2020-04-24 23:36:52 +00:00
|
|
|
# This file defines the options that can be used both for the Nginx
|
|
|
|
# main server configuration, and for the virtual hosts. (The latter
|
|
|
|
# has additional options that affect the web server as a whole, like
|
|
|
|
# the user/group to run under.)
|
|
|
|
|
2022-06-26 10:26:21 +00:00
|
|
|
{ lib, config }:
|
2020-04-24 23:36:52 +00:00
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
{
|
|
|
|
options = {
|
2020-11-03 02:18:15 +00:00
|
|
|
basicAuth = mkOption {
|
|
|
|
type = types.attrsOf types.str;
|
|
|
|
default = {};
|
2021-10-06 13:57:05 +00:00
|
|
|
example = literalExpression ''
|
2020-11-03 02:18:15 +00:00
|
|
|
{
|
|
|
|
user = "password";
|
|
|
|
};
|
|
|
|
'';
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-11-03 02:18:15 +00:00
|
|
|
Basic Auth protection for a vhost.
|
|
|
|
|
|
|
|
WARNING: This is implemented to store the password in plain text in the
|
|
|
|
Nix store.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
basicAuthFile = mkOption {
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
default = null;
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-11-03 02:18:15 +00:00
|
|
|
Basic Auth password file for a vhost.
|
2022-08-21 13:32:41 +00:00
|
|
|
Can be created via: {command}`htpasswd -c <filename> <username>`.
|
2020-11-03 02:18:15 +00:00
|
|
|
|
|
|
|
WARNING: The generate file contains the users' passwords in a
|
|
|
|
non-cryptographically-securely hashed way.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2020-04-24 23:36:52 +00:00
|
|
|
proxyPass = mkOption {
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
default = null;
|
|
|
|
example = "http://www.example.org/";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Adds proxy_pass directive and sets recommended proxy headers if
|
|
|
|
recommendedProxySettings is enabled.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
proxyWebsockets = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
example = true;
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2021-02-05 17:12:51 +00:00
|
|
|
Whether to support proxying websocket connections with HTTP/1.1.
|
2020-04-24 23:36:52 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
index = mkOption {
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
default = null;
|
|
|
|
example = "index.php index.html";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Adds index directive.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
tryFiles = mkOption {
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
default = null;
|
|
|
|
example = "$uri =404";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Adds try_files directive.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
root = mkOption {
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
default = null;
|
|
|
|
example = "/your/root/directory";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Root directory for requests.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
alias = mkOption {
|
|
|
|
type = types.nullOr types.path;
|
|
|
|
default = null;
|
|
|
|
example = "/your/alias/directory";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Alias directory for requests.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
return = mkOption {
|
2024-01-02 11:29:13 +00:00
|
|
|
type = with types; nullOr (oneOf [ str int ]);
|
2020-04-24 23:36:52 +00:00
|
|
|
default = null;
|
|
|
|
example = "301 http://example.com$request_uri";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Adds a return directive, for e.g. redirections.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2021-01-05 17:05:55 +00:00
|
|
|
fastcgiParams = mkOption {
|
2021-12-19 01:06:50 +00:00
|
|
|
type = types.attrsOf (types.either types.str types.path);
|
2021-01-05 17:05:55 +00:00
|
|
|
default = {};
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2021-01-05 17:05:55 +00:00
|
|
|
FastCGI parameters to override. Unlike in the Nginx
|
|
|
|
configuration file, overriding only some default parameters
|
|
|
|
won't unset the default values for other parameters.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2020-04-24 23:36:52 +00:00
|
|
|
extraConfig = mkOption {
|
|
|
|
type = types.lines;
|
|
|
|
default = "";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
These lines go to the end of the location verbatim.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
priority = mkOption {
|
|
|
|
type = types.int;
|
|
|
|
default = 1000;
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2020-04-24 23:36:52 +00:00
|
|
|
Order of this location block in relation to the others in the vhost.
|
|
|
|
The semantics are the same as with `lib.mkOrder`. Smaller values have
|
|
|
|
a greater priority.
|
|
|
|
'';
|
|
|
|
};
|
2022-06-26 10:26:21 +00:00
|
|
|
|
|
|
|
recommendedProxySettings = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = config.services.nginx.recommendedProxySettings;
|
|
|
|
defaultText = literalExpression "config.services.nginx.recommendedProxySettings";
|
2022-08-21 13:32:41 +00:00
|
|
|
description = lib.mdDoc ''
|
2022-06-26 10:26:21 +00:00
|
|
|
Enable recommended proxy settings.
|
|
|
|
'';
|
|
|
|
};
|
2020-04-24 23:36:52 +00:00
|
|
|
};
|
|
|
|
}
|