public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nginx: add support for modescurity

Browse Source
This commit is contained in:
Jaka Hudoklin 2015-09-23 20:28:44 +02:00
parent 56b1f7934c
commit 46828582ab
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkgs/servers/http/nginx/default.nix
View File

@ -1,11 +1,13 @@
{ stdenv, fetchurl, fetchFromGitHub, openssl, zlib, pcre, libxml2, libxslt, expat { stdenv, fetchurl, fetchFromGitHub, openssl, zlib, pcre, libxml2, libxslt, expat
, gd, geoip, luajit , gd, geoip, luajit
, curl, apr, aprutil, apacheHttpd, yajl, libcap, modsecurity_standalone
, rtmp ? false , rtmp ? false
, fullWebDAV ? false , fullWebDAV ? false
, syslog ? false , syslog ? false
, moreheaders ? false , moreheaders ? false
, echo ? false , echo ? false
, ngx_lua ? false , modsecurity ? false
, ngx_lua ? modsecurity || false
, set_misc ? false , set_misc ? false
, fluent ? false , fluent ? false
, extraModules ? [] , extraModules ? []
@ -48,6 +50,8 @@ let
sha256 = "01wkqhk8mk8jgmzi7jbzmg5kamffx3lmhj5yfwryvnvs6xqs74wn"; sha256 = "01wkqhk8mk8jgmzi7jbzmg5kamffx3lmhj5yfwryvnvs6xqs74wn";
}; };
modsecurity-ext = modsecurity_standalone.nginx;
echo-ext = fetchFromGitHub { echo-ext = fetchFromGitHub {
owner = "openresty"; owner = "openresty";
repo = "echo-nginx-module"; repo = "echo-nginx-module";
@ -93,7 +97,8 @@ stdenv.mkDerivation rec {
buildInputs = buildInputs =
[ openssl zlib pcre libxml2 libxslt gd geoip [ openssl zlib pcre libxml2 libxslt gd geoip
] ++ optional fullWebDAV expat ] ++ optional fullWebDAV expat
++ optional ngx_lua luajit; ++ optional ngx_lua luajit
++ optionals modsecurity [ curl apr aprutil apacheHttpd yajl ];
LUAJIT_LIB = if ngx_lua then "${luajit}/lib" else ""; LUAJIT_LIB = if ngx_lua then "${luajit}/lib" else "";
LUAJIT_INC = if ngx_lua then "${luajit}/include/luajit-2.0" else ""; LUAJIT_INC = if ngx_lua then "${luajit}/include/luajit-2.0" else "";
@ -132,14 +137,17 @@ stdenv.mkDerivation rec {
++ optional echo "--add-module=${echo-ext}" ++ optional echo "--add-module=${echo-ext}"
++ optional ngx_lua "--add-module=${develkit-ext} --add-module=${lua-ext}" ++ optional ngx_lua "--add-module=${develkit-ext} --add-module=${lua-ext}"
++ optional set_misc "--add-module=${set-misc-ext}" ++ optional set_misc "--add-module=${set-misc-ext}"
++ optionals (elem stdenv.system (with platforms; linux ++ freebsd)) ++ optionals (elem stdenv.system (with platforms; linux ++ freebsd))
[ "--with-file-aio" "--with-aio_module" ] [ "--with-file-aio" "--with-aio_module" ]
++ optional fluent "--add-module=${fluentd}" ++ optional fluent "--add-module=${fluentd}"
++ optional modsecurity "--add-module=${modsecurity-ext}/nginx/modsecurity"
++ (map (m: "--add-module=${m}") extraModules); ++ (map (m: "--add-module=${m}") extraModules);
additionalFlags = optionalString stdenv.isDarwin "-Wno-error=deprecated-declarations -Wno-error=conditional-uninitialized"; additionalFlags = optionalString stdenv.isDarwin "-Wno-error=deprecated-declarations -Wno-error=conditional-uninitialized";
NIX_CFLAGS_COMPILE = optionalString modsecurity "-I${aprutil}/include/apr-1 -I${apacheHttpd}/include -I${apr}/include/apr-1 -I${yajl}/include";
preConfigure = '' preConfigure = ''
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${libxml2}/include/libxml2 $additionalFlags" export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${libxml2}/include/libxml2 $additionalFlags"
''; '';