commit 5ca89402eec1a634b2e94cdf407b92095cdacfa2 · pyrox.dev/nixpkgs

+1 -1

nixos/modules/module-list.nix

···

       1031
        
         ./services/web-servers/shellinabox.nix

     

       1032
        
         ./services/web-servers/tomcat.nix

     

       1033
        
         ./services/web-servers/traefik.nix

     

       1034
       -
         ./services/web-servers/trafficserver.nix

     

       1035
        
         ./services/web-servers/ttyd.nix

     

       1036
        
         ./services/web-servers/uwsgi.nix

     

       1037
        
         ./services/web-servers/varnish/default.nix

···

       1031
        
         ./services/web-servers/shellinabox.nix

     

       1032
        
         ./services/web-servers/tomcat.nix

     

       1033
        
         ./services/web-servers/traefik.nix

     

       1034
       +
         ./services/web-servers/trafficserver/default.nix

     

       1035
        
         ./services/web-servers/ttyd.nix

     

       1036
        
         ./services/web-servers/uwsgi.nix

     

       1037
        
         ./services/web-servers/varnish/default.nix

+2 -14

nixos/modules/services/web-servers/trafficserver.nix nixos/modules/services/web-servers/trafficserver/default.nix

···

       8
        
         group = config.users.groups.trafficserver.name;

     

       9
        
       

     

       10
        
         getManualUrl = name: "https://docs.trafficserver.apache.org/en/latest/admin-guide/files/${name}.en.html";

     

       11
       -
         getConfPath = name: "${pkgs.trafficserver}/etc/trafficserver/${name}";

     

       12
        
       

     

       13
        
         yaml = pkgs.formats.yaml { };

     

       14
       -
       

     

       15
       -
         fromYAML = f:

     

       16
       -
           let

     

       17
       -
             jsonFile = pkgs.runCommand "in.json"

     

       18
       -
               {

     

       19
       -
                 nativeBuildInputs = [ pkgs.remarshal ];

     

       20
       -
               } ''

     

       21
       -
               yaml2json < "${f}" > "$out"

     

       22
       -
             '';

     

       23
       -
           in

     

       24
       -
           builtins.fromJSON (builtins.readFile jsonFile);

     

       25
        
       

     

       26
        
         mkYamlConf = name: cfg:

     

       27
        
           if cfg != null then {

     
···

       73
        
       

     

       74
        
           ipAllow = mkOption {

     

       75
        
             type = types.nullOr yaml.type;

     

       76
       -
             default = fromYAML (getConfPath "ip_allow.yaml");

     

       77
        
             defaultText = "upstream defaults";

     

       78
        
             example = literalExample {

     

       79
        
               ip_allow = [{

     
···

       94
        
       

     

       95
        
           logging = mkOption {

     

       96
        
             type = types.nullOr yaml.type;

     

       97
       -
             default = fromYAML (getConfPath "logging.yaml");

     

       98
        
             defaultText = "upstream defaults";

     

       99
        
             example = literalExample { };

     

       100
        
             description = ''

···

       8
        
         group = config.users.groups.trafficserver.name;

     

       9
        
       

     

       10
        
         getManualUrl = name: "https://docs.trafficserver.apache.org/en/latest/admin-guide/files/${name}.en.html";

     

       0
        
       
     

       11
        
       

     

       12
        
         yaml = pkgs.formats.yaml { };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       13
        
       

     

       14
        
         mkYamlConf = name: cfg:

     

       15
        
           if cfg != null then {

     
···

       61
        
       

     

       62
        
           ipAllow = mkOption {

     

       63
        
             type = types.nullOr yaml.type;

     

       64
       +
             default = builtins.fromJSON (builtins.readFile ./ip_allow.json);

     

       65
        
             defaultText = "upstream defaults";

     

       66
        
             example = literalExample {

     

       67
        
               ip_allow = [{

     
···

       82
        
       

     

       83
        
           logging = mkOption {

     

       84
        
             type = types.nullOr yaml.type;

     

       85
       +
             default = builtins.fromJSON (builtins.readFile ./logging.json);

     

       86
        
             defaultText = "upstream defaults";

     

       87
        
             example = literalExample { };

     

       88
        
             description = ''

+36

nixos/modules/services/web-servers/trafficserver/ip_allow.json

···

       1
       +
       {

     

       2
       +
         "ip_allow": [

     

       3
       +
           {

     

       4
       +
             "apply": "in",

     

       5
       +
             "ip_addrs": "127.0.0.1",

     

       6
       +
             "action": "allow",

     

       7
       +
             "methods": "ALL"

     

       8
       +
           },

     

       9
       +
           {

     

       10
       +
             "apply": "in",

     

       11
       +
             "ip_addrs": "::1",

     

       12
       +
             "action": "allow",

     

       13
       +
             "methods": "ALL"

     

       14
       +
           },

     

       15
       +
           {

     

       16
       +
             "apply": "in",

     

       17
       +
             "ip_addrs": "0/0",

     

       18
       +
             "action": "deny",

     

       19
       +
             "methods": [

     

       20
       +
               "PURGE",

     

       21
       +
               "PUSH",

     

       22
       +
               "DELETE"

     

       23
       +
             ]

     

       24
       +
           },

     

       25
       +
           {

     

       26
       +
             "apply": "in",

     

       27
       +
             "ip_addrs": "::/0",

     

       28
       +
             "action": "deny",

     

       29
       +
             "methods": [

     

       30
       +
               "PURGE",

     

       31
       +
               "PUSH",

     

       32
       +
               "DELETE"

     

       33
       +
             ]

     

       34
       +
           }

     

       35
       +
         ]

     

       36
       +
       }

+37

nixos/modules/services/web-servers/trafficserver/logging.json

···

       1
       +
       {

     

       2
       +
         "logging": {

     

       3
       +
           "formats": [

     

       4
       +
             {

     

       5
       +
               "name": "welf",

     

       6
       +
               "format": "id=firewall time=\"%<cqtd> %<cqtt>\" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg=\"%<cqup>\" result=%<pssc> ref=\"%<{Referer}cqh>\" agent=\"%<{user-agent}cqh>\" cache=%<crc>"

     

       7
       +
             },

     

       8
       +
             {

     

       9
       +
               "name": "squid_seconds_only_timestamp",

     

       10
       +
               "format": "%<cqts> %<ttms> %<chi> %<crc>/%<pssc> %<psql> %<cqhm> %<cquc> %<caun> %<phr>/%<shn> %<psct>"

     

       11
       +
             },

     

       12
       +
             {

     

       13
       +
               "name": "squid",

     

       14
       +
               "format": "%<cqtq> %<ttms> %<chi> %<crc>/%<pssc> %<psql> %<cqhm> %<cquc> %<caun> %<phr>/%<shn> %<psct>"

     

       15
       +
             },

     

       16
       +
             {

     

       17
       +
               "name": "common",

     

       18
       +
               "format": "%<chi> - %<caun> [%<cqtn>] \"%<cqtx>\" %<pssc> %<pscl>"

     

       19
       +
             },

     

       20
       +
             {

     

       21
       +
               "name": "extended",

     

       22
       +
               "format": "%<chi> - %<caun> [%<cqtn>] \"%<cqtx>\" %<pssc> %<pscl> %<sssc> %<sscl> %<cqcl> %<pqcl> %<cqhl> %<pshl> %<pqhl> %<sshl> %<tts>"

     

       23
       +
             },

     

       24
       +
             {

     

       25
       +
               "name": "extended2",

     

       26
       +
               "format": "%<chi> - %<caun> [%<cqtn>] \"%<cqtx>\" %<pssc> %<pscl> %<sssc> %<sscl> %<cqcl> %<pqcl> %<cqhl> %<pshl> %<pqhl> %<sshl> %<tts> %<phr> %<cfsc> %<pfsc> %<crc>"

     

       27
       +
             }

     

       28
       +
           ],

     

       29
       +
           "logs": [

     

       30
       +
             {

     

       31
       +
               "filename": "squid",

     

       32
       +
               "format": "squid",

     

       33
       +
               "mode": "binary"

     

       34
       +
             }

     

       35
       +
           ]

     

       36
       +
         }

     

       37
       +
       }