From 4ef15fc0950aab587158766f7828591c4e7f15f8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Dec 2007 15:30:17 +0000 Subject: [PATCH] * Statically check whether the generated httpd.conf is correct. * Option `noUserDir' -> `enableUserDir', negatives are bad :-) svn path=/nixos/trunk/; revision=9927 --- system/options.nix | 28 +++++++++++++++-- upstart-jobs/apache-httpd/default.nix | 44 ++++++++++++++++++++++----- upstart-jobs/httpd.nix | 4 +-- 3 files changed, 64 insertions(+), 12 deletions(-) diff --git a/system/options.nix b/system/options.nix index 30475fd6bcb..75459045c48 100644 --- a/system/options.nix +++ b/system/options.nix @@ -929,10 +929,32 @@ "; }; - noUserDir = mkOption { - default = true; + enableUserDir = mkOption { + default = false; description = " - Set to false to let users to publish ~/public_html as /~user. + Whether to enable serving ~/public_html as + /~username. + "; + }; + + documentRoot = mkOption { + default = null; + example = "/data/webserver/docs"; + description = " + The path of Apache's document root directory. If left undefined, + an empty directory in the Nix store will be used as root. + "; + }; + + servedDirs = mkOption { + default = []; + example = [ + { urlPath = "/nix"; + dir = "/home/eelco/Dev/nix-homepage"; + } + ]; + description = " + This option provides a simple way to serve static directories. "; }; diff --git a/upstart-jobs/apache-httpd/default.nix b/upstart-jobs/apache-httpd/default.nix index feec4f7f000..2dc6f11b651 100644 --- a/upstart-jobs/apache-httpd/default.nix +++ b/upstart-jobs/apache-httpd/default.nix @@ -9,7 +9,8 @@ let httpd = pkgs.apacheHttpd; - documentRoot = "/etc"; + documentRoot = if cfg.documentRoot != null then cfg.documentRoot else + pkgs.runCommand "empty" {} "ensureDir $out"; # Names of modules from ${httpd}/modules that we want to load. @@ -138,12 +139,24 @@ let in pkgs.lib.concatStrings (map f apacheModules) } - # !!! is this a good idea? - UseCanonicalName Off - - ServerSignature On - - ${if cfg.noUserDir then "" else "UserDir public_html"} + ${if cfg.enableUserDir then '' + + UserDir public_html + + + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + + Order allow,deny + Allow from all + + + Order deny,allow + Deny from all + + + + '' else ""} AddHandler type-map var @@ -156,6 +169,7 @@ let ${loggingConf} ${browserHacks} + Include ${httpd}/conf/extra/httpd-default.conf Include ${httpd}/conf/extra/httpd-autoindex.conf Include ${httpd}/conf/extra/httpd-multilang-errordoc.conf Include ${httpd}/conf/extra/httpd-languages.conf @@ -168,6 +182,18 @@ let ${documentRootConf} + + ${ + let makeDirConf = elem: '' + Alias ${elem.urlPath} ${elem.dir}/ + + Order allow,deny + Allow from all + AllowOverride None + + ''; + in pkgs.lib.concatStrings (map makeDirConf cfg.servedDirs) + } ''; @@ -188,6 +214,10 @@ in } ]; + # Statically verify the syntactic correctness of the generated + # httpd.conf. + buildHook = "${httpd}/bin/httpd -f ${httpdConf} -t"; + job = '' description "Apache HTTPD" diff --git a/upstart-jobs/httpd.nix b/upstart-jobs/httpd.nix index a8f00552fc8..20d0f834fac 100644 --- a/upstart-jobs/httpd.nix +++ b/upstart-jobs/httpd.nix @@ -17,7 +17,6 @@ let logDir = cfg.logDir; stateDir = cfg.stateDir; enableSSL = false; - noUserDir = cfg.noUserDir; extraDirectories = cfg.extraDirectories + extraConfig; startingDependency = if config.services.gw6c.enable then "gw6c" else "network-interfaces"; @@ -29,7 +28,8 @@ let inherit hostName httpPort httpsPort user group adminAddr logDir stateDir - noUserDir extraDirectories; + extraDirectories; + noUserDir = !cfg.enableUserDir; subServices =