pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #20366 from MarcWeber/submit/apache-port-to-listen

apache-httpd

Michael Raskin 36010e70 fcc5a4d3

options
unified split
Changed files
+52 -16
nixos
modules
services
web-servers
apache-httpd
default.nix
per-server-options.nix
+29 -14
nixos/modules/services/web-servers/apache-httpd/default.nix 
···

       
16

       
 

       



     

       
17

       
 

       
  phpMajorVersion = head (splitString "." php.version);


     

       
18

       
 

       



     

       
19

       
-

       
  getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80;


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
20

       
 

       



     

       
21

       
 

       
  extraModules = attrByPath ["extraModules"] [] mainCfg;


     

       
22

       
 

       
  extraForeignModules = filter isAttrs extraModules;


     
···

       
25

       
 

       



     

       
26

       
 

       
  makeServerInfo = cfg: {


     

       
27

       
 

       
    # Canonical name must not include a trailing slash.


     

       
28

       
-

       
    canonicalName =


     

       
29

       
-

       
      (if cfg.enableSSL then "https" else "http") + "://" +


     

       
30

       
-

       
      cfg.hostName +


     

       
31

       
-

       
      (if getPort cfg != (if cfg.enableSSL then 443 else 80) then ":${toString (getPort cfg)}" else "");


     

       

       

       
     

       

       

       
     

       

       

       
     

       
32

       
 

       



     

       
33

       
 

       
    # Admin address: inherit from the main server if not specified for


     

       
34

       
 

       
    # a virtual host.


     
···

       
224

       
 

       
        ++ (map (svc: svc.robotsEntries) subservices)));


     

       
225

       
 

       



     

       
226

       
 

       
  in ''


     

       
227

       
-

       
    ServerName ${serverInfo.canonicalName}


     

       
228

       
 

       



     

       
229

       
 

       
    ${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases}


     

       
230

       
 

       



     
···

       
326

       
 

       
    </IfModule>


     

       
327

       
 

       



     

       
328

       
 

       
    ${let


     

       
329

       
-

       
        ports = map getPort allHosts;


     

       
330

       
-

       
        uniquePorts = uniqList {inputList = ports;};


     

       
331

       
-

       
      in concatMapStrings (port: "Listen ${toString port}\n") uniquePorts


     

       

       

       
     

       
332

       
 

       
    }


     

       
333

       
 

       



     

       
334

       
 

       
    User ${mainCfg.user}


     
···

       
382

       
 

       



     

       
383

       
 

       
    # Always enable virtual hosts; it doesn't seem to hurt.


     

       
384

       
 

       
    ${let


     

       
385

       
-

       
        ports = map getPort allHosts;


     

       
386

       
-

       
        uniquePorts = uniqList {inputList = ports;};


     

       
387

       
-

       
        directives = concatMapStrings (port: "NameVirtualHost *:${toString port}\n") uniquePorts;


     

       
388

       
 

       
      in optionalString (!version24) directives


     

       
389

       
 

       
    }


     

       
390

       
 

       



     

       
391

       
 

       
    ${let


     

       
392

       
 

       
        makeVirtualHost = vhost: ''


     

       
393

       
-

       
          <VirtualHost *:${toString (getPort vhost)}>


     

       
394

       
 

       
              ${perServerConf false vhost}


     

       
395

       
 

       
          </VirtualHost>


     

       
396

       
 

       
        '';


     
···

       
628

       
 

       
                     message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; }


     

       
629

       
 

       
                 ];


     

       
630

       
 

       



     

       

       

       
     

       

       

       
     

       
631

       
 

       
    users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton


     

       
632

       
 

       
      { name = "wwwrun";


     

       
633

       
 

       
        group = mainCfg.group;


     
···

       
712

       
 

       
      };


     

       
713

       
 

       



     

       
714

       
 

       
  };


     

       
715

       
-

       



     

       
716

       
 

       
}


     
···

       
16

       
 

       



     

       
17

       
 

       
  phpMajorVersion = head (splitString "." php.version);


     

       
18

       
 

       



     

       
19

       
+

       
  defaultListen = cfg: if cfg.enableSSL


     

       
20

       
+

       
    then [{ip = "*"; port = 443;}]


     

       
21

       
+

       
    else [{ip = "*"; port = 80;}];


     

       
22

       
+

       



     

       
23

       
+

       
  getListen = cfg:


     

       
24

       
+

       
    let list = (lib.optional (cfg.port != 0) {ip = "*"; port = cfg.port;}) ++ cfg.listen;


     

       
25

       
+

       
    in if list == []


     

       
26

       
+

       
        then defaultListen cfg


     

       
27

       
+

       
        else list;


     

       
28

       
+

       



     

       
29

       
+

       
  listenToString = l: "${l.ip}:${toString l.port}";


     

       
30

       
 

       



     

       
31

       
 

       
  extraModules = attrByPath ["extraModules"] [] mainCfg;


     

       
32

       
 

       
  extraForeignModules = filter isAttrs extraModules;


     
···

       
35

       
 

       



     

       
36

       
 

       
  makeServerInfo = cfg: {


     

       
37

       
 

       
    # Canonical name must not include a trailing slash.


     

       
38

       
+

       
    canonicalNames =


     

       
39

       
+

       
      let defaultPort = (head (defaultListen cfg)).port; in


     

       
40

       
+

       
      map (port:


     

       
41

       
+

       
        (if cfg.enableSSL then "https" else "http") + "://" +


     

       
42

       
+

       
        cfg.hostName +


     

       
43

       
+

       
        (if port != defaultPort then ":${toString port}" else "")


     

       
44

       
+

       
        ) (map (x: x.port) (getListen cfg));


     

       
45

       
 

       



     

       
46

       
 

       
    # Admin address: inherit from the main server if not specified for


     

       
47

       
 

       
    # a virtual host.


     
···

       
237

       
 

       
        ++ (map (svc: svc.robotsEntries) subservices)));


     

       
238

       
 

       



     

       
239

       
 

       
  in ''


     

       
240

       
+

       
    ${concatStringsSep "\n" (map (n: "ServerName ${n}") serverInfo.canonicalNames)}


     

       
241

       
 

       



     

       
242

       
 

       
    ${concatMapStrings (alias: "ServerAlias ${alias}\n") cfg.serverAliases}


     

       
243

       
 

       



     
···

       
339

       
 

       
    </IfModule>


     

       
340

       
 

       



     

       
341

       
 

       
    ${let


     

       
342

       
+

       
        listen = concatMap getListen allHosts;


     

       
343

       
+

       
        toStr = listen: "Listen ${listenToString listen}\n";


     

       
344

       
+

       
        uniqueListen = uniqList {inputList = map toStr listen;};


     

       
345

       
+

       
      in concatStrings uniqueListen


     

       
346

       
 

       
    }


     

       
347

       
 

       



     

       
348

       
 

       
    User ${mainCfg.user}


     
···

       
396

       
 

       



     

       
397

       
 

       
    # Always enable virtual hosts; it doesn't seem to hurt.


     

       
398

       
 

       
    ${let


     

       
399

       
+

       
        listen = concatMap getListen allHosts;


     

       
400

       
+

       
        uniqueListen = uniqList {inputList = listen;};


     

       
401

       
+

       
        directives = concatMapStrings (listen: "NameVirtualHost ${listenToString listen}\n") uniqueListen;


     

       
402

       
 

       
      in optionalString (!version24) directives


     

       
403

       
 

       
    }


     

       
404

       
 

       



     

       
405

       
 

       
    ${let


     

       
406

       
 

       
        makeVirtualHost = vhost: ''


     

       
407

       
+

       
          <VirtualHost ${concatStringsSep " " (map listenToString (getListen vhost))}>


     

       
408

       
 

       
              ${perServerConf false vhost}


     

       
409

       
 

       
          </VirtualHost>


     

       
410

       
 

       
        '';


     
···

       
642

       
 

       
                     message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; }


     

       
643

       
 

       
                 ];


     

       
644

       
 

       



     

       
645

       
+

       
    warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port}";}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts);


     

       
646

       
+

       



     

       
647

       
 

       
    users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton


     

       
648

       
 

       
      { name = "wwwrun";


     

       
649

       
 

       
        group = mainCfg.group;


     
···

       
728

       
 

       
      };


     

       
729

       
 

       



     

       
730

       
 

       
  };


     

       

       

       
     

       
731

       
 

       
}
+23 -2
nixos/modules/services/web-servers/apache-httpd/per-server-options.nix 
···

       
28

       
 

       
    type = types.int;


     

       
29

       
 

       
    default = 0;


     

       
30

       
 

       
    description = ''


     

       
31

       
-

       
      Port for the server.  0 means use the default port: 80 for http


     

       
32

       
-

       
      and 443 for https (i.e. when enableSSL is set).


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
33

       
 

       
    '';


     

       

       

       
     

       

       

       
     

       
34

       
 

       
  };


     

       
35

       
 

       



     

       
36

       
 

       
  enableSSL = mkOption {


     
···

       
28

       
 

       
    type = types.int;


     

       
29

       
 

       
    default = 0;


     

       
30

       
 

       
    description = ''


     

       
31

       
+

       
      Port for the server. Option will be removed, use <option>listen</option> instead.


     

       
32

       
+

       
  '';


     

       
33

       
+

       
  };


     

       
34

       
+

       



     

       
35

       
+

       
  listen = mkOption {


     

       
36

       
+

       
     type = types.listOf (types.submodule (


     

       
37

       
+

       
          {


     

       
38

       
+

       
            options = {


     

       
39

       
+

       
              port = mkOption {


     

       
40

       
+

       
                type = types.int;


     

       
41

       
+

       
                description = "port to listen on";


     

       
42

       
+

       
              };


     

       
43

       
+

       
              ip = mkOption {


     

       
44

       
+

       
                type = types.string;


     

       
45

       
+

       
                default = "*";


     

       
46

       
+

       
                description = "Ip to listen on. 0.0.0.0 for ipv4 only, * for all.";


     

       
47

       
+

       
              };


     

       
48

       
+

       
            };


     

       
49

       
+

       
          } ));


     

       
50

       
+

       
    description = ''


     

       
51

       
+

       
      List of { /* ip: "*"; */ port = 80;} to listen on


     

       
52

       
 

       
    '';


     

       
53

       
+

       



     

       
54

       
+

       
    default = [];


     

       
55

       
 

       
  };


     

       
56

       
 

       



     

       
57

       
 

       
  enableSSL = mkOption {