diff options
| author | Aaron Andersen <aaron@fosslib.net> | 2021-08-14 08:35:30 -0400 |
|---|---|---|
| committer | Aaron Andersen <aaron@fosslib.net> | 2021-08-20 10:29:16 -0400 |
| commit | 98e354074fdd30c23b8d64f5bc963d6a2c87a231 (patch) | |
| tree | f3e5db1ac0f97d794130096b4076427cc3ba3fd7 /nixos | |
| parent | 57362d7d3ca6976c6c65fe4be85dc048152b7d3f (diff) | |
nixos/httpd: add virtualHosts.<name>.listenAddresses option
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/default.nix | 11 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/vhost-options.nix | 21 |
2 files changed, 25 insertions, 7 deletions
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index df7035c03cc2..17cfdfb24462 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -36,11 +36,12 @@ let dependentCertNames = unique (map (hostOpts: hostOpts.certName) acmeEnabledVhosts); mkListenInfo = hostOpts: - if hostOpts.listen != [] then hostOpts.listen - else ( - optional (hostOpts.onlySSL || hostOpts.addSSL || hostOpts.forceSSL) { ip = "*"; port = 443; ssl = true; } ++ - optional (!hostOpts.onlySSL) { ip = "*"; port = 80; ssl = false; } - ); + if hostOpts.listen != [] then + hostOpts.listen + else + optionals (hostOpts.onlySSL || hostOpts.addSSL || hostOpts.forceSSL) (map (addr: { ip = addr; port = 443; ssl = true; }) hostOpts.listenAddresses) ++ + optionals (!hostOpts.onlySSL) (map (addr: { ip = addr; port = 80; ssl = false; }) hostOpts.listenAddresses) + ; listenInfo = unique (concatMap mkListenInfo vhosts); diff --git a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix index 394f9a305546..3f732a5c9f33 100644 --- a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix +++ b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix @@ -47,10 +47,27 @@ in ]; description = '' Listen addresses and ports for this virtual host. - <note><para> + <note> + <para> This option overrides <literal>addSSL</literal>, <literal>forceSSL</literal> and <literal>onlySSL</literal>. - </para></note> + </para> + <para> + If you only want to set the addresses manually and not the ports, take a look at <literal>listenAddresses</literal>. + </para> + </note> + ''; + }; + + listenAddresses = mkOption { + type = with types; nonEmptyListOf str; + + description = '' + Listen addresses for this virtual host. + Compared to <literal>listen</literal> this only sets the addreses + and the ports are chosen automatically. ''; + default = [ "*" ]; + example = [ "127.0.0.1" ]; }; enableSSL = mkOption { |