Commit graph

144 commits

Author SHA1 Message Date
aszlig
8990470951
apache-httpd/zabbix: Allow custom configFile.
If option is left by its default value, behaviour is the same as before, using
the configuration file created by the web interface.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 02:28:23 +02:00
Evgeny Egorochkin
e3bbf38ec9 Merge pull request #178 from bjornfor/lighttpd-cgit-subservice
lighttpd: add cgit sub-service
2013-06-02 14:18:21 -07:00
Bjørn Forsman
3d48da72a9 lighttpd: gitweb: add extraConfig option
So that we can append custom configuration text to the end of the
generated gitweb.conf file.
2013-06-02 19:26:55 +02:00
Bjørn Forsman
b1f82e428a lighttpd: add cgit sub-service
(cgit is "a hyperfast web frontend for git repositories written in C")

cgit is enabled like this (assuming lighttpd is already enabled):

  services.lighttpd.cgit.enable = true;

and configured verbatim like this (contents of the cgitrc file):

  services.lighttpd.cgit.configText = ''
    cache-size=1000
    scan-path=/srv/git
  '';

cgit will be available from this URL: http://yourserver/cgit

In lighttpd, I've ensured that the cache dir for cgit is created if cgit
is enabled.
2013-06-02 18:41:18 +02:00
Eelco Dolstra
07406231e3 zabbix: Don't set the mbstring.func_overload option
This breaks MediaWiki running in the same web server.  Zabbix no
longer seems to need it anyway.
2013-05-17 15:34:26 +02:00
Eelco Dolstra
97689f9062 mediawiki: Update to 1.20.5 2013-05-17 13:38:20 +02:00
roconnor
aa1289dd91 Merge pull request #159 from NixOS/nginx-fullWebDAV
Add options for user and group to run nginx as.
2013-05-12 15:32:59 -07:00
Rob Vermaas
0f930a00f8 Add varnish module 2013-05-12 20:32:25 +02:00
Russell O'Connor
9c62645273 Add braces to fix compilation errors.
I don't understand how Apache gets away without them.
2013-05-06 11:11:04 -04:00
Russell O'Connor
76b7dea805 Make nginx uid and gid optional. 2013-05-06 10:49:23 -04:00
Evgeny Egorochkin
dc389c5d1e lighttpd: add gitweb as a sub-service
Now you can access gitweb at http://yourserver/gitweb by simply adding
this to configuration.nix (assuming services.lighttpd.enable = true);

  services.lighttpd.gitweb.enable = true;

The path to all bare repositories served by gitweb can be set with this
option (default value below):

  services.lighttpd.gitweb.projectroot = "/srv/git";

Based on patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
161086b205 lighttpd: add services.lighttpd.mod_status option
If true, show server status overview at /server-status, statistics at
/server-statistics and list of loaded modules at /server-config.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
4b435b173f lighttpd: add services.lighttpd.mod_userdir option
If true, requests in the form /~user/page.html are rewritten to take
the file public_html/page.html from the home directory of the user.

Default is off.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
5e32c9c8eb lighttpd: generate a default config file
Instead of forcing users to configure lighttpd manually, make it an
option. The current services.lighttpd.configText option can still be
used for manual configuration, but if it is left blank (default) we'll
use the new generated config file.

The generated config file ensures that the server drops root priveleges
and runs as the "lighttpd" user. It pulls in some new config params that
can be set in configuration.nix (here with default values):

  services.lighttpd.document-root = "/srv/www"
  services.lighttpd.port = 80
  services.lighttpd.extraConfig = ""  # appended to the generated file

And it enables access and error logging to the systemd journal.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
39ba755873 Move lighttpd.nix to lighttpd/default.nix
So that we later can add sub-services for lighttpd without polluting the
web-servers/ directory.
2013-05-06 13:51:08 +03:00
Russell O'Connor
7c8c1dade5 Add options for user and group to run nginx as.
Add option to compile in full WebDAV support.
2013-05-05 15:44:06 -04:00
Eelco Dolstra
945849b86f Don't set $TZ
We don't need to set $TZ, because we have /etc/localtime.  In fact,
setting $TZ without $TZDIR doesn't work anymore since Glibc no longer
contains zone info.
2013-04-22 18:56:19 +02:00
orbitz
388d83c586 Set required nginx options and sane default 2013-04-14 11:17:16 +02:00
orbitz
8e7bb847c6 Cleanup whitespaces 2013-04-14 11:14:27 +02:00
Eelco Dolstra
e28b0453bf MediaWiki: Update to 1.20.3 2013-04-11 17:29:34 +02:00
Bjørn Forsman
395bc5d05c lighttpd: restart service if config changes
Using /etc/lighttpd.conf "hides" the config file from NixOS so that it
will not automatically restart the service when its config file changes.
So don't do that.
2013-03-31 18:06:43 +02:00
Bjørn Forsman
61c07244e8 Add lighttpd web server module 2013-03-03 20:16:44 +01:00
Domen Kozar
854a37aa7e add most basic nginx service 2013-03-03 12:12:17 +01:00
Eelco Dolstra
ae4e94d9ac Rename ‘boot.systemd’ to ‘systemd’
Suggested by Mathijs Kwik.  ‘boot.systemd’ is a misnomer because
systemd affects more than just booting.  And it saves some typing.
2013-01-16 12:33:18 +01:00
Eelco Dolstra
b1da38f564 Merge remote-tracking branch 'origin/master' into systemd 2012-11-30 16:12:04 +01:00
Eelco Dolstra
48a0ea0513 Make Apache wait for ‘charon send-keys’
(This is a no-op on non-Charon deployments since the ‘keys.target’
unit won't have any dependencies.)
2012-11-01 23:32:12 +01:00
aszlig
f9831a94c9
apache-httpd: Simplify all versionOlder calls.
We now just have a simple attribute called "version24" which replaces all those
pesky versionOlder that were spreading throughout the file and makes things way
more readable.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 17:47:30 +02:00
aszlig
919e6e55a9
apache-httpd: Create runtime dir for version 2.4.
By default the path is determined related to ServerRoot. Unfortunately
ServerRoot is pointing to the Nix store and the web server can't write to it.

We now create a directory called "runtime" withen the stateDir and point
DefaultRuntimeDir to it.

For more information on the DefaultRuntimeDir directive, please see:

http://httpd.apache.org/docs/2.4/mod/core.html#defaultruntimedir

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 17:38:43 +02:00
aszlig
5655ec0efa
apache-httpd: Avoid NameVirtualHost in >= v2.4.
NameVirtualHost no longer has any effect on version 2.4 and just emits ugly
warnings, so let's not use it if we use 2.4.

More information: http://httpd.apache.org/docs/2.4/upgrading.html#misc

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 17:03:50 +02:00
aszlig
a88453fbaa
apache-httpd: Properly wrap access directives.
The Order/Deny directives are deprecated in version 2.4, so we're going to
define two wrappers for allDenied and allGranted in order to properly generate
configurations for both version 2.2 and 2.4.

For more information an access control changes, see:

http://httpd.apache.org/docs/2.4/upgrading.html#access

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 16:57:18 +02:00
aszlig
3acd98b040
apache-httpd: Add unixd for 2.4, needed by "User".
Beginning with 2.4 mod_unixd is needed to supply Unix usernames and groups for
the web server. For details please have a look at:

http://httpd.apache.org/docs/2.4/upgrading.html#commonproblems

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 15:34:08 +02:00
aszlig
3ad8fac5a2
apache-httpd: Dynamically load MPM module in v2.4.
Now, MPMs can be loaded at runtime and it's no longer required to compile in one
of the MPM modules statically. So, if version is >= 2.4, load the MPM module
corresponding to the multiProcessingModule value of the service module.

For details, please see: http://httpd.apache.org/docs/2.4/mpm.html

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 15:17:48 +02:00
aszlig
18076e001a
apache-httpd: Use authn_core for version >= 2.3.
Beginning with version 2.3, the authn were refactored. As a result, authn_alias
is now part of the new module authn_core, so let's use authn_core instead of
authn_alias.

For details please see: http://httpd.apache.org/docs/2.4/upgrading.html#misc

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 15:11:53 +02:00
Eelco Dolstra
08f14b33c1 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-08-20 11:27:38 -04:00
Eelco Dolstra
c2b2a3369a Fix dependencies of Apache and PostgreSQL 2012-08-14 18:15:37 -04:00
Eelco Dolstra
d5d8acfacd Assign uid/gid 54 to wwwrun 2012-08-03 11:05:25 -04:00
Eelco Dolstra
0a0c28f812 Revert "Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user."
This reverts commit 0ef085d58a.
2012-08-03 10:52:53 -04:00
Peter Simons
0ef085d58a Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user.
The option is disabled by default so that previously existing installations
aren't affected.

If you'd like to migrate to the fixed numeric id for Apache, set "fixUidAndGid
= true", edit the file "/etc/groups" and replace the old GID value with 54.
(NixOS can't do that for you because it refuses to change a GID that identifies
the primary group of a user.) Then run

  find / -xdev -uid $oldUID -exec chown 54 {} +
  find / -xdev -gid $oldGID -exec chgrp 54 {} +

to update ownership of all files that are supposed to be owned by Apache.
2012-08-03 16:39:55 +02:00
Eelco Dolstra
29f721ba54 Only create the Apache user/group if it's "wwwrun" 2012-08-03 09:35:06 -04:00
Eelco Dolstra
d4fec178fd Merge remote-tracking branch 'origin/master' into systemd 2012-08-02 13:44:16 -04:00
Eelco Dolstra
a559a2a606 mediawiki.nix: Use the right PHP build 2012-07-30 17:19:23 +02:00
Peter Simons
e8e19bbb1f modules/services/web-servers/apache-httpd: rename 'apacheHttpd' option to 'package' 2012-07-24 01:01:48 +02:00
Peter Simons
b3627f6c69 modules/services/web-servers/apache-httpd: add apache user to the apache group 2012-07-23 22:00:35 +02:00
Peter Simons
52c97adaba modules/services/web-servers/apache-httpd: make this module more configurable
- The new option 'apacheHttpd' determines the version of the Apache
   HTTP Server that's being used by this module. The default version
   is Apache 2.2.x, as before.

 - The new option 'configFile' allows users specify their own custom
   config file for the web server instead of being limited to the one
   that this module generates.
2012-07-23 21:48:21 +02:00
Marc Weber
7ddea025e4 dont hardcode apache group name when setting permissions for state dir 2012-07-23 03:28:21 +02:00
Eelco Dolstra
44d091674b Merge branch 'master' of github.com:NixOS/nixos into systemd
Conflicts:
	modules/config/networking.nix
	modules/services/networking/ssh/sshd.nix
	modules/services/ttys/agetty.nix
	modules/system/boot/stage-2-init.sh
	modules/system/upstart-events/shutdown.nix
2012-07-16 17:27:11 -04:00
Eelco Dolstra
fbf9ecf78a Apache: make /var/run/httpd readable to wwwrun, as required by mod_cgid 2012-07-09 16:27:39 +02:00
Eelco Dolstra
d0c9a3ce32 Apache: build PHP against the right httpd
If httpd is built with a threaded MPM, then PHP needs to be built with
thread support as well.
2012-07-06 23:28:46 +02:00
Eelco Dolstra
18031e41bb Apache: Add an option to set the MPM
Supported values are "prefork" (default), "worker" and "event"
(experimental in Apache 2.2 but not 2.4).
2012-07-06 14:23:55 -04:00
Eelco Dolstra
a07eb262a0 Apache: don't fork into the background due to Upstart weirdness
If Apache crashes during startup, Upstart for some reason shows the
job in the "start/running" state.  As a workaround, don't fork.
2012-07-06 13:47:42 -04:00