commit
49616bdff7
|
@ -301,6 +301,7 @@
|
|||
pykms = 282;
|
||||
kodi = 283;
|
||||
restya-board = 284;
|
||||
mighttpd2 = 285;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
|
||||
|
||||
|
@ -570,6 +571,7 @@
|
|||
pykms = 282;
|
||||
kodi = 283;
|
||||
restya-board = 284;
|
||||
mighttpd2 = 285;
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing
|
||||
# uid. Users and groups with the same name should have equal
|
||||
|
|
|
@ -633,6 +633,7 @@
|
|||
./services/web-servers/lighttpd/default.nix
|
||||
./services/web-servers/lighttpd/gitweb.nix
|
||||
./services/web-servers/lighttpd/inginious.nix
|
||||
./services/web-servers/mighttpd2.nix
|
||||
./services/web-servers/minio.nix
|
||||
./services/web-servers/nginx/default.nix
|
||||
./services/web-servers/phpfpm/default.nix
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mighttpd2;
|
||||
configFile = pkgs.writeText "mighty-config" cfg.config;
|
||||
routingFile = pkgs.writeText "mighty-routing" cfg.routing;
|
||||
in {
|
||||
options.services.mighttpd2 = {
|
||||
enable = mkEnableOption "Mighttpd2 web server";
|
||||
|
||||
config = mkOption {
|
||||
default = "";
|
||||
example = ''
|
||||
# Example configuration for Mighttpd 2
|
||||
Port: 80
|
||||
# IP address or "*"
|
||||
Host: *
|
||||
Debug_Mode: Yes # Yes or No
|
||||
# If available, "nobody" is much more secure for User:.
|
||||
User: root
|
||||
# If available, "nobody" is much more secure for Group:.
|
||||
Group: root
|
||||
Pid_File: /var/run/mighty.pid
|
||||
Logging: Yes # Yes or No
|
||||
Log_File: /var/log/mighty # The directory must be writable by User:
|
||||
Log_File_Size: 16777216 # bytes
|
||||
Log_Backup_Number: 10
|
||||
Index_File: index.html
|
||||
Index_Cgi: index.cgi
|
||||
Status_File_Dir: /usr/local/share/mighty/status
|
||||
Connection_Timeout: 30 # seconds
|
||||
Fd_Cache_Duration: 10 # seconds
|
||||
# Server_Name: Mighttpd/3.x.y
|
||||
Tls_Port: 443
|
||||
Tls_Cert_File: cert.pem # should change this with an absolute path
|
||||
# should change this with comma-separated absolute paths
|
||||
Tls_Chain_Files: chain.pem
|
||||
# Currently, Tls_Key_File must not be encrypted.
|
||||
Tls_Key_File: privkey.pem # should change this with an absolute path
|
||||
Service: 0 # 0 is HTTP only, 1 is HTTPS only, 2 is both
|
||||
'';
|
||||
type = types.lines;
|
||||
description = ''
|
||||
Verbatim config file to use
|
||||
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html)
|
||||
'';
|
||||
};
|
||||
|
||||
routing = mkOption {
|
||||
default = "";
|
||||
example = ''
|
||||
# Example routing for Mighttpd 2
|
||||
|
||||
# Domain lists
|
||||
[localhost www.example.com]
|
||||
|
||||
# Entries are looked up in the specified order
|
||||
# All paths must end with "/"
|
||||
|
||||
# A path to CGI scripts should be specified with "=>"
|
||||
/~alice/cgi-bin/ => /home/alice/public_html/cgi-bin/
|
||||
|
||||
# A path to static files should be specified with "->"
|
||||
/~alice/ -> /home/alice/public_html/
|
||||
/cgi-bin/ => /export/cgi-bin/
|
||||
|
||||
# Reverse proxy rules should be specified with ">>"
|
||||
# /path >> host:port/path2
|
||||
# Either "host" or ":port" can be committed, but not both.
|
||||
/app/cal/ >> example.net/calendar/
|
||||
# Yesod app in the same server
|
||||
/app/wiki/ >> 127.0.0.1:3000/
|
||||
|
||||
/ -> /export/www/
|
||||
'';
|
||||
type = types.lines;
|
||||
description = ''
|
||||
Verbatim routing file to use
|
||||
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html)
|
||||
'';
|
||||
};
|
||||
|
||||
cores = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.int;
|
||||
description = ''
|
||||
How many cores to use.
|
||||
If null it will be determined automatically
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions =
|
||||
[ { assertion = cfg.routing != "";
|
||||
message = "You need at least one rule in mighttpd2.routing";
|
||||
}
|
||||
];
|
||||
systemd.services.mighttpd2 = {
|
||||
description = "Mighttpd2 web server";
|
||||
after = [ "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.haskellPackages.mighttpd2}/bin/mighty \
|
||||
${configFile} \
|
||||
${routingFile} \
|
||||
+RTS -N${optionalString (cfg.cores != null) "${cfg.cores}"}
|
||||
'';
|
||||
Type = "simple";
|
||||
User = "mighttpd2";
|
||||
Group = "mighttpd2";
|
||||
Restart = "on-failure";
|
||||
AmbientCapabilities = "cap_net_bind_service";
|
||||
CapabilityBoundingSet = "cap_net_bind_service";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.mighttpd2 = {
|
||||
group = "mighttpd2";
|
||||
uid = config.ids.uids.mighttpd2;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.extraGroups.mighttpd2.gid = config.ids.gids.mighttpd2;
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ fgaz ];
|
||||
}
|
Loading…
Reference in New Issue