Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Merge pull request #163716 from svanderburg/fixtomcat | Sander van der Burg | 2022-03-13 |
|\ | | | | | nixos/tomcat: configure default group and fix broken default package … | ||
| * | nixos/tomcat: configure default group and fix broken default package reference | Sander van der Burg | 2022-03-13 |
| | | | | | | | | | | | | | | | | | | | | | | | | Without this fix, evaluating a NixOS configuration with Tomcat enabled and the default settings results in the following evaluation error: Failed assertions: - users.users.tomcat.group is unset. This used to default to nogroup, but this is unsafe. For example you can create a group for this user with: users.users.tomcat.group = "tomcat"; users.groups.tomcat = {}; | ||
* | | nixos/pomerium: avoid blocking when renewing ACME certificates | Luke Granger-Brown | 2022-03-11 |
|/ | |||
* | nginxModules: add option disableIPC | Izorkin | 2022-03-08 |
| | | | | | The disableIPC option is required to checking enabled nginxModules and disable the SystemCallFilter IPC filter. | ||
* | Merge pull request #159187 from martinetd/logrotate | Janne Heß | 2022-02-23 |
|\ | | | | | logrotate service enhancements | ||
| * | nginx: add logrotate rule for nginx logs | Dominique Martinet | 2022-02-11 |
| | | |||
* | | Merge pull request #158592 from SuperSandro2000/nginx-nixos | Sandro | 2022-02-20 |
|\ \ | |||
| * | | treewide: use configured nginx package | Sandro Jäckel | 2022-02-08 |
| | | | |||
* | | | Merge pull request #141650 from 06kellyjac/agate | Sandro | 2022-02-16 |
|\ \ \ | |_|/ |/| | | |||
| * | | nixos/agate: init | 06kellyjac | 2022-02-07 |
| |/ | |||
* / | nixos/shellinabox: drop | ajs124 | 2022-02-08 |
|/ | |||
* | Merge branch 'master' into nginx | Jörg Thalheim | 2022-01-31 |
|\ | |||
| * | nixos/nginx: Add defaultListenAddresses option | Daniel Olsen | 2022-01-24 |
| | | | | | | | | | | | | Lets you specify the default listen address if none are listed in the vhost configuration. Useful for hosts with more than one ip | ||
| * | Merge pull request #153942 from winterqt/acme-web-server-ownership-assertions | Martin Weinelt | 2022-01-11 |
| |\ | |||
| | * | nixos/acme: ensure web servers using certs can access them | Winter | 2022-01-08 |
| | | | |||
| * | | Merge pull request #153589 from abbradar/uwsgi-fixes | Nikolay Amiantov | 2022-01-09 |
| |\ \ | | |/ | |/| | uWSGI configuration generation fixes | ||
| | * | uwsgi service: deduplicate plugins list | Nikolay Amiantov | 2022-01-05 |
| | | | | | | | | | | | | Duplicates can lead to unnecessary `uwsgi` rebuilds and conflicts. | ||
| | * | uwsgi service: redefine PATH envvar | Nikolay Amiantov | 2022-01-05 |
| | | | | | | | | | | | | | | | Previously if user had `PATH` variable set we would define several `PATH` variables and trigger a conflict. | ||
| * | | nixos/caddy: add globalConfig option | Aaron Andersen | 2022-01-06 |
| |/ | |||
| * | Revert "nixos/nginx: disable rejectSSL activation when https is disabled" | Naïm Favier | 2022-01-02 |
| | | | | | | | | This reverts commit 2f66ac01e91d70837377c4356e5c99843b71f105. | ||
| * | nixos/acme: Add defaults and inheritDefaults option | Lucas Savva | 2021-12-26 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allows configuring many default settings for certificates, all of which can still be overridden on a per-cert basis. Some options have been moved into .defaults from security.acme, namely email, server, validMinDays and renewInterval. These changes will not break existing configurations thanks to mkChangedOptionModule. With this, it is also now possible to configure DNS-01 with web servers whose virtualHosts utilise enableACME. The only requirement is you set `acmeRoot = null` for each vhost. The test suite has been revamped to cover these additions and also to generally make it easier to maintain. Test config for apache and nginx has been fully standardised, and it is now much easier to add a new web server if it follows the same configuration patterns as those two. I have also optimised the use of switch-to-configuration which should speed up testing. | ||
| * | Merge pull request #147973 from aanderse/nixos/caddy | Aaron Andersen | 2021-12-25 |
| |\ | | | | | | | nixos/caddy: introduce several new options | ||
| | * | nixos/caddy: introduce several new options | Aaron Andersen | 2021-12-20 |
| | | | |||
| * | | Merge pull request #147027 from Izorkin/update-nginx-ktls | 7c6f434c | 2021-12-24 |
| |\ \ | | |/ | |/| | nginxMainline: enable ktls support | ||
| | * | nixos/nginx: disable rejectSSL activation when https is disabled | Izorkin | 2021-11-27 |
| | | | |||
| | * | nixos/nginx: tengine requires allowing @ipc calls | Izorkin | 2021-11-27 |
| | | | |||
| | * | nixos/nginx: add kTLS option | Izorkin | 2021-11-27 |
| | | | |||
| * | | Merge pull request #148785 from pennae/more-option-doc-staticizing | Graham Christensen | 2021-12-17 |
| |\ \ | | | | | | | | | treewide: more defaultText for options | ||
| | * | | treewide: add literalDocBook text to options with complex defaults | pennae | 2021-12-09 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | some options have default that are best described in prose, such as defaults that depend on the system stateVersion, defaults that are derivations specific to the surrounding context, or those where the expression is much longer and harder to understand than a simple text snippet. | ||
| * | | | Merge pull request #139815 from ncfavier/fastcgiParams-path | Sandro | 2021-12-07 |
| |\ \ \ | |||
| | * | | | nixos/nginx: allow paths in fastcgiParams | Naïm Favier | 2021-09-29 |
| | | | | | | | | | | | | | | | | | | | | Useful for pointing `SCRIPT_FILENAME` at a derivation. | ||
| * | | | | nixos/*: escape config reference in examples and descriptions | pennae | 2021-12-02 |
| | | | | | |||
| * | | | | nixos/*: add trivial defaultText for options with simple defaults | pennae | 2021-12-02 |
| | | | | | |||
* | | | | | Update nixos/modules/services/web-servers/nginx/default.nix | Jörg Thalheim | 2022-01-31 |
| | | | | | |||
* | | | | | nixos/nginx: fix mincore filtering | Jörg Thalheim | 2021-12-05 |
|/ / / / | | | | | | | | | | | | | Mincore is a syscall, not a group. | ||
* | | | | Merge pull request #146533 from SuperSandro2000/nginx | Sandro | 2021-11-30 |
|\ \ \ \ | |_|/ / |/| | | | |||
| * | | | nixos/nginx: fix start when recommendedOptimisation is off | Sandro | 2021-11-18 |
| | |/ | |/| | | | | Also done by other distros for example Fedora https://bodhi.fedoraproject.org/updates/FEDORA-2020-78690e2cdd | ||
* / | | caddy: include and utilize systemd service from upstream (#147305) | Aaron Andersen | 2021-11-29 |
|/ / | |||
* | | nixos/nginx: fix SystemCallFilter after 1fc113f0df6e83c9dc3e5110ae7706772f21ba68 | ajs124 | 2021-11-16 |
| | | |||
* | | treewide: switch ``builtins.fromJSON(builtins.readFile ./file.json)`` to ↵ | Sandro Jäckel | 2021-11-03 |
| | | | | | | | | lib.importJSON ./file.json | ||
* | | nixos/nginx: disable MemoryDenyWriteExecute for pkgs.openresty | Bruno Bigras | 2021-10-12 |
| | | | | | | | | | | | | fix #140655 Co-authored-by: Yurii Izorkin <izorkin@elven.pw> | ||
* | | nixos/varnish: add enableConfigCheck | ajs124 | 2021-10-06 |
| | | |||
* | | nixos/doc: clean up defaults and examples | Naïm Favier | 2021-10-04 |
| | | |||
* | | nixos/lighttpd: support new authentication modules | Brecht Savelkoul | 2021-09-27 |
| | | |||
* | | nixos/trafficserver: avoid input from derivation | rnhmjoj | 2021-09-23 |
|/ | | | | | | | Using builtins.readFile to load upstream defaults is a clever trick, but it's not allowed in restricted evaluation mode: which means it fails on Hydra, for example. Besides - in Nixpkgs - depending on derivation as inputs is considered bad practice and should be avoided. | ||
* | nixos/zope2: define group | Guillaume Girol | 2021-09-18 |
| | | | | untested as the module is broken (attribute 'modules' missing) | ||
* | nixos/httpd: add none option to logFormat | Daniel Șerbănescu | 2021-08-22 |
| | |||
* | Merge pull request #134008 from aanderse/httpd | Robert Hensing | 2021-08-21 |
|\ | | | | | nixos/httpd: add virtualHosts.<name>.listenAddresses option | ||
| * | nixos/httpd: add virtualHosts.<name>.listenAddresses option | Aaron Andersen | 2021-08-20 |
| | | |||
* | | caddy: add virtualHosts stub | happysalada | 2021-08-20 |
| | |