gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nginx: add listenAddresses

Browse Source 
This allows the user to manually specify the addresses nginx shoud 
listen on, while still having the convinience to use the *SSL options 
and have the ports automatically applied
This commit is contained in:
Maciej Krüger
2021-07-29 16:33:10 +02:00
parent 707f6106fe
commit a4ca45acd7
2 changed files with 24 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
nixos/modules/services/web-servers/nginx/default.nix
View File

@@ -230,13 +230,13 @@ let
defaultListen = defaultListen =
if vhost.listen != [] then vhost.listen if vhost.listen != [] then vhost.listen
else optionals (hasSSL || vhost.rejectSSL) ( else
singleton { addr = "0.0.0.0"; port = 443; ssl = true; } let addrs = if vhost.listenAddresses != [] then vhost.listenAddreses else (
++ optional enableIPv6 { addr = "[::]"; port = 443; ssl = true; } [ "0.0.0.0" ] ++ optional enableIPv6 "[::0]"
) ++ optionals (!onlySSL) ( );
singleton { addr = "0.0.0.0"; port = 80; ssl = false; } in
++ optional enableIPv6 { addr = "[::]"; port = 80; ssl = false; } optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = 443; ssl = true; }) addrs)
); ++ optionals (!onlySSL) (map (addr: { inherit addr; port = 80; ssl = false; }) addrs);
hostListen = hostListen =
if vhost.forceSSL if vhost.forceSSL

17
nixos/modules/services/web-servers/nginx/vhost-options.nix
View File

@@ -43,9 +43,26 @@ with lib;
IPv6 addresses must be enclosed in square brackets. IPv6 addresses must be enclosed in square brackets.
Note: this option overrides <literal>addSSL</literal> Note: this option overrides <literal>addSSL</literal>
and <literal>onlySSL</literal>. and <literal>onlySSL</literal>.
If you only want to set the addresses manually and not
the ports, take a look at <literal>listenAddresses</literal>
''; '';
}; };
listenAddresses = mkOption {
type = with types; listOf str;
description = ''
Listen addresses for this virtual host.
Compared to <literal>listen</literal> this only sets the addreses
and the ports are choosen automatically.
Note: This option overrides <literal>enableIPv6</literal>
'';
default = [];
example = [ "127.0.0.1" "::1" ];
};
enableACME = mkOption { enableACME = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;