diff options
author | Aaron Andersen <aaron@fosslib.net> | 2021-05-11 19:51:23 -0400 |
---|---|---|
committer | Aaron Andersen <aaron@fosslib.net> | 2021-05-11 22:36:55 -0400 |
commit | f20aa073e16dc07cfd4ce9a7e0d39445282c575d (patch) | |
tree | a51d677508db1bdd59954f03574f656096ee6358 /nixos/modules/services/web-servers | |
parent | 774550baf5d036e686b6a31cc6b3a5efdece0aca (diff) | |
download | nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar.gz nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar.bz2 nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar.lz nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar.xz nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.tar.zst nixpkgs-f20aa073e16dc07cfd4ce9a7e0d39445282c575d.zip |
nixos/httpd: provide a stable path stable path to the configuration file for reloads
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/default.nix | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index b2bb5055cd4..a7b93c9c459 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -15,11 +15,9 @@ let apachectl = pkgs.runCommand "apachectl" { meta.priority = -1; } '' mkdir -p $out/bin cp ${pkg}/bin/apachectl $out/bin/apachectl - sed -i $out/bin/apachectl -e 's|$HTTPD -t|$HTTPD -t -f ${httpdConf}|' + sed -i $out/bin/apachectl -e 's|$HTTPD -t|$HTTPD -t -f /etc/httpd/httpd.conf|' ''; - httpdConf = cfg.configFile; - php = cfg.phpPackage.override { apacheHttpd = pkg; }; phpModuleName = let @@ -682,6 +680,8 @@ in }) (filter (hostOpts: hostOpts.useACMEHost == null) acmeEnabledVhosts); in listToAttrs acmePairs; + # httpd requires a stable path to the configuration file for reloads + environment.etc."httpd/httpd.conf".source = cfg.configFile; environment.systemPackages = [ apachectl pkg @@ -753,6 +753,7 @@ in wants = concatLists (map (certName: [ "acme-finished-${certName}.target" ]) dependentCertNames); after = [ "network.target" ] ++ map (certName: "acme-selfsigned-${certName}.service") dependentCertNames; before = map (certName: "acme-${certName}.service") dependentCertNames; + restartTriggers = [ cfg.configFile ]; path = [ pkg pkgs.coreutils pkgs.gnugrep ]; @@ -771,9 +772,9 @@ in ''; serviceConfig = { - ExecStart = "@${pkg}/bin/httpd httpd -f ${httpdConf}"; - ExecStop = "${pkg}/bin/httpd -f ${httpdConf} -k graceful-stop"; - ExecReload = "${pkg}/bin/httpd -f ${httpdConf} -k graceful"; + ExecStart = "@${pkg}/bin/httpd httpd -f /etc/httpd/httpd.conf"; + ExecStop = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -k graceful-stop"; + ExecReload = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -k graceful"; User = cfg.user; Group = cfg.group; Type = "forking"; @@ -800,6 +801,7 @@ in # certs are updated _after_ config has been reloaded. before = sslTargets; after = sslServices; + restartTriggers = [ cfg.configFile ]; # Block reloading if not all certs exist yet. # Happens when config changes add new vhosts/certs. unitConfig.ConditionPathExists = map (certName: certs.${certName}.directory + "/fullchain.pem") dependentCertNames; @@ -807,7 +809,7 @@ in Type = "oneshot"; TimeoutSec = 60; ExecCondition = "/run/current-system/systemd/bin/systemctl -q is-active httpd.service"; - ExecStartPre = "${pkg}/bin/httpd -f ${httpdConf} -t"; + ExecStartPre = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -t"; ExecStart = "/run/current-system/systemd/bin/systemctl reload httpd.service"; }; }; |