diff options
Diffstat (limited to 'modules/services/web-servers')
9 files changed, 120 insertions, 120 deletions
diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index c6cbac5e611..a7e0472cd3f 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -5,7 +5,7 @@ with pkgs.lib; let mainCfg = config.services.httpd; - + startingDependency = if config.services.gw6c.enable then "gw6c" else "network-interfaces"; httpd = pkgs.apacheHttpd; @@ -16,7 +16,7 @@ let extraForeignModules = filter builtins.isAttrs extraModules; extraApacheModules = filter (x: !(builtins.isAttrs x)) extraModules; # I'd prefer using builtins.isString here, but doesn't exist yet - + makeServerInfo = cfg: { # Canonical name must not include a trailing slash. canonicalName = @@ -40,7 +40,7 @@ let }; vhosts = let - makeVirtualHost = cfgIn: + makeVirtualHost = cfgIn: let # Fill in defaults for missing options. cfg = addDefaultOptionValues vhostOptions cfgIn; @@ -49,11 +49,11 @@ let allHosts = [mainCfg] ++ vhosts; - + callSubservices = serverInfo: defs: let f = svc: - let + let svcFunction = if svc ? function then svc.function else import "${./.}/${if svc ? serviceType then svc.serviceType else svc.serviceName}.nix"; @@ -77,7 +77,7 @@ let in map f defs; - # !!! callSubservices is expensive + # !!! callSubservices is expensive subservicesFor = cfg: callSubservices (makeServerInfo cfg) cfg.extraSubservices; mainSubservices = subservicesFor mainCfg; @@ -91,10 +91,10 @@ let enableSSL = any (vhost: vhost.enableSSL) allHosts; - + # Names of modules from ${httpd}/modules that we want to load. - apacheModules = + apacheModules = [ # HTTP authentication mechanisms: basic and digest. "auth_basic" "auth_digest" @@ -110,10 +110,10 @@ let "mime" "dav" "status" "autoindex" "asis" "info" "cgi" "dav_fs" "vhost_alias" "negotiation" "dir" "imagemap" "actions" "speling" "userdir" "alias" "rewrite" "proxy" "proxy_http" - ] + ] ++ optional enableSSL "ssl" ++ extraApacheModules; - + loggingConf = '' ErrorLog ${mainCfg.logDir}/error_log @@ -208,7 +208,7 @@ let SSLCertificateFile ${cfg.sslServerCert} SSLCertificateKeyFile ${cfg.sslServerKey} '' else ""} - + ${if cfg.enableSSL then '' SSLEngine on '' else if enableSSL then /* i.e., SSL is enabled for some host, but not this one */ @@ -230,10 +230,10 @@ let ${if isMainServer || cfg.documentRoot != null then documentRootConf else ""} ${if cfg.enableUserDir then '' - + UserDir public_html UserDir disabled root - + <Directory "/home/*/public_html"> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec @@ -246,7 +246,7 @@ let Deny from all </LimitExcept> </Directory> - + '' else ""} ${if cfg.globalRedirect != "" then '' @@ -278,9 +278,9 @@ let ${cfg.extraConfig} ''; - + httpdConf = pkgs.writeText "httpd.conf" '' - + ServerRoot ${httpd} PidFile ${mainCfg.stateDir}/httpd.pid @@ -305,7 +305,7 @@ let concatMap (svc: svc.extraModulesPre) allSubservices ++ map (name: {inherit name; path = "${httpd}/modules/mod_${name}.so";}) apacheModules ++ optional enablePHP { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } - ++ concatMap (svc: svc.extraModules) allSubservices + ++ concatMap (svc: svc.extraModules) allSubservices ++ extraForeignModules; in concatMapStrings load allModules } @@ -325,7 +325,7 @@ let Include ${httpd}/conf/extra/httpd-autoindex.conf Include ${httpd}/conf/extra/httpd-multilang-errordoc.conf Include ${httpd}/conf/extra/httpd-languages.conf - + ${if enableSSL then sslConf else ""} # Fascist default - deny access to everything. @@ -346,7 +346,7 @@ let # Generate directives for the main server. ${perServerConf true mainCfg} - + # Always enable virtual hosts; it doesn't seem to hurt. ${let ports = map getPort allHosts; @@ -387,9 +387,9 @@ in ###### interface options = { - + services.httpd = { - + enable = mkOption { default = false; description = " @@ -609,5 +609,5 @@ in }; }; - + } diff --git a/modules/services/web-servers/apache-httpd/mediawiki.nix b/modules/services/web-servers/apache-httpd/mediawiki.nix index c5c892825f4..d45d477b671 100644 --- a/modules/services/web-servers/apache-httpd/mediawiki.nix +++ b/modules/services/web-servers/apache-httpd/mediawiki.nix @@ -5,13 +5,13 @@ with pkgs.lib; let src_clean_skin = pkgs.fetchurl { - url = "http://lastlog.de/misc/clean-1.01.tar.gz"; - sha256 = "5fb1736b64b33ca3429d035f1358cf8217da2d02019d8a80b14c7985367f659f"; + url = "http://lastlog.de/misc/clean-1.01.tar.gz"; + sha256 = "5fb1736b64b33ca3429d035f1358cf8217da2d02019d8a80b14c7985367f659f"; }; src_nixos_skin = pkgs.fetchurl { - url = "http://lastlog.de/misc/nixos-1.0.tar.gz"; - sha256 = "413b0f451bde81ac2dd0bede17dd088f9abcd0f3cea1722279311ca648a855cf"; + url = "http://lastlog.de/misc/nixos-1.0.tar.gz"; + sha256 = "413b0f451bde81ac2dd0bede17dd088f9abcd0f3cea1722279311ca648a855cf"; }; mediawikiConfig = pkgs.writeText "LocalSettings.php" @@ -83,7 +83,7 @@ let # Unpack Mediawiki and put the config file in its root directory. mediawikiRoot = pkgs.stdenv.mkDerivation rec { name= "mediawiki-1.15.5"; - + src = pkgs.fetchurl { url = "http://download.wikimedia.org/mediawiki/1.15/${name}.tar.gz"; sha256 = "1d8afbdh3lsg54b69mnh6a47psb3lg978xpp277qs08yz15cjf7q"; @@ -116,7 +116,7 @@ let --add-flags ${mediawikiRoot}/maintenance/$i done ''; - + in { @@ -132,7 +132,7 @@ in Options -Indexes </Directory> ''} - + Alias ${config.urlPrefix} ${mediawikiRoot} <Directory ${mediawikiRoot}> @@ -170,7 +170,7 @@ in default = "mediawiki"; description = "Name of the database that holds the MediaWiki data."; }; - + dbServer = mkOption { default = ""; # use a Unix domain socket example = "10.0.2.2"; @@ -185,7 +185,7 @@ in default = "mediawiki"; description = "The user name for accessing the database."; }; - + dbPassword = mkOption { default = ""; example = "foobar"; @@ -194,7 +194,7 @@ in cleartext in the Nix store! ''; }; - + emergencyContact = mkOption { default = serverInfo.serverConfig.adminAddr; example = "admin@example.com"; @@ -203,7 +203,7 @@ in admin address. ''; }; - + passwordSender = mkOption { default = serverInfo.serverConfig.adminAddr; example = "password@example.com"; @@ -277,7 +277,7 @@ in extraPath = [ mediawikiScripts ]; # !!! Need to specify that Apache has a dependency on PostgreSQL! - + startupScript = pkgs.writeScript "mediawiki_startup.sh" # Initialise the database automagically if we're using a Postgres # server on localhost. diff --git a/modules/services/web-servers/apache-httpd/mercurial.nix b/modules/services/web-servers/apache-httpd/mercurial.nix index 45cb8197917..ad1c332a657 100644 --- a/modules/services/web-servers/apache-httpd/mercurial.nix +++ b/modules/services/web-servers/apache-httpd/mercurial.nix @@ -5,9 +5,9 @@ let inherit (pkgs.lib) mkOption; urlPrefix = config.urlPrefix; - + cgi = pkgs.stdenv.mkDerivation { - name = "mercurial-cgi"; + name = "mercurial-cgi"; buildCommand = '' ensureDir $out cp -v ${mercurial}/share/cgi-bin/hgweb.cgi $out @@ -21,7 +21,7 @@ let " > $out/hgweb.config ''; }; - + in { extraConfig = '' @@ -45,18 +45,18 @@ in { PassEnv PYTHONPATH </Directory> ''; - + robotsEntries = '' User-agent: * Disallow: ${urlPrefix} ''; - + extraServerPath = [ - (pkgs.python+"/bin") + (pkgs.python+"/bin") ]; - + globalEnvVars = [ { name = "PYTHONPATH"; value = "${mercurial}/lib/${pkgs.python.libPrefix}/site-packages"; } ]; - + options = { urlPrefix = mkOption { default = "/hg"; @@ -65,7 +65,7 @@ in { Use the empty string to have it appear in the server root. "; }; - + dataDir = mkOption { example = "/data/mercurial"; description = " @@ -73,5 +73,5 @@ in { "; }; }; - + } diff --git a/modules/services/web-servers/apache-httpd/per-server-options.nix b/modules/services/web-servers/apache-httpd/per-server-options.nix index 8a2ee0e849a..00b82550bbe 100644 --- a/modules/services/web-servers/apache-httpd/per-server-options.nix +++ b/modules/services/web-servers/apache-httpd/per-server-options.nix @@ -40,9 +40,9 @@ # Note: sslServerCert and sslServerKey can be left empty, but this # only makes sense for virtual hosts (they will inherit from the # main server). - + sslServerCert = mkOption { - default = ""; + default = ""; example = "/var/host.cert"; description = " Path to server SSL certificate. diff --git a/modules/services/web-servers/apache-httpd/tomcat-connector.nix b/modules/services/web-servers/apache-httpd/tomcat-connector.nix index 00cca42c6e0..f815eeb290c 100644 --- a/modules/services/web-servers/apache-httpd/tomcat-connector.nix +++ b/modules/services/web-servers/apache-httpd/tomcat-connector.nix @@ -43,8 +43,8 @@ JkLogLevel info JkLogStampFormat "[%a %b %d %H:%M:%S %Y]" # JkOptions indicates to send SSK KEY SIZE -# Note: Changed from +ForwardURICompat. -# See http://tomcat.apache.org/security-jk.html +# Note: Changed from +ForwardURICompat. +# See http://tomcat.apache.org/security-jk.html JkOptions +ForwardKeySize +ForwardURICompatUnparsed -ForwardDirectories # JkRequestLogFormat @@ -63,13 +63,13 @@ JkMount /__application__/* loadbalancer # This directive is present with 1.2.10 and # later versions of mod_jk, and is needed for # for load balancing to work properly -# Note: Replaced JkShmFile logs/jk.shm due to SELinux issues. Refer to +# Note: Replaced JkShmFile logs/jk.shm due to SELinux issues. Refer to # https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225452 JkShmFile ${config.stateDir}/jk.shm # Static files in all Tomcat webapp context directories are served by apache JkAutoAlias /var/tomcat/webapps - + # All requests go to worker by default JkMount /* loadbalancer # Serve some static files using httpd diff --git a/modules/services/web-servers/apache-httpd/trac.nix b/modules/services/web-servers/apache-httpd/trac.nix index 676aaa83178..5e31c1f2643 100644 --- a/modules/services/web-servers/apache-httpd/trac.nix +++ b/modules/services/web-servers/apache-httpd/trac.nix @@ -3,7 +3,7 @@ with pkgs.lib; let - + # Build a Subversion instance with Apache modules and Swig/Python bindings. subversion = pkgs.subversion.override (origArgs: { bdbSupport = true; @@ -14,18 +14,18 @@ let }); pythonLib = p: "${p}/"; - + in { options = { - + projectsLocation = mkOption { description = "URL path in which Trac projects can be accessed"; default = "/projects"; }; - + projects = mkOption { description = "List of projects that should be provided by Trac. If they are not defined yet empty projects are created."; default = []; @@ -37,7 +37,7 @@ in } ]; }; - + user = mkOption { default = "wwwrun"; description = "User account under which Trac runs."; @@ -64,12 +64,12 @@ in description = "AuthName"; }; }; - + }; extraModules = singleton { name = "python"; path = "${pkgs.mod_python}/modules/mod_python.so"; }; - + extraConfig = '' <Location ${config.projectsLocation}> SetHandler mod_python @@ -89,7 +89,7 @@ in '' else ""} </LocationMatch> ''; - + globalEnvVars = singleton { name = "PYTHONPATH"; value = @@ -103,11 +103,11 @@ in subversion ]; }; - + startupScript = pkgs.writeScript "activateTrac" '' mkdir -p /var/trac chown ${config.user}:${config.group} /var/trac - + ${concatMapStrings (project: '' if [ ! -d /var/trac/${project.identifier} ] @@ -117,5 +117,5 @@ in fi '' ) (config.projects)} ''; - + } diff --git a/modules/services/web-servers/apache-httpd/zabbix.nix b/modules/services/web-servers/apache-httpd/zabbix.nix index 3c2a30322f4..66b6c0ea9b0 100644 --- a/modules/services/web-servers/apache-httpd/zabbix.nix +++ b/modules/services/web-servers/apache-httpd/zabbix.nix @@ -29,10 +29,10 @@ in max_execution_time = 300 mbstring.func_overload = 2 ''; - + extraConfig = '' Alias ${config.urlPrefix}/ ${zabbixPHP}/ - + <Directory ${zabbixPHP}> DirectoryIndex index.php Order deny,allow diff --git a/modules/services/web-servers/jboss/default.nix b/modules/services/web-servers/jboss/default.nix index a1bdce50eee..e1bcede6563 100644 --- a/modules/services/web-servers/jboss/default.nix +++ b/modules/services/web-servers/jboss/default.nix @@ -5,7 +5,7 @@ with pkgs.lib; let cfg = config.services.jboss; - + jbossService = pkgs.stdenv.mkDerivation { name = "jboss-server"; builder = ./builder.sh; @@ -20,9 +20,9 @@ in ###### interface options = { - + services.jboss = { - + enable = mkOption { default = false; description = "Whether to enable jboss"; @@ -62,7 +62,7 @@ in default = false; description = "Whether to use to connector to the Apache HTTP server"; }; - + }; }; @@ -79,5 +79,5 @@ in }; }; - + } diff --git a/modules/services/web-servers/tomcat.nix b/modules/services/web-servers/tomcat.nix index 83b95655011..078877b15bc 100644 --- a/modules/services/web-servers/tomcat.nix +++ b/modules/services/web-servers/tomcat.nix @@ -5,7 +5,7 @@ with pkgs.lib; let cfg = config.services.tomcat; - + in { @@ -13,9 +13,9 @@ in ###### interface options = { - + services.tomcat = { - + enable = mkOption { default = false; description = "Whether to enable Apache Tomcat"; @@ -31,16 +31,16 @@ in example = [ "users" ]; description = "Defines extra groups to which the tomcat user belongs."; }; - + user = mkOption { default = "tomcat"; description = "User account under which Apache Tomcat runs."; - }; + }; group = mkOption { default = "tomcat"; description = "Group account under which Apache Tomcat runs."; - }; + }; javaOpts = mkOption { default = ""; @@ -73,12 +73,12 @@ in }; logPerVirtualHost = mkOption { - default = false; + default = false; description = "Whether to enable logging per virtual host."; - }; + }; axis2 = { - + enable = mkOption { default = false; description = "Whether to enable an Apache Axis2 container"; @@ -88,9 +88,9 @@ in default = []; description = "List containing AAR files or directories with AAR files which are web services to be deployed on Axis2"; }; - + }; - + }; }; @@ -104,7 +104,7 @@ in { name = "tomcat"; gid = config.ids.gids.tomcat; }; - + users.extraUsers = singleton { name = "tomcat"; uid = config.ids.uids.tomcat; @@ -112,7 +112,7 @@ in home = "/homeless-shelter"; extraGroups = cfg.extraGroups; }; - + jobs.tomcat = { description = "Apache Tomcat server"; @@ -122,62 +122,62 @@ in environment = { TZ = config.time.timeZone; }; preStart = - '' + '' # Create the base directory mkdir -p ${cfg.baseDir} - + # Create a symlink to the bin directory of the tomcat component ln -sfn ${pkgs.tomcat6}/bin ${cfg.baseDir}/bin - + # Create a conf/ directory mkdir -p ${cfg.baseDir}/conf chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/conf - + # Symlink the config files in the conf/ directory (except for catalina.properties and server.xml) for i in $(ls ${pkgs.tomcat6}/conf | grep -v catalina.properties | grep -v server.xml) do ln -sfn ${pkgs.tomcat6}/conf/$i ${cfg.baseDir}/conf/`basename $i` done - + # Create subdirectory for virtual hosts mkdir -p ${cfg.baseDir}/virtualhosts - - # Create a modified catalina.properties file + + # Create a modified catalina.properties file # Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries sed -e 's|''${catalina.home}|''${catalina.base}|g' \ -e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \ ${pkgs.tomcat6}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties - + # Create a modified server.xml which also includes all virtual hosts sed -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\ ${ toString (map (virtualHost: ''<Host name=\"${virtualHost.name}\" appBase=\"virtualhosts/${virtualHost.name}/webapps\" unpackWARs=\"true\" autoDeploy=\"true\" xmlValidation=\"false\" xmlNamespaceAware=\"false\" >${if cfg.logPerVirtualHost then ''<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"logs/${virtualHost.name}\" prefix=\"${virtualHost.name}_access_log.\" pattern=\"combined\" resolveHosts=\"false\"/>'' else ""}</Host>'') cfg.virtualHosts)}" \ ${pkgs.tomcat6}/conf/server.xml > ${cfg.baseDir}/conf/server.xml - + # Create a logs/ directory mkdir -p ${cfg.baseDir}/logs chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs - ${if cfg.logPerVirtualHost then + ${if cfg.logPerVirtualHost then toString (map (h: '' mkdir -p ${cfg.baseDir}/logs/${h.name} chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name} '') cfg.virtualHosts) else ''''} - + # Create a temp/ directory mkdir -p ${cfg.baseDir}/temp chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/temp - # Create a lib/ directory + # Create a lib/ directory mkdir -p ${cfg.baseDir}/lib chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/lib - + # Create a shared/lib directory mkdir -p ${cfg.baseDir}/shared/lib chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/shared/lib - + # Create a webapps/ directory mkdir -p ${cfg.baseDir}/webapps chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps - + # Symlink all the given common libs files or paths into the lib/ directory for i in ${pkgs.tomcat6} ${toString cfg.commonLibs} do @@ -189,13 +189,13 @@ in then # If the given web application is a directory, then iterate over the files # in the special purpose directories and symlink them into the tomcat tree - + for j in $i/lib/* do ln -sfn $j ${cfg.baseDir}/lib/`basename $j` done fi - done + done # Symlink all the given shared libs files or paths into the shared/lib/ directory for i in ${toString cfg.sharedLibs} @@ -208,14 +208,14 @@ in then # If the given web application is a directory, then iterate over the files # in the special purpose directories and symlink them into the tomcat tree - + for j in $i/shared/lib/* do ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j` done fi - done - + done + # Symlink all the given web applications files or paths into the webapps/ directory for i in ${toString cfg.webapps} do @@ -227,12 +227,12 @@ in then # If the given web application is a directory, then iterate over the files # in the special purpose directories and symlink them into the tomcat tree - + for j in $i/webapps/* do ln -sfn $j ${cfg.baseDir}/webapps/`basename $j` done - + # Also symlink the configuration files if they are included if [ -d $i/conf/Catalina ] then @@ -243,15 +243,15 @@ in done fi fi - done - + done + ${toString (map (virtualHost: '' # Create webapps directory for the virtual host mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps - + # Modify ownership chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps - + # Symlink all the given web applications files or paths into the webapps/ directory # of this virtual host for i in "${if virtualHost ? webapps then toString virtualHost.webapps else ""}" @@ -264,12 +264,12 @@ in then # If the given web application is a directory, then iterate over the files # in the special purpose directories and symlink them into the tomcat tree - + for j in $i/webapps/* do ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j` done - + # Also symlink the configuration files if they are included if [ -d $i/conf/Catalina ] then @@ -279,27 +279,27 @@ in ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j` done fi - fi + fi done - + '' ) cfg.virtualHosts) } - + # Create a work/ directory mkdir -p ${cfg.baseDir}/work chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/work - + ${if cfg.axis2.enable then '' # Copy the Axis2 web application cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps - + # Turn off addressing, which causes many errors sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml - + # Modify permissions on the Axis2 application chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2 - + # Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory for i in ${toString cfg.axis2.services} do @@ -311,12 +311,12 @@ in then # If the given web application is a directory, then iterate over the files # in the special purpose directories and symlink them into the tomcat tree - + for j in $i/webapps/axis2/WEB-INF/services/* do ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j` done - + # Also symlink the configuration files if they are included if [ -d $i/conf/Catalina ] then @@ -326,13 +326,13 @@ in done fi fi - done + done '' else ""} ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${pkgs.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${pkgs.tomcat6}/bin/startup.sh' ''; - + postStop = '' echo "Stopping tomcat..." |