diff options
Diffstat (limited to 'pkgs/servers/http')
-rw-r--r-- | pkgs/servers/http/h2o/default.nix | 13 | ||||
-rw-r--r-- | pkgs/servers/http/nginx/mainline.nix | 4 | ||||
-rw-r--r-- | pkgs/servers/http/nginx/modules.nix | 46 | ||||
-rw-r--r-- | pkgs/servers/http/tengine/default.nix | 85 |
4 files changed, 144 insertions, 4 deletions
diff --git a/pkgs/servers/http/h2o/default.nix b/pkgs/servers/http/h2o/default.nix index e05624fa46c..ceffd3e0260 100644 --- a/pkgs/servers/http/h2o/default.nix +++ b/pkgs/servers/http/h2o/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchFromGitHub , pkgconfig, cmake -, libressl_2_6, libuv, zlib +, libressl, libuv, zlib }: with builtins; @@ -16,8 +16,17 @@ stdenv.mkDerivation rec { sha256 = "0jyvbp6cjiirj44nxqa2fi5y473gnc8awfn8zv82hb1y9rlxqfyv"; }; + # We have to fix up some function prototypes, because despite upstream h2o + # issue #1705 (https://github.com/h2o/h2o/issues/1706), libressl 2.7+ doesn't + # seem to work + patchPhase = '' + substituteInPlace ./deps/neverbleed/neverbleed.c \ + --replace 'static void RSA_' 'void RSA_' \ + --replace 'static int RSA_' 'int RSA_' + ''; + nativeBuildInputs = [ pkgconfig cmake ]; - buildInputs = [ libressl_2_6 libuv zlib ]; + buildInputs = [ libressl libuv zlib ]; enableParallelBuilding = true; meta = { diff --git a/pkgs/servers/http/nginx/mainline.nix b/pkgs/servers/http/nginx/mainline.nix index 5afd73c8868..ecde2430f52 100644 --- a/pkgs/servers/http/nginx/mainline.nix +++ b/pkgs/servers/http/nginx/mainline.nix @@ -1,6 +1,6 @@ { callPackage, ... }@args: callPackage ./generic.nix (args // { - version = "1.15.1"; - sha256 = "0q2lkpnfqf74p22vrcldx0gcnss3is7rnp54fgpvhcpqsxc6h867"; + version = "1.15.2"; + sha256 = "145dcypq8dqc5as03iy1ycwifwynq9p4i8m56fn7g0myryp0kfpf"; }) diff --git a/pkgs/servers/http/nginx/modules.nix b/pkgs/servers/http/nginx/modules.nix index 9f2cd319f0e..0501bcc9e58 100644 --- a/pkgs/servers/http/nginx/modules.nix +++ b/pkgs/servers/http/nginx/modules.nix @@ -94,6 +94,16 @@ ''; }; + lua-upstream = { + src = fetchFromGitHub { + owner = "openresty"; + repo = "lua-upstream-nginx-module"; + rev = "v0.07"; + sha256 = "1gqccg8airli3i9103zv1zfwbjm27h235qjabfbfqk503rjamkpk"; + }; + inputs = [ pkgs.luajit ]; + }; + modsecurity = { src = "${pkgs.modsecurity_standalone.nginx}/nginx/modsecurity"; inputs = [ pkgs.curl pkgs.apr pkgs.aprutil pkgs.apacheHttpd pkgs.yajl ]; @@ -215,6 +225,33 @@ }; }; + stream-sts = { + src = fetchFromGitHub { + owner = "vozlt"; + repo = "nginx-module-stream-sts"; + rev = "v0.1.1"; + sha256 = "1jdj1kik6l3rl9nyx61xkqk7hmqbncy0rrqjz3dmjqsz92y8zaya"; + }; + }; + + sts = { + src = fetchFromGitHub { + owner = "vozlt"; + repo = "nginx-module-sts"; + rev = "v0.1.1"; + sha256 = "0nvb29641x1i7mdbydcny4qwlvdpws38xscxirajd2x7nnfdflrk"; + }; + }; + + sysguard = { + src = fetchFromGitHub { + owner = "vozlt"; + repo = "nginx-module-sysguard"; + rev = "e512897f5aba4f79ccaeeebb51138f1704a58608"; + sha256 = "19c6w6wscbq9phnx7vzbdf4ay6p2ys0g7kp2rmc9d4fb53phrhfx"; + }; + }; + upstream-check = { src = fetchFromGitHub { owner = "yaoweibin"; @@ -234,6 +271,15 @@ inputs = [ pkgs.msgpuck.dev pkgs.yajl ]; }; + url = { + src = fetchFromGitHub { + owner = "vozlt"; + repo = "nginx-module-url"; + rev = "9299816ca6bc395625c3683fbd2aa7b916bfe91e"; + sha256 = "0mk1gjmfnry6hgdsnlavww9bn7223idw50jlkhh5k00q5509w4ip"; + }; + }; + vts = { src = fetchFromGitHub { owner = "vozlt"; diff --git a/pkgs/servers/http/tengine/default.nix b/pkgs/servers/http/tengine/default.nix new file mode 100644 index 00000000000..36f326d5590 --- /dev/null +++ b/pkgs/servers/http/tengine/default.nix @@ -0,0 +1,85 @@ +{ stdenv, fetchurl, openssl, zlib, pcre, libxml2, libxslt +, gd, geoip +, withDebug ? false +, withMail ? false +, withIPv6 ? true +, modules ? [] +, ... +}: + +with stdenv.lib; + +stdenv.mkDerivation rec { + version = "2.2.2"; + name = "tengine-${version}"; + + src = fetchurl { + url = "https://github.com/alibaba/tengine/archive/${name}.tar.gz"; + sha256 = "1vq73wsldvj7rc61ag85pvnaacrrq9rs0pfqv71z5iyvb5r3bxc2"; + }; + + buildInputs = + [ openssl zlib pcre libxml2 libxslt gd geoip ] + ++ concatMap (mod: mod.inputs or []) modules; + + configureFlags = [ + "--with-http_ssl_module" + "--with-http_v2_module" + "--with-http_realip_module" + "--with-http_addition_module" + "--with-http_xslt_module" + "--with-http_geoip_module" + "--with-http_sub_module" + "--with-http_dav_module" + "--with-http_flv_module" + "--with-http_mp4_module" + "--with-http_gunzip_module" + "--with-http_gzip_static_module" + "--with-http_auth_request_module" + "--with-http_concat_module" + "--with-http_random_index_module" + "--with-http_secure_link_module" + "--with-http_degradation_module" + "--with-http_stub_status_module" + "--with-http_sysguard_module" + "--with-threads" + "--with-pcre-jit" + "--with-http_slice_module" + ] ++ optional withDebug [ + "--with-debug" + ] ++ optional withMail [ + "--with-mail" + "--with-mail_ssl_module" + ] ++ optional (withMail != true) [ + "--without-mail_pop3_module" + "--without-mail_imap_module" + "--without-mail_smtp_module" + ] ++ optional withIPv6 [ + "--with-ipv6" + ] ++ optional (gd != null) "--with-http_image_filter_module" + ++ optional (with stdenv.hostPlatform; isLinux || isFreeBSD) "--with-file-aio" + ++ map (mod: "--add-module=${mod.src}") modules; + + NIX_CFLAGS_COMPILE = [ + "-I${libxml2.dev}/include/libxml2" + "-Wno-error=implicit-fallthrough" + ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations"; + + preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules); + + hardeningEnable = optional (!stdenv.isDarwin) "pie"; + + enableParallelBuilding = true; + + postInstall = '' + mv $out/sbin $out/bin + ''; + + meta = { + description = "A web server based on Nginx and has many advanced features, originated by Taobao."; + homepage = https://tengine.taobao.org; + license = licenses.bsd2; + platforms = platforms.all; + maintainers = with maintainers; [ izorkin ]; + }; +} |