httpd = mainCfg.package.out;
- version24 = !versionOlder httpd.version "2.4";
-
httpdConf = mainCfg.configFile;
php = mainCfg.phpPackage.override { apacheHttpd = httpd.dev; /* otherwise it only gets .out */ };
else [{ip = "*"; port = 80;}];
getListen = cfg:
- let list = (lib.optional (cfg.port != 0) {ip = "*"; port = cfg.port;}) ++ cfg.listen;
- in if list == []
- then defaultListen cfg
- else list;
+ if cfg.listen == []
+ then defaultListen cfg
+ else cfg.listen;
listenToString = l: "${l.ip}:${toString l.port}";
"auth_basic" "auth_digest"
# Authentication: is the user who he claims to be?
- "authn_file" "authn_dbm" "authn_anon"
- (if version24 then "authn_core" else "authn_alias")
+ "authn_file" "authn_dbm" "authn_anon" "authn_core"
# Authorization: is the user allowed access?
- "authz_user" "authz_groupfile" "authz_host"
+ "authz_user" "authz_groupfile" "authz_host" "authz_core"
# Other modules.
"ext_filter" "include" "log_config" "env" "mime_magic"
"mime" "dav" "status" "autoindex" "asis" "info" "dav_fs"
"vhost_alias" "negotiation" "dir" "imagemap" "actions" "speling"
"userdir" "alias" "rewrite" "proxy" "proxy_http"
- ]
- ++ optionals version24 [
+ "unixd" "cache" "cache_disk" "slotmem_shm" "socache_shmcb"
"mpm_${mainCfg.multiProcessingModule}"
- "authz_core"
- "unixd"
- "cache" "cache_disk"
- "slotmem_shm"
- "socache_shmcb"
+
# For compatibility with old configurations, the new module mod_access_compat is provided.
"access_compat"
]
++ extraApacheModules;
- allDenied = if version24 then ''
- Require all denied
- '' else ''
- Order deny,allow
- Deny from all
- '';
-
- allGranted = if version24 then ''
- Require all granted
- '' else ''
- Order allow,deny
- Allow from all
- '';
+ allDenied = "Require all denied";
+ allGranted = "Require all granted";
loggingConf = (if mainCfg.logFormat != "none" then ''
sslConf = ''
- SSLSessionCache ${if version24 then "shmcb" else "shm"}:${mainCfg.stateDir}/ssl_scache(512000)
+ SSLSessionCache shmcb:${mainCfg.stateDir}/ssl_scache(512000)
- ${if version24 then "Mutex" else "SSLMutex"} posixsem
+ Mutex posixsem
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
ServerRoot ${httpd}
- ${optionalString version24 ''
- DefaultRuntimeDir ${mainCfg.stateDir}/runtime
- ''}
+ DefaultRuntimeDir ${mainCfg.stateDir}/runtime
PidFile ${mainCfg.stateDir}/httpd.pid
++ optional enablePerl { name = "perl"; path = "${mod_perl}/modules/mod_perl.so"; }
++ concatMap (svc: svc.extraModules) allSubservices
++ extraForeignModules;
- in concatMapStrings load allModules
+ in concatMapStrings load (unique allModules)
}
AddHandler type-map var
# Generate directives for the main server.
${perServerConf true mainCfg}
- # Always enable virtual hosts; it doesn't seem to hurt.
- ${let
- listen = concatMap getListen allHosts;
- uniqueListen = uniqList {inputList = listen;};
- directives = concatMapStrings (listen: "NameVirtualHost ${listenToString listen}\n") uniqueListen;
- in optionalString (!version24) directives
- }
-
${let
makeVirtualHost = vhost: ''
<VirtualHost ${concatStringsSep " " (map listenToString (getListen vhost))}>
message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; }
];
- warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port};}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts);
+ warnings = map (cfg: "apache-httpd's extraSubservices option is deprecated. Most existing subservices have been ported to the NixOS module system. Please update your configuration accordingly.") (lib.filter (cfg: cfg.extraSubservices != []) allHosts);
users.users = optionalAttrs (withUsers && mainCfg.user == "wwwrun") (singleton
{ name = "wwwrun";
; Don't advertise PHP
expose_php = off
- '' + optionalString (!isNull config.time.timeZone) ''
+ '' + optionalString (config.time.timeZone != null) ''
; Apparently PHP doesn't use $TZ.
date.timezone = "${config.time.timeZone}"
''
mkdir -m 0750 -p ${mainCfg.stateDir}
[ $(id -u) != 0 ] || chown root.${mainCfg.group} ${mainCfg.stateDir}
- ${optionalString version24 ''
- mkdir -m 0750 -p "${mainCfg.stateDir}/runtime"
- [ $(id -u) != 0 ] || chown root.${mainCfg.group} "${mainCfg.stateDir}/runtime"
- ''}
+
+ mkdir -m 0750 -p "${mainCfg.stateDir}/runtime"
+ [ $(id -u) != 0 ] || chown root.${mainCfg.group} "${mainCfg.stateDir}/runtime"
+
mkdir -m 0700 -p ${mainCfg.logDir}
# Get rid of old semaphores. These tend to accumulate across