pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / nghttpx / nghttpx-options.nix
at 23.11-pre 4.4 kB view raw
1{ lib, ... }: 2{ options.services.nghttpx = { 3 enable = lib.mkEnableOption (lib.mdDoc "nghttpx"); 4 5 frontends = lib.mkOption { 6 type = lib.types.listOf (lib.types.submodule (import ./frontend-submodule.nix)); 7 description = lib.mdDoc '' 8 A list of frontend listener specifications. 9 ''; 10 example = [ 11 { server = { 12 host = "*"; 13 port = 80; 14 }; 15 16 params = { 17 tls = "no-tls"; 18 }; 19 } 20 ]; 21 }; 22 23 backends = lib.mkOption { 24 type = lib.types.listOf (lib.types.submodule (import ./backend-submodule.nix)); 25 description = lib.mdDoc '' 26 A list of backend specifications. 27 ''; 28 example = [ 29 { server = { 30 host = "172.16.0.22"; 31 port = 8443; 32 }; 33 patterns = [ "/" ]; 34 params = { 35 proto = "http/1.1"; 36 redirect-if-not-tls = true; 37 }; 38 } 39 ]; 40 }; 41 42 tls = lib.mkOption { 43 type = lib.types.nullOr (lib.types.submodule (import ./tls-submodule.nix)); 44 default = null; 45 description = lib.mdDoc '' 46 TLS certificate and key paths. Note that this does not enable 47 TLS for a frontend listener, to do so, a frontend 48 specification must set `params.tls` to true. 49 ''; 50 example = { 51 key = "/etc/ssl/keys/server.key"; 52 crt = "/etc/ssl/certs/server.crt"; 53 }; 54 }; 55 56 extraConfig = lib.mkOption { 57 type = lib.types.lines; 58 default = ""; 59 description = lib.mdDoc '' 60 Extra configuration options to be appended to the generated 61 configuration file. 62 ''; 63 }; 64 65 single-process = lib.mkOption { 66 type = lib.types.bool; 67 default = false; 68 description = lib.mdDoc '' 69 Run this program in a single process mode for debugging 70 purpose. Without this option, nghttpx creates at least 2 71 processes: master and worker processes. If this option is 72 used, master and worker are unified into a single 73 process. nghttpx still spawns additional process if neverbleed 74 is used. In the single process mode, the signal handling 75 feature is disabled. 76 77 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-process 78 ''; 79 }; 80 81 backlog = lib.mkOption { 82 type = lib.types.int; 83 default = 65536; 84 description = lib.mdDoc '' 85 Listen backlog size. 86 87 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backlog 88 ''; 89 }; 90 91 backend-address-family = lib.mkOption { 92 type = lib.types.enum [ 93 "auto" 94 "IPv4" 95 "IPv6" 96 ]; 97 default = "auto"; 98 description = lib.mdDoc '' 99 Specify address family of backend connections. If "auto" is 100 given, both IPv4 and IPv6 are considered. If "IPv4" is given, 101 only IPv4 address is considered. If "IPv6" is given, only IPv6 102 address is considered. 103 104 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backend-address-family 105 ''; 106 }; 107 108 workers = lib.mkOption { 109 type = lib.types.int; 110 default = 1; 111 description = lib.mdDoc '' 112 Set the number of worker threads. 113 114 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-n 115 ''; 116 }; 117 118 single-thread = lib.mkOption { 119 type = lib.types.bool; 120 default = false; 121 description = lib.mdDoc '' 122 Run everything in one thread inside the worker process. This 123 feature is provided for better debugging experience, or for 124 the platforms which lack thread support. If threading is 125 disabled, this option is always enabled. 126 127 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-thread 128 ''; 129 }; 130 131 rlimit-nofile = lib.mkOption { 132 type = lib.types.int; 133 default = 0; 134 description = lib.mdDoc '' 135 Set maximum number of open files (RLIMIT_NOFILE) to \<N\>. If 0 136 is given, nghttpx does not set the limit. 137 138 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--rlimit-nofile 139 ''; 140 }; 141 }; 142}