public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nginx module: Add dhParams option

Browse Source
This commit is contained in:
Tristan Helmich 2016-02-01 17:30:43 +01:00 committed by Robin Gloster
parent 35d76a72ab
commit c61157b7e6
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -37,6 +37,7 @@ let
ssl_ciphers ${cfg.sslCiphers}; ssl_ciphers ${cfg.sslCiphers};
ssl_ecdh_curve secp521r1; ssl_ecdh_curve secp521r1;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"}
ssl_stapling on; ssl_stapling on;
ssl_stapling_verify on; ssl_stapling_verify on;
@ -204,6 +205,13 @@ in
description = "Allowed TLS protocol versions."; description = "Allowed TLS protocol versions.";
}; };
sslDhparam = mkOption {
type = types.nullOr types.path;
default = null;
example = literalExample "/path/to/dhparams.pem";
description = "Path to DH parameters file.";
};
virtualHosts = mkOption { virtualHosts = mkOption {
type = types.attrsOf (types.submodule (import ./vhost-options.nix { type = types.attrsOf (types.submodule (import ./vhost-options.nix {
inherit lib; inherit lib;