From 81cd6b06f96c4343ad0932f117acd89237cea477 Mon Sep 17 00:00:00 2001 From: Curtis Jiang Date: Sat, 29 Oct 2022 16:48:36 -0400 Subject: [PATCH] nixos/nginx: add default listen port options --- .../services/web-servers/nginx/default.nix | 26 ++++++++++++++++--- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 9cbac370612f..850df015b4b3 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -198,8 +198,8 @@ let ${optionalString cfg.statusPage '' server { - listen 80; - ${optionalString enableIPv6 "listen [::]:80;" } + listen ${cfg.defaultHTTPListenPort}; + ${optionalString enableIPv6 "listen [::]:${cfg.defaultHTTPListenPort};" } server_name localhost; @@ -246,8 +246,8 @@ let if vhost.listen != [] then vhost.listen else let addrs = if vhost.listenAddresses != [] then vhost.listenAddresses else cfg.defaultListenAddresses; - in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = 443; ssl = true; }) addrs) - ++ optionals (!onlySSL) (map (addr: { inherit addr; port = 80; ssl = false; }) addrs); + in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = cfg.defaultSSLListenPort; ssl = true; }) addrs) + ++ optionals (!onlySSL) (map (addr: { inherit addr; port = cfg.defaultHTTPListenPort; ssl = false; }) addrs); hostListen = if vhost.forceSSL @@ -449,6 +449,24 @@ in ''; }; + defaultHTTPListenPort = mkOption { + type = types.port; + default = 80; + example = 8080; + description = lib.mdDoc '' + If vhosts do not specify listen.port, use these ports for HTTP by default. + ''; + }; + + defaultSSLListenPort = mkOption { + type = types.port; + default = 443; + example = 8443; + description = lib.mdDoc '' + If vhosts do not specify listen.port, use these ports for SSL by default. + ''; + }; + package = mkOption { default = pkgs.nginxStable; defaultText = literalExpression "pkgs.nginxStable";