nixos/modules/services/web-servers/nginx/default.nix at release-16.03-start · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / web-servers / nginx / default.nix
at release-16.03-start 3.1 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6  cfg = config.services.nginx;
  7  nginx = cfg.package;
  8  configFile = pkgs.writeText "nginx.conf" ''
  9    user ${cfg.user} ${cfg.group};
 10    daemon off;
 11
 12    ${cfg.config}
 13
 14    ${optionalString (cfg.httpConfig != "") ''
 15    http {
 16      include ${cfg.package}/conf/mime.types;
 17      ${cfg.httpConfig}
 18    }
 19    ''}
 20    ${cfg.appendConfig}
 21  '';
 22in
 23
 24{
 25  options = {
 26    services.nginx = {
 27      enable = mkOption {
 28        default = false;
 29        type = types.bool;
 30        description = "
 31          Enable the nginx Web Server.
 32        ";
 33      };
 34
 35      package = mkOption {
 36        default = pkgs.nginx;
 37        defaultText = "pkgs.nginx";
 38        type = types.package;
 39        description = "
 40          Nginx package to use.
 41        ";
 42      };
 43
 44      config = mkOption {
 45        default = "events {}";
 46        description = "
 47          Verbatim nginx.conf configuration.
 48        ";
 49      };
 50
 51      appendConfig = mkOption {
 52        type = types.lines;
 53        default = "";
 54        description = ''
 55          Configuration lines appended to the generated Nginx
 56          configuration file. Commonly used by different modules
 57          providing http snippets. <option>appendConfig</option>
 58          can be specified more than once and it's value will be
 59          concatenated (contrary to <option>config</option> which
 60          can be set only once).
 61        '';
 62      };
 63
 64      httpConfig = mkOption {
 65        type = types.lines;
 66        default = "";
 67        description = "Configuration lines to be appended inside of the http {} block.";
 68      };
 69
 70      stateDir = mkOption {
 71        default = "/var/spool/nginx";
 72        description = "
 73          Directory holding all state for nginx to run.
 74        ";
 75      };
 76
 77      user = mkOption {
 78        type = types.str;
 79        default = "nginx";
 80        description = "User account under which nginx runs.";
 81      };
 82
 83      group = mkOption {
 84        type = types.str;
 85        default = "nginx";
 86        description = "Group account under which nginx runs.";
 87      };
 88
 89    };
 90
 91  };
 92
 93  config = mkIf cfg.enable {
 94    # TODO: test user supplied config file pases syntax test
 95
 96    systemd.services.nginx = {
 97      description = "Nginx Web Server";
 98      after = [ "network.target" ];
 99      wantedBy = [ "multi-user.target" ];
100      path = [ nginx ];
101      preStart =
102        ''
103        mkdir -p ${cfg.stateDir}/logs
104        chmod 700 ${cfg.stateDir}
105        chown -R ${cfg.user}:${cfg.group} ${cfg.stateDir}
106        '';
107      serviceConfig = {
108        ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}";
109        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
110        Restart = "on-failure";
111        RestartSec = "10s";
112        StartLimitInterval = "1min";
113      };
114    };
115
116    users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton
117      { name = "nginx";
118        group = cfg.group;
119        uid = config.ids.uids.nginx;
120      });
121
122    users.extraGroups = optionalAttrs (cfg.group == "nginx") (singleton
123      { name = "nginx";
124        gid = config.ids.gids.nginx;
125      });
126  };
127}