Aaron Andersen
dd610ce84f
nixos/httpd: disable TLSv1 by default for better security
2019-02-07 14:05:44 -05:00
aanderse
c6cd07707b
nixos/httpd: rename apache log files to have a .log file extension ( #54529 )
...
nixos/httpd: rename apache log files to have a .log file extension
2019-01-31 04:04:58 +02:00
Aaron Andersen
fd5a88687c
nixos/httpd: add options sslCiphers & sslProtocols
2019-01-09 11:30:19 -05:00
volth
87f5930c3f
[bot]: remove unreferenced code
2018-07-20 18:48:37 +00:00
Silvan Mosberger
b9c95c7d60
httpd: Fix typo
2018-07-13 02:59:00 +02:00
Florian Klink
fff5923686
nixos/modules: users.(extraUsers|extraGroup->users|group)
2018-06-30 03:02:58 +02:00
Bas van Dijk
527781ebc4
apache-httpd: fix nix evaluation error
...
This only sets the timezone when it's not null to prevent:
error: cannot coerce null to a string, at
nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Ekaterina Vaartis
c0df448d54
apache-httpd: fix mod_perl by refering to apacheHttpdPackages ( #26579 )
2017-06-15 13:07:14 +02:00
Joachim Schiele
d491728653
httpd: added serviceExpression which extends the serviceType concept -> allows that httpd services can live outside of nixpkgs ( #22269 )
2017-02-06 01:08:58 +01:00
Dan Peebles
df7b4f4f6f
httpd module: don't create documentRoot directory if it doesn't exist
...
It hides bugs and do you ever actually want to serve up an empty directory?
It was pretty confusing to me when it tried to write into a read-only store
path because I accidentally pointed it to the wrong store path.
2017-01-05 21:19:16 -05:00
Rok Garbas
e6fa6b21e1
apacheHttpdPackages.mod_perl: init at 2.0.10
2016-12-22 13:36:44 +01:00
Marc Weber
b51f165334
apache-httpd
...
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Eric Sagnes
ff074ec7a4
apache-httpd: add phpPackage option
2016-06-22 21:24:25 +09:00
Kranium Gikos Mendoza
25fbac5b52
mod_auth_mellon: init at 0.12.0
2016-05-23 02:02:25 +08:00
Eric Sagnes
a8bc5b67f8
php: add default php.ini
2016-04-29 15:26:20 +09:00
Vladimír Čunát
30f14243c3
Merge branch 'master' into closure-size
...
Comparison to master evaluations on Hydra:
- 1255515 for nixos
- 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Eelco Dolstra
133e6e1ea6
httpd.service: Support reload
...
This is useful when ACME has generated a new TLS certificate.
2016-04-07 17:53:46 +02:00
Vladimír Čunát
c801cd1a04
php: fixup build when configured with httpd via nixos
2016-03-11 11:54:53 +01:00
Vladimír Čunát
09af15654f
Merge master into closure-size
...
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra
f3d94cfc23
Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
...
This reverts commit cad8957eab
. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel
cad8957eab
Add the tool "nixos-typecheck" that can check an option declaration to:
...
- Enforce that an option declaration has a "defaultText" if and only if the
type of the option derives from "package", "packageSet" or "nixpkgsConfig"
and if a "default" attribute is defined.
- Enforce that the value of the "example" attribute is wrapped with "literalExample"
if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".
- Warn if a "defaultText" is defined in an option declaration if the type of
the option does not derive from "package", "packageSet" or "nixpkgsConfig".
- Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
zimbatm
a7715e3e06
Merge pull request #10231 from zimbatm/apache-intermediate-ssl
...
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Vladimír Čunát
716aac2519
Merge branch 'staging' into closure-size
2016-01-19 09:55:31 +01:00
Thomas Strobel
a04a7272aa
Add missing 'type', 'defaultText' and 'literalExample' in module definitions
...
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Tuomas Tynkkynen
58dfef2792
treewide: Fix references to apacheHttpd_2_*
2015-10-28 10:23:03 +01:00
zimbatm
f5f039eeb4
apache-httpd: harden default SSL cipher list
...
A couple of tweaks on the SSL cipher list.
Disabled RC4 which is now considered broken.
https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what
Enabled Forward Secrecy for modern browsers.
https://en.wikipedia.org/wiki/Forward_secrecy
Without the change, NixOS servers are capped at Grade B on
https://www.ssllabs.com/ssltest/index.html
2015-10-05 17:19:53 +01:00
Eelco Dolstra
9d82f7e53e
Revert "Apache service module: allow compression"
...
This reverts commit 164f6ff2a8
per
https://github.com/NixOS/nixpkgs/pull/9407#issuecomment-134523359
(it's too site-specific). Furthermore this should be an option at the
virtual host level.
2015-08-28 12:41:06 +02:00
Wout Mertens
164f6ff2a8
Apache service module: allow compression
2015-08-23 15:13:52 +02:00
Eelco Dolstra
9fa19cfcea
apache-httpd: Don't set default content encodings
...
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.
If people want such encodings, they should set them in their own NixOS
configuration.
2015-07-07 12:12:49 +02:00
Peter Feigl
e5b3918f85
apache-httpd: adding support for sslServerChain
2015-04-13 15:41:10 +02:00
Eelco Dolstra
8cb3e3b864
httpd: Disable insecure protocols/ciphers by default
...
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
Matej Cotman
6630e3e4fe
apache-httpd: add restartSec option
2015-01-21 22:49:22 +01:00
Eelco Dolstra
cfe26e4438
Fix using Apache httpd 2.2
2014-12-15 13:13:17 +01:00
Longrin Wischnewski
490232bd2e
apache-httpd: add mod_access_compat for compatibility with old httpd-22 configurations
2014-11-12 13:18:02 +01:00
Rickard Nilsson
2b3c3d0e32
Fixes to Apache 2.4 configuration
2014-11-06 21:58:40 +01:00
Eelco Dolstra
b3eb981a95
apache-httpd: Make 2.4 the default
...
The NixOS 14.11 release is a good time to finally make 2.4 the
default.
2014-11-06 14:55:44 +01:00
Eelco Dolstra
0de982d75b
httpd: Add option for specifying robots.txt
2014-09-18 19:05:26 +02:00
Eelco Dolstra
837a0c05e5
httpd: Don't emit robots.txt if there are no robots entries
2014-09-18 18:48:28 +02:00
aszlig
8a56a55bb4
nixos/manual: Use literalExample when feasible.
...
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.
Thanks to @devhell for reporting.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 23:41:15 +02:00
Michael Raskin
c0da615c02
Merge pull request #3230 from robberer/module/httpd
...
httpd: disable logging when logFormat = "none"
2014-08-23 11:37:48 +04:00
Peter Simons
2d326e5032
Merge remote-tracking branch 'origin/master' into staging.
...
Conflicts:
pkgs/desktops/e18/enlightenment.nix
2014-08-04 16:51:47 +02:00
Chris Farmiloe
34890e7c2a
nixos: Add enablePHP convinence option to services.httpd module to mimic subservices option
...
Fixes #2699
2014-08-03 21:11:45 +02:00
System administrator
cab929c6c2
httpd: disable logging when logFormat = "none"
2014-07-10 14:32:08 +02:00
Eelco Dolstra
06fc1ec34d
Merge remote-tracking branch 'origin/master' into staging
...
Conflicts:
pkgs/servers/serfdom/default.nix
2014-07-01 11:25:41 +02:00
Eelco Dolstra
40f7b0f9df
Another attempt to eradicate ensureDir
...
See c556a6ea46
.
2014-06-30 14:56:10 +02:00
Kirill Elagin
f81434bdfe
Fix trying to add users to non-existent groups
2014-06-11 13:36:15 +04:00
Kirill Elagin
1208dd4df0
Fix configuring apache with extra user/group
...
This fix is consistent with all the other modules.
2014-06-11 13:17:42 +04:00
Kirill Elagin
80721cdd41
Revert "Fix configuring httpd with custom user/group."
...
This reverts commit 08f9da2e8e
.
2014-06-11 13:17:00 +04:00
Rob Vermaas
08f9da2e8e
Fix configuring httpd with custom user/group.
2014-06-11 10:18:37 +02:00
Eelco Dolstra
4fb50f071f
Manual: Typo fixes
2014-04-19 22:59:25 +02:00