pyrox.dev / nixpkgs
lol
fork atom

nixos/varnish: made compatible with varnish 5.2.1, add modules

* nixos/varnish: command line compatible with varnish 5.2.1, fixes
https://github.com/NixOS/nixpkgs/issues/27409
* nixos/varnish: add support for modules (services.varnish.extraModules)
* varnish-modules: init at 0.10.2
* varnish-geoip: init at 1.0.2
* varnish-rtstatus: init at 1.2.0
* varnish-digest: init at 1.0.1
* added services.varnish.extraCommandLine option

Volth c6128d2f 588e3da3

options
unified split
Changed files
+143 -8
nixos
modules
services
web-servers
varnish
default.nix
pkgs
servers
varnish
digest.nix
geoip.nix
modules.nix
rtstatus.nix
top-level
all-packages.nix
+36 -8
nixos/modules/services/web-servers/varnish/default.nix 
···

       
7

       
7

       
 

       
{


     

       
8

       
8

       
 

       
  options = {


     

       
9

       
9

       
 

       
    services.varnish = {


     

       
10

       

       
-

       
      enable = mkOption {


     

       
11

       

       
-

       
        default = false;


     

       
12

       

       
-

       
        description = "


     

       
13

       

       
-

       
          Enable the Varnish Server.


     

       
14

       

       
-

       
        ";


     

       
15

       

       
-

       
      };


     

       

       
10

       
+

       
      enable = mkEnableOption "Varnish Server";


     

       
16

       
11

       
 

       



     

       
17

       
12

       
 

       
      http_address = mkOption {


     

       

       
13

       
+

       
        type = types.str;


     

       
18

       
14

       
 

       
        default = "*:6081";


     

       
19

       
15

       
 

       
        description = "


     

       
20

       
16

       
 

       
          HTTP listen address and port.


     
···

       
22

       
18

       
 

       
      };


     

       
23

       
19

       
 

       



     

       
24

       
20

       
 

       
      config = mkOption {


     

       

       
21

       
+

       
        type = types.lines;


     

       
25

       
22

       
 

       
        description = "


     

       
26

       
23

       
 

       
          Verbatim default.vcl configuration.


     

       
27

       
24

       
 

       
        ";


     

       
28

       
25

       
 

       
      };


     

       
29

       
26

       
 

       



     

       
30

       
27

       
 

       
      stateDir = mkOption {


     

       

       
28

       
+

       
        type = types.path;


     

       
31

       
29

       
 

       
        default = "/var/spool/varnish/${config.networking.hostName}";


     

       
32

       
30

       
 

       
        description = "


     

       
33

       
31

       
 

       
          Directory holding all state for Varnish to run.


     

       
34

       
32

       
 

       
        ";


     

       
35

       
33

       
 

       
      };


     

       

       
34

       
+

       



     

       

       
35

       
+

       
      extraModules = mkOption {


     

       

       
36

       
+

       
        type = types.listOf types.package;


     

       

       
37

       
+

       
        default = [];


     

       

       
38

       
+

       
        example = literalExample "[ pkgs.varnish-geoip ]";


     

       

       
39

       
+

       
        description = "


     

       

       
40

       
+

       
          Varnish modules (except 'std').


     

       

       
41

       
+

       
        ";


     

       

       
42

       
+

       
      };


     

       

       
43

       
+

       



     

       

       
44

       
+

       
      extraCommandLine = mkOption {


     

       

       
45

       
+

       
        type = types.str;


     

       

       
46

       
+

       
        default = "";


     

       

       
47

       
+

       
        example = "-s malloc,256M";


     

       

       
48

       
+

       
        description = "


     

       

       
49

       
+

       
          Command line switches for varnishd (run 'varnishd -?' to get list of options)


     

       

       
50

       
+

       
        ";


     

       

       
51

       
+

       
      };


     

       
36

       
52

       
 

       
    };


     

       
37

       
53

       
 

       



     

       
38

       
54

       
 

       
  };


     
···

       
42

       
58

       
 

       
    systemd.services.varnish = {


     

       
43

       
59

       
 

       
      description = "Varnish";


     

       
44

       
60

       
 

       
      wantedBy = [ "multi-user.target" ];


     

       

       
61

       
+

       
      after = [ "network.target" ];


     

       
45

       
62

       
 

       
      preStart = ''


     

       
46

       
63

       
 

       
        mkdir -p ${cfg.stateDir}


     

       
47

       
64

       
 

       
        chown -R varnish:varnish ${cfg.stateDir}


     
···

       
49

       
66

       
 

       
      postStop = ''


     

       
50

       
67

       
 

       
        rm -rf ${cfg.stateDir}


     

       
51

       
68

       
 

       
      '';


     

       
52

       

       
-

       
      serviceConfig.ExecStart = "${pkgs.varnish}/sbin/varnishd -a ${cfg.http_address} -f ${pkgs.writeText "default.vcl" cfg.config} -n ${cfg.stateDir} -u varnish";


     

       
53

       

       
-

       
      serviceConfig.Type = "forking";


     

       

       
69

       
+

       
      serviceConfig = {


     

       

       
70

       
+

       
        Type = "simple";


     

       

       
71

       
+

       
        PermissionsStartOnly = true;


     

       

       
72

       
+

       
        ExecStart = "${pkgs.varnish}/sbin/varnishd -a ${cfg.http_address} -f ${pkgs.writeText "default.vcl" cfg.config} -n ${cfg.stateDir} -F ${cfg.extraCommandLine}"


     

       

       
73

       
+

       
          + optionalString (cfg.extraModules != []) " -p vmod_path='${makeSearchPathOutput "lib" "lib/varnish/vmods" ([pkgs.varnish] ++ cfg.extraModules)}' -r vmod_path";


     

       

       
74

       
+

       
        Restart = "always";


     

       

       
75

       
+

       
        RestartSec = "5s";


     

       

       
76

       
+

       
        User = "varnish";


     

       

       
77

       
+

       
        Group = "varnish";


     

       

       
78

       
+

       
        AmbientCapabilities = "cap_net_bind_service";


     

       

       
79

       
+

       
        NoNewPrivileges = true;


     

       

       
80

       
+

       
        LimitNOFILE = 131072;


     

       

       
81

       
+

       
      };


     

       
54

       
82

       
 

       
    };


     

       
55

       
83

       
 

       



     

       
56

       
84

       
 

       
    environment.systemPackages = [ pkgs.varnish ];
+31
pkgs/servers/varnish/digest.nix 
···

       

       
1

       
+

       
{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, varnish, libmhash, docutils }:


     

       

       
2

       
+

       



     

       

       
3

       
+

       
stdenv.mkDerivation rec {


     

       

       
4

       
+

       
  version = "1.0.1";


     

       

       
5

       
+

       
  name = "varnish-digest-${version}";


     

       

       
6

       
+

       



     

       

       
7

       
+

       
  src = fetchFromGitHub {


     

       

       
8

       
+

       
    owner = "varnish";


     

       

       
9

       
+

       
    repo = "libvmod-digest";


     

       

       
10

       
+

       
    rev = "libvmod-digest-${version}";


     

       

       
11

       
+

       
    sha256 = "0v18bqbsblhajpx5qvczic3psijhx5l2p2qlw1dkd6zl33hhppy7";


     

       

       
12

       
+

       
  };


     

       

       
13

       
+

       



     

       

       
14

       
+

       
  nativeBuildInputs = [ autoreconfHook pkgconfig docutils ];


     

       

       
15

       
+

       
  buildInputs = [ varnish libmhash ];


     

       

       
16

       
+

       



     

       

       
17

       
+

       
  postPatch = ''


     

       

       
18

       
+

       
    substituteInPlace autogen.sh  --replace "-I \''${dataroot}/aclocal"                  ""


     

       

       
19

       
+

       
    substituteInPlace Makefile.am --replace "-I \''${LIBVARNISHAPI_DATAROOTDIR}/aclocal" ""


     

       

       
20

       
+

       
  '';


     

       

       
21

       
+

       



     

       

       
22

       
+

       
  configureFlags = [ "VMOD_DIR=$(out)/lib/varnish/vmods" ];


     

       

       
23

       
+

       



     

       

       
24

       
+

       
  doCheck = true;


     

       

       
25

       
+

       



     

       

       
26

       
+

       
  meta = with stdenv.lib; {


     

       

       
27

       
+

       
    description = "Digest and HMAC vmod";


     

       

       
28

       
+

       
    homepage = https://github.com/varnish/libvmod-digest;


     

       

       
29

       
+

       
    inherit (varnish.meta) license platforms maintainers;


     

       

       
30

       
+

       
  };


     

       

       
31

       
+

       
}
+31
pkgs/servers/varnish/geoip.nix 
···

       

       
1

       
+

       
{ stdenv, fetchpatch, fetchFromGitHub, autoreconfHook, pkgconfig, varnish, geoip, docutils }:


     

       

       
2

       
+

       



     

       

       
3

       
+

       
stdenv.mkDerivation rec {


     

       

       
4

       
+

       
  version = "1.0.2";


     

       

       
5

       
+

       
  name = "varnish-geoip-${version}";


     

       

       
6

       
+

       



     

       

       
7

       
+

       
  src = fetchFromGitHub {


     

       

       
8

       
+

       
    owner = "varnish";


     

       

       
9

       
+

       
    repo = "libvmod-geoip";


     

       

       
10

       
+

       
    rev = "libvmod-geoip-${version}";


     

       

       
11

       
+

       
    sha256 = "1gmadayqh3dais14c4skvd47w8h4kyifg7kcw034i0777z5hfpyn";


     

       

       
12

       
+

       
  };


     

       

       
13

       
+

       



     

       

       
14

       
+

       
  patches = [


     

       

       
15

       
+

       
    # IPv6 support


     

       

       
16

       
+

       
    (fetchpatch {


     

       

       
17

       
+

       
      url = https://github.com/volth/libvmod-geoip-1/commit/0966fe8.patch;


     

       

       
18

       
+

       
      sha256 = "053im8h2y8qzs37g95ksr00sf625p23r5ps1j0a2h4lfg70vf4ry";


     

       

       
19

       
+

       
    })


     

       

       
20

       
+

       
  ];


     

       

       
21

       
+

       



     

       

       
22

       
+

       
  nativeBuildInputs = [ autoreconfHook pkgconfig docutils ];


     

       

       
23

       
+

       
  buildInputs = [ varnish geoip ];


     

       

       
24

       
+

       
  configureFlags = [ "VMOD_DIR=$(out)/lib/varnish/vmods" ];


     

       

       
25

       
+

       



     

       

       
26

       
+

       
  meta = with stdenv.lib; {


     

       

       
27

       
+

       
    description = "GeoIP Varnish module by Varnish Software";


     

       

       
28

       
+

       
    homepage = https://github.com/varnish/libvmod-geoip;


     

       

       
29

       
+

       
    inherit (varnish.meta) license platforms maintainers;


     

       

       
30

       
+

       
  };


     

       

       
31

       
+

       
}
+20
pkgs/servers/varnish/modules.nix 
···

       

       
1

       
+

       
{ stdenv, fetchurl, pkgconfig, varnish, python, docutils }:


     

       

       
2

       
+

       



     

       

       
3

       
+

       
stdenv.mkDerivation rec {


     

       

       
4

       
+

       
  version = "0.10.2";


     

       

       
5

       
+

       
  name = "varnish-modules-${version}";


     

       

       
6

       
+

       



     

       

       
7

       
+

       
  src = fetchurl {


     

       

       
8

       
+

       
    url = "https://download.varnish-software.com/varnish-modules/varnish-modules-${version}.tar.gz";


     

       

       
9

       
+

       
    sha256 = "0inw76pm8kcidh0lq7gm3c3bh8v6yps0z7j6ar617b8wf730w1im";


     

       

       
10

       
+

       
  };


     

       

       
11

       
+

       



     

       

       
12

       
+

       
  nativeBuildInputs = [ pkgconfig docutils ];


     

       

       
13

       
+

       
  buildInputs = [ varnish python ];


     

       

       
14

       
+

       



     

       

       
15

       
+

       
  meta = with stdenv.lib; {


     

       

       
16

       
+

       
    description = "Collection of Varnish Cache modules (vmods) by Varnish Software";


     

       

       
17

       
+

       
    homepage = https://github.com/varnish/varnish-modules;


     

       

       
18

       
+

       
    inherit (varnish.meta) license platforms maintainers;


     

       

       
19

       
+

       
  };


     

       

       
20

       
+

       
}
+21
pkgs/servers/varnish/rtstatus.nix 
···

       

       
1

       
+

       
{ stdenv, fetchurl, pkgconfig, varnish, python, docutils }:


     

       

       
2

       
+

       



     

       

       
3

       
+

       
stdenv.mkDerivation rec {


     

       

       
4

       
+

       
  version = "1.2.0";


     

       

       
5

       
+

       
  name = "varnish-rtstatus-${version}";


     

       

       
6

       
+

       



     

       

       
7

       
+

       
  src = fetchurl {


     

       

       
8

       
+

       
    url = "https://download.varnish-software.com/libvmod-rtstatus/libvmod-rtstatus-${version}.tar.gz";


     

       

       
9

       
+

       
    sha256 = "0hll1aspgpv1daw5sdbn5w1d6birchxgapzb6zi1nhahjlimy4ly";


     

       

       
10

       
+

       
  };


     

       

       
11

       
+

       



     

       

       
12

       
+

       
  nativeBuildInputs = [ pkgconfig docutils ];


     

       

       
13

       
+

       
  buildInputs = [ varnish python ];


     

       

       
14

       
+

       
  configureFlags = [ "VMOD_DIR=$(out)/lib/varnish/vmods" ];


     

       

       
15

       
+

       



     

       

       
16

       
+

       
  meta = with stdenv.lib; {


     

       

       
17

       
+

       
    description = "Varnish realtime status page";


     

       

       
18

       
+

       
    homepage = https://github.com/varnish/libvmod-rtstatus;


     

       

       
19

       
+

       
    inherit (varnish.meta) license platforms maintainers;


     

       

       
20

       
+

       
  };


     

       

       
21

       
+

       
}
+4
pkgs/top-level/all-packages.nix 
···

       
4839

       
4839

       
 

       
  };


     

       
4840

       
4840

       
 

       



     

       
4841

       
4841

       
 

       
  varnish = callPackage ../servers/varnish { };


     

       

       
4842

       
+

       
  varnish-modules = callPackage ../servers/varnish/modules.nix { };


     

       

       
4843

       
+

       
  varnish-digest = callPackage ../servers/varnish/digest.nix { };


     

       

       
4844

       
+

       
  varnish-geoip = callPackage ../servers/varnish/geoip.nix { };


     

       

       
4845

       
+

       
  varnish-rtstatus = callPackage ../servers/varnish/rtstatus.nix { };


     

       
4842

       
4846

       
 

       



     

       
4843

       
4847

       
 

       
  venus = callPackage ../tools/misc/venus {


     

       
4844

       
4848

       
 

       
    python = python27;