pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #134008 from aanderse/httpd

nixos/httpd: add virtualHosts.<name>.listenAddresses option

authored by

Robert Hensing and committed by
GitHub a1cdf552 71b36882

+25 -7
unified split
+6 -5
nixos/modules/services/web-servers/apache-httpd/default.nix
··· 36 36 dependentCertNames = unique (map (hostOpts: hostOpts.certName) acmeEnabledVhosts); 37 37 38 38 mkListenInfo = hostOpts: 39 - if hostOpts.listen != [] then hostOpts.listen 40 - else ( 41 - optional (hostOpts.onlySSL || hostOpts.addSSL || hostOpts.forceSSL) { ip = "*"; port = 443; ssl = true; } ++ 42 - optional (!hostOpts.onlySSL) { ip = "*"; port = 80; ssl = false; } 43 - ); 39 + if hostOpts.listen != [] then 40 + hostOpts.listen 41 + else 42 + optionals (hostOpts.onlySSL || hostOpts.addSSL || hostOpts.forceSSL) (map (addr: { ip = addr; port = 443; ssl = true; }) hostOpts.listenAddresses) ++ 43 + optionals (!hostOpts.onlySSL) (map (addr: { ip = addr; port = 80; ssl = false; }) hostOpts.listenAddresses) 44 + ; 44 45 45 46 listenInfo = unique (concatMap mkListenInfo vhosts); 46 47
+19 -2
nixos/modules/services/web-servers/apache-httpd/vhost-options.nix
··· 47 47 ]; 48 48 description = '' 49 49 Listen addresses and ports for this virtual host. 50 - <note><para> 50 + <note> 51 + <para> 51 52 This option overrides <literal>addSSL</literal>, <literal>forceSSL</literal> and <literal>onlySSL</literal>. 52 - </para></note> 53 + </para> 54 + <para> 55 + If you only want to set the addresses manually and not the ports, take a look at <literal>listenAddresses</literal>. 56 + </para> 57 + </note> 58 + ''; 59 + }; 60 + 61 + listenAddresses = mkOption { 62 + type = with types; nonEmptyListOf str; 63 + 64 + description = '' 65 + Listen addresses for this virtual host. 66 + Compared to <literal>listen</literal> this only sets the addreses 67 + and the ports are chosen automatically. 53 68 ''; 69 + default = [ "*" ]; 70 + example = [ "127.0.0.1" ]; 54 71 }; 55 72 56 73 enableSSL = mkOption {