Merge pull request #20366 from MarcWeber/submit/apache-port-to-listen

pyrox.dev / nixpkgs

fork atom

lol

fork atom

apache-httpd

authored by

Michael Raskin and committed by

GitHub 9 years ago 36010e70 fcc5a4d3

+52 -16

2 changed files

expand all

unified split

nixos

modules

services

web-servers

apache-httpd

default.nix

per-server-options.nix

+29 -14

nixos/modules/services/web-servers/apache-httpd/default.nix

··· 16 17 phpMajorVersion = head (splitString "." php.version); 18 19 - getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80; 20 21 extraModules = attrByPath ["extraModules"] [] mainCfg; 22 extraForeignModules = filter isAttrs extraModules; ··· 25 26 makeServerInfo = cfg: { 27 # Canonical name must not include a trailing slash. 28 - canonicalName = 29 - (if cfg.enableSSL then "https" else "http") + "://" + 30 - cfg.hostName + 31 - (if getPort cfg != (if cfg.enableSSL then 443 else 80) then ":${toString (getPort cfg)}" else ""); 32 33 # Admin address: inherit from the main server if not specified for 34 # a virtual host. ··· 224 ++ (map (svc: svc.robotsEntries) subservices))); 225 226 in '' 227 - ServerName ${serverInfo.canonicalName} 228 229 ${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases} 230 ··· 326 </IfModule> 327 328 ${let 329 - ports = map getPort allHosts; 330 - uniquePorts = uniqList {inputList = ports;}; 331 - in concatMapStrings (port: "Listen ${toString port}\n") uniquePorts 332 } 333 334 User ${mainCfg.user} ··· 382 383 # Always enable virtual hosts; it doesn't seem to hurt. 384 ${let 385 - ports = map getPort allHosts; 386 - uniquePorts = uniqList {inputList = ports;}; 387 - directives = concatMapStrings (port: "NameVirtualHost *:${toString port}\n") uniquePorts; 388 in optionalString (!version24) directives 389 } 390 391 ${let 392 makeVirtualHost = vhost: '' 393 - <VirtualHost *:${toString (getPort vhost)}> 394 ${perServerConf false vhost} 395 </VirtualHost> 396 ''; ··· 628 message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; } 629 ]; 630 631 users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton 632 { name = "wwwrun"; 633 group = mainCfg.group; ··· 712 }; 713 714 }; 715 - 716 }

··· 16 17 phpMajorVersion = head (splitString "." php.version); 18 19 + defaultListen = cfg: if cfg.enableSSL 20 + then [{ip = "*"; port = 443;}] 21 + else [{ip = "*"; port = 80;}]; 22 + 23 + getListen = cfg: 24 + let list = (lib.optional (cfg.port != 0) {ip = "*"; port = cfg.port;}) ++ cfg.listen; 25 + in if list == [] 26 + then defaultListen cfg 27 + else list; 28 + 29 + listenToString = l: "${l.ip}:${toString l.port}"; 30 31 extraModules = attrByPath ["extraModules"] [] mainCfg; 32 extraForeignModules = filter isAttrs extraModules; ··· 35 36 makeServerInfo = cfg: { 37 # Canonical name must not include a trailing slash. 38 + canonicalNames = 39 + let defaultPort = (head (defaultListen cfg)).port; in 40 + map (port: 41 + (if cfg.enableSSL then "https" else "http") + "://" + 42 + cfg.hostName + 43 + (if port != defaultPort then ":${toString port}" else "") 44 + ) (map (x: x.port) (getListen cfg)); 45 46 # Admin address: inherit from the main server if not specified for 47 # a virtual host. ··· 237 ++ (map (svc: svc.robotsEntries) subservices))); 238 239 in '' 240 + ${concatStringsSep "\n" (map (n: "ServerName ${n}") serverInfo.canonicalNames)} 241 242 ${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases} 243 ··· 339 </IfModule> 340 341 ${let 342 + listen = concatMap getListen allHosts; 343 + toStr = listen: "Listen ${listenToString listen}\n"; 344 + uniqueListen = uniqList {inputList = map toStr listen;}; 345 + in concatStrings uniqueListen 346 } 347 348 User ${mainCfg.user} ··· 396 397 # Always enable virtual hosts; it doesn't seem to hurt. 398 ${let 399 + listen = concatMap getListen allHosts; 400 + uniqueListen = uniqList {inputList = listen;}; 401 + directives = concatMapStrings (listen: "NameVirtualHost ${listenToString listen}\n") uniqueListen; 402 in optionalString (!version24) directives 403 } 404 405 ${let 406 makeVirtualHost = vhost: '' 407 + <VirtualHost ${concatStringsSep " " (map listenToString (getListen vhost))}> 408 ${perServerConf false vhost} 409 </VirtualHost> 410 ''; ··· 642 message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; } 643 ]; 644 645 + warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port}";}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts); 646 + 647 users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton 648 { name = "wwwrun"; 649 group = mainCfg.group; ··· 728 }; 729 730 }; 731 }

+23 -2

nixos/modules/services/web-servers/apache-httpd/per-server-options.nix

··· 28 type = types.int; 29 default = 0; 30 description = '' 31 - Port for the server. 0 means use the default port: 80 for http 32 - and 443 for https (i.e. when enableSSL is set). 33 ''; 34 }; 35 36 enableSSL = mkOption {

··· 28 type = types.int; 29 default = 0; 30 description = '' 31 + Port for the server. Option will be removed, use <option>listen</option> instead. 32 + ''; 33 + }; 34 + 35 + listen = mkOption { 36 + type = types.listOf (types.submodule ( 37 + { 38 + options = { 39 + port = mkOption { 40 + type = types.int; 41 + description = "port to listen on"; 42 + }; 43 + ip = mkOption { 44 + type = types.string; 45 + default = "*"; 46 + description = "Ip to listen on. 0.0.0.0 for ipv4 only, * for all."; 47 + }; 48 + }; 49 + } )); 50 + description = '' 51 + List of { /* ip: "*"; */ port = 80;} to listen on 52 ''; 53 + 54 + default = []; 55 }; 56 57 enableSSL = mkOption {