792
treewide: Fix references to apacheHttpd_2_*
2015-10-28 10:23:03 +01:00
zimbatm
f5f039eeb4
apache-httpd: harden default SSL cipher list
...
A couple of tweaks on the SSL cipher list.
Disabled RC4 which is now considered broken.
https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what
Enabled Forward Secrecy for modern browsers.
https://en.wikipedia.org/wiki/Forward_secrecy
Without the change, NixOS servers are capped at Grade B on
https://www.ssllabs.com/ssltest/index.html
2015-10-05 17:19:53 +01:00
Eelco Dolstra
9d82f7e53e
Revert "Apache service module: allow compression"
...
This reverts commit 164f6ff2a8
per
https://github.com/NixOS/nixpkgs/pull/9407#issuecomment-134523359
(it's too site-specific). Furthermore this should be an option at the
virtual host level.
2015-08-28 12:41:06 +02:00