X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fwebsites%2Fvhost-options.nix;fp=modules%2Fwebsites%2Fvhost-options.nix;h=0000000000000000000000000000000000000000;hb=258dd18bac4bf5dd03cf1098ffa35cb954f9e015;hp=263980add8b26da6f4379f8bf895b125a2b5e360;hpb=e7b890d0999fe54a99f84fe92d625d9d488358dc;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/websites/vhost-options.nix b/modules/websites/vhost-options.nix
deleted file mode 100644
index 263980a..0000000
--- a/modules/websites/vhost-options.nix
+++ /dev/null
@@ -1,275 +0,0 @@
-{ config, lib, name, ... }:
-let
- inherit (lib) literalExample mkOption nameValuePair types;
-in
-{
- options = {
-
- hostName = mkOption {
- type = types.str;
- default = name;
- description = "Canonical hostname for the server.";
- };
-
- serverAliases = mkOption {
- type = types.listOf types.str;
- default = [];
- example = ["www.example.org" "www.example.org:8080" "example.org"];
- description = ''
- Additional names of virtual hosts served by this virtual host configuration.
- '';
- };
-
- listen = mkOption {
- type = with types; listOf (submodule ({
- options = {
- port = mkOption {
- type = types.port;
- description = "Port to listen on";
- };
- ip = mkOption {
- type = types.str;
- default = "*";
- description = "IP to listen on. 0.0.0.0 for IPv4 only, * for all.";
- };
- ssl = mkOption {
- type = types.bool;
- default = false;
- description = "Whether to enable SSL (https) support.";
- };
- };
- }));
- default = [];
- example = [
- { ip = "195.154.1.1"; port = 443; ssl = true;}
- { ip = "192.154.1.1"; port = 80; }
- { ip = "*"; port = 8080; }
- ];
- description = ''
- Listen addresses and ports for this virtual host.
-
- This option overrides addSSL, forceSSL and onlySSL.
-
- '';
- };
-
- enableSSL = mkOption {
- type = types.bool;
- visible = false;
- default = false;
- };
-
- addSSL = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to enable HTTPS in addition to plain HTTP. This will set defaults for
- listen to listen on all interfaces on the respective default
- ports (80, 443).
- '';
- };
-
- onlySSL = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to enable HTTPS and reject plain HTTP connections. This will set
- defaults for listen to listen on all interfaces on port 443.
- '';
- };
-
- forceSSL = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to add a separate nginx server block that permanently redirects (301)
- all plain HTTP traffic to HTTPS. This will set defaults for
- listen to listen on all interfaces on the respective default
- ports (80, 443), where the non-SSL listens are used for the redirect vhosts.
- '';
- };
-
- enableACME = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to ask Let's Encrypt to sign a certificate for this vhost.
- Alternately, you can use an existing certificate through .
- '';
- };
-
- useACMEHost = mkOption {
- type = types.nullOr types.str;
- default = null;
- description = ''
- A host of an existing Let's Encrypt certificate to use.
- This is useful if you have many subdomains and want to avoid hitting the
- rate limit.
- Alternately, you can generate a certificate through .
- Note that this option does not create any certificates, nor it does add subdomains to existing ones â you will need to create them manually using .
- '';
- };
-
- acmeRoot = mkOption {
- type = types.str;
- default = "/var/lib/acme/acme-challenges";
- description = "Directory for the acme challenge which is PUBLIC, don't put certs or keys in here";
- };
-
- sslServerCert = mkOption {
- type = types.path;
- example = "/var/host.cert";
- description = "Path to server SSL certificate.";
- };
-
- sslServerKey = mkOption {
- type = types.path;
- example = "/var/host.key";
- description = "Path to server SSL certificate key.";
- };
-
- sslServerChain = mkOption {
- type = types.nullOr types.path;
- default = null;
- example = "/var/ca.pem";
- description = "Path to server SSL chain file.";
- };
-
- http2 = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to enable HTTP 2. HTTP/2 is supported in all multi-processing modules that come with httpd. However, if you use the prefork mpm, there will
- be severe restrictions. Refer to for details.
- '';
- };
-
- adminAddr = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "admin@example.org";
- description = "E-mail address of the server administrator.";
- };
-
- documentRoot = mkOption {
- type = types.nullOr types.path;
- default = null;
- example = "/data/webserver/docs";
- description = ''
- The path of Apache's document root directory. If left undefined,
- an empty directory in the Nix store will be used as root.
- '';
- };
-
- servedDirs = mkOption {
- type = types.listOf types.attrs;
- default = [];
- example = [
- { urlPath = "/nix";
- dir = "/home/eelco/Dev/nix-homepage";
- }
- ];
- description = ''
- This option provides a simple way to serve static directories.
- '';
- };
-
- servedFiles = mkOption {
- type = types.listOf types.attrs;
- default = [];
- example = [
- { urlPath = "/foo/bar.png";
- file = "/home/eelco/some-file.png";
- }
- ];
- description = ''
- This option provides a simple way to serve individual, static files.
-
-
- This option has been deprecated and will be removed in a future
- version of NixOS. You can achieve the same result by making use of
- the locations.<name>.alias option.
-
- '';
- };
-
- extraConfig = mkOption {
- type = types.lines;
- default = "";
- example = ''
-
- Options FollowSymlinks
- AllowOverride All
-
- '';
- description = ''
- These lines go to httpd.conf verbatim. They will go after
- directories and directory aliases defined by default.
- '';
- };
-
- enableUserDir = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to enable serving ~/public_html as
- /~username.
- '';
- };
-
- globalRedirect = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = http://newserver.example.org/;
- description = ''
- If set, all requests for this host are redirected permanently to
- the given URL.
- '';
- };
-
- logFormat = mkOption {
- type = types.str;
- default = "common";
- example = "combined";
- description = ''
- Log format for Apache's log files. Possible values are: combined, common, referer, agent.
- '';
- };
-
- robotsEntries = mkOption {
- type = types.lines;
- default = "";
- example = "Disallow: /foo/";
- description = ''
- Specification of pages to be ignored by web crawlers. See for details.
- '';
- };
-
- locations = mkOption {
- type = with types; attrsOf (submodule (import ./location-options.nix));
- default = {};
- example = literalExample ''
- {
- "/" = {
- proxyPass = "http://localhost:3000";
- };
- "/foo/bar.png" = {
- alias = "/home/eelco/some-file.png";
- };
- };
- '';
- description = ''
- Declarative location config. See for details.
- '';
- };
-
- };
-
- config = {
-
- locations = builtins.listToAttrs (map (elem: nameValuePair elem.urlPath { alias = elem.file; }) config.servedFiles);
-
- };
-}