summary refs log blame commit diff
path: root/nixos/modules/services/web-servers/nginx/vhost-options.nix
blob: 5fa3b18c24f03aeafb62c932ca64a79661953374 (plain) (tree) 
f298be9ef44 ^




























4676983990b ^












f298be9ef44 ^


















4676983990b ^

f298be9ef44 ^

















































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

29
30
31
32
33
34
35
36
37
38
39
40

41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

59

60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108




























                                                                                    











                                                                                            

















                                                             
                                  
















































                                                                            
# This file defines the options that can be used both for the Apache
# main server configuration, and for the virtual hosts.  (The latter
# has additional options that affect the web server as a whole, like
# the user/group to run under.)

{ lib }:

with lib;
{
  options = {
    serverAliases = mkOption {
      type = types.listOf types.str;
      default = [];
      example = ["www.example.org" "example.org"];
      description = ''
        Additional names of virtual hosts served by this virtual host configuration.
      '';
    };

    port = mkOption {
      type = types.nullOr types.int;
      default = null;
      description = ''
        Port for the server. 80 for http
        and 443 for https (i.e. when enableSSL is set).
      '';
    };

    enableACME = mkOption {
      type = types.bool;
      default = false;
      description = "Whether to ask Let's Encrypt to sign a certificate for this vhost.";
    };

    acmeRoot = mkOption {
      type = types.str;
      default = "/var/lib/acme/acme-challenge";
      description = "Directory to store certificates and keys managed by the ACME service.";
    };

    enableSSL = mkOption {
      type = types.bool;
      default = false;
      description = "Whether to enable SSL (https) support.";
    };

    forceSSL = mkOption {
      type = types.bool;
      default = false;
      description = "Whether to always redirect to https.";
    };

    sslCertificate = mkOption {
      type = types.path;
      example = "/var/host.cert";
      description = "Path to server SSL certificate.";
    };

    sslCertificateKey = mkOption {
      type = types.path;
      example = "/var/host.key";
      description = "Path to server SSL certificate key.";
    };

    root = mkOption {
      type = types.nullOr types.path;
      default = null;
      example = "/data/webserver/docs";
      description = ''
        The path of the web root directory.
      '';
    };

    extraConfig = mkOption {
      type = types.lines;
      default = "";
      description = ''
        These lines go to the end of the vhost verbatim.
      '';
    };

    globalRedirect = mkOption {
      type = types.nullOr types.str;
      default = null;
      example = http://newserver.example.org/;
      description = ''
        If set, all requests for this host are redirected permanently to
        the given URL.
      '';
    };

    basicAuth = mkOption {
      type = types.attrsOf types.str;
      default = {};
      description = "user = password";
    };

    locations = mkOption {
      type = types.attrsOf (types.submodule (import ./location-options.nix {
        inherit lib;
      }));
      default = {};
      example = {};
      description = ''
      '';
    };
  };
}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-31 13:56:50 +0000