parent
75936c412d
commit
356eeb0d4f
@ -0,0 +1,132 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.mighttpd2; |
||||
configFile = pkgs.writeText "mighty-config" cfg.config; |
||||
routingFile = pkgs.writeText "mighty-routing" cfg.routing; |
||||
in { |
||||
options.services.mighttpd2 = { |
||||
enable = mkEnableOption "Mighttpd2 web server"; |
||||
|
||||
config = mkOption { |
||||
default = ""; |
||||
example = '' |
||||
# Example configuration for Mighttpd 2 |
||||
Port: 80 |
||||
# IP address or "*" |
||||
Host: * |
||||
Debug_Mode: Yes # Yes or No |
||||
# If available, "nobody" is much more secure for User:. |
||||
User: root |
||||
# If available, "nobody" is much more secure for Group:. |
||||
Group: root |
||||
Pid_File: /var/run/mighty.pid |
||||
Logging: Yes # Yes or No |
||||
Log_File: /var/log/mighty # The directory must be writable by User: |
||||
Log_File_Size: 16777216 # bytes |
||||
Log_Backup_Number: 10 |
||||
Index_File: index.html |
||||
Index_Cgi: index.cgi |
||||
Status_File_Dir: /usr/local/share/mighty/status |
||||
Connection_Timeout: 30 # seconds |
||||
Fd_Cache_Duration: 10 # seconds |
||||
# Server_Name: Mighttpd/3.x.y |
||||
Tls_Port: 443 |
||||
Tls_Cert_File: cert.pem # should change this with an absolute path |
||||
# should change this with comma-separated absolute paths |
||||
Tls_Chain_Files: chain.pem |
||||
# Currently, Tls_Key_File must not be encrypted. |
||||
Tls_Key_File: privkey.pem # should change this with an absolute path |
||||
Service: 0 # 0 is HTTP only, 1 is HTTPS only, 2 is both |
||||
''; |
||||
type = types.lines; |
||||
description = '' |
||||
Verbatim config file to use |
||||
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html) |
||||
''; |
||||
}; |
||||
|
||||
routing = mkOption { |
||||
default = ""; |
||||
example = '' |
||||
# Example routing for Mighttpd 2 |
||||
|
||||
# Domain lists |
||||
[localhost www.example.com] |
||||
|
||||
# Entries are looked up in the specified order |
||||
# All paths must end with "/" |
||||
|
||||
# A path to CGI scripts should be specified with "=>" |
||||
/~alice/cgi-bin/ => /home/alice/public_html/cgi-bin/ |
||||
|
||||
# A path to static files should be specified with "->" |
||||
/~alice/ -> /home/alice/public_html/ |
||||
/cgi-bin/ => /export/cgi-bin/ |
||||
|
||||
# Reverse proxy rules should be specified with ">>" |
||||
# /path >> host:port/path2 |
||||
# Either "host" or ":port" can be committed, but not both. |
||||
/app/cal/ >> example.net/calendar/ |
||||
# Yesod app in the same server |
||||
/app/wiki/ >> 127.0.0.1:3000/ |
||||
|
||||
/ -> /export/www/ |
||||
''; |
||||
type = types.lines; |
||||
description = '' |
||||
Verbatim routing file to use |
||||
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html) |
||||
''; |
||||
}; |
||||
|
||||
cores = mkOption { |
||||
default = null; |
||||
type = types.nullOr types.int; |
||||
description = '' |
||||
How many cores to use. |
||||
If null it will be determined automatically |
||||
''; |
||||
}; |
||||
|
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
assertions = |
||||
[ { assertion = cfg.routing != ""; |
||||
message = "You need at least one rule in mighttpd2.routing"; |
||||
} |
||||
]; |
||||
systemd.services.mighttpd2 = { |
||||
description = "Mighttpd2 web server"; |
||||
after = [ "network-online.target" ]; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
ExecStart = '' |
||||
${pkgs.haskellPackages.mighttpd2}/bin/mighty \ |
||||
${configFile} \ |
||||
${routingFile} \ |
||||
+RTS -N${optionalString (cfg.cores != null) "${cfg.cores}"} |
||||
''; |
||||
Type = "simple"; |
||||
User = "mighttpd2"; |
||||
Group = "mighttpd2"; |
||||
Restart = "on-failure"; |
||||
AmbientCapabilities = "cap_net_bind_service"; |
||||
CapabilityBoundingSet = "cap_net_bind_service"; |
||||
}; |
||||
}; |
||||
|
||||
users.extraUsers.mighttpd2 = { |
||||
group = "mighttpd2"; |
||||
uid = config.ids.uids.mighttpd2; |
||||
isSystemUser = true; |
||||
}; |
||||
|
||||
users.extraGroups.mighttpd2.gid = config.ids.gids.mighttpd2; |
||||
}; |
||||
|
||||
meta.maintainers = with lib.maintainers; [ fgaz ]; |
||||
} |
Loading…
Reference in new issue