pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / nghttpx / nghttpx-options.nix
at 25.11-pre 4.2 kB view raw
1{ lib, ... }: 2{ 3 options.services.nghttpx = { 4 enable = lib.mkEnableOption "nghttpx"; 5 6 frontends = lib.mkOption { 7 type = lib.types.listOf (lib.types.submodule (import ./frontend-submodule.nix)); 8 description = '' 9 A list of frontend listener specifications. 10 ''; 11 example = [ 12 { 13 server = { 14 host = "*"; 15 port = 80; 16 }; 17 18 params = { 19 tls = "no-tls"; 20 }; 21 } 22 ]; 23 }; 24 25 backends = lib.mkOption { 26 type = lib.types.listOf (lib.types.submodule (import ./backend-submodule.nix)); 27 description = '' 28 A list of backend specifications. 29 ''; 30 example = [ 31 { 32 server = { 33 host = "172.16.0.22"; 34 port = 8443; 35 }; 36 patterns = [ "/" ]; 37 params = { 38 proto = "http/1.1"; 39 redirect-if-not-tls = true; 40 }; 41 } 42 ]; 43 }; 44 45 tls = lib.mkOption { 46 type = lib.types.nullOr (lib.types.submodule (import ./tls-submodule.nix)); 47 default = null; 48 description = '' 49 TLS certificate and key paths. Note that this does not enable 50 TLS for a frontend listener, to do so, a frontend 51 specification must set `params.tls` to true. 52 ''; 53 example = { 54 key = "/etc/ssl/keys/server.key"; 55 crt = "/etc/ssl/certs/server.crt"; 56 }; 57 }; 58 59 extraConfig = lib.mkOption { 60 type = lib.types.lines; 61 default = ""; 62 description = '' 63 Extra configuration options to be appended to the generated 64 configuration file. 65 ''; 66 }; 67 68 single-process = lib.mkOption { 69 type = lib.types.bool; 70 default = false; 71 description = '' 72 Run this program in a single process mode for debugging 73 purpose. Without this option, nghttpx creates at least 2 74 processes: master and worker processes. If this option is 75 used, master and worker are unified into a single 76 process. nghttpx still spawns additional process if neverbleed 77 is used. In the single process mode, the signal handling 78 feature is disabled. 79 80 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-process 81 ''; 82 }; 83 84 backlog = lib.mkOption { 85 type = lib.types.int; 86 default = 65536; 87 description = '' 88 Listen backlog size. 89 90 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backlog 91 ''; 92 }; 93 94 backend-address-family = lib.mkOption { 95 type = lib.types.enum [ 96 "auto" 97 "IPv4" 98 "IPv6" 99 ]; 100 default = "auto"; 101 description = '' 102 Specify address family of backend connections. If "auto" is 103 given, both IPv4 and IPv6 are considered. If "IPv4" is given, 104 only IPv4 address is considered. If "IPv6" is given, only IPv6 105 address is considered. 106 107 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backend-address-family 108 ''; 109 }; 110 111 workers = lib.mkOption { 112 type = lib.types.int; 113 default = 1; 114 description = '' 115 Set the number of worker threads. 116 117 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-n 118 ''; 119 }; 120 121 single-thread = lib.mkOption { 122 type = lib.types.bool; 123 default = false; 124 description = '' 125 Run everything in one thread inside the worker process. This 126 feature is provided for better debugging experience, or for 127 the platforms which lack thread support. If threading is 128 disabled, this option is always enabled. 129 130 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-thread 131 ''; 132 }; 133 134 rlimit-nofile = lib.mkOption { 135 type = lib.types.int; 136 default = 0; 137 description = '' 138 Set maximum number of open files (RLIMIT_NOFILE) to \<N\>. If 0 139 is given, nghttpx does not set the limit. 140 141 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--rlimit-nofile 142 ''; 143 }; 144 }; 145}