diff options
Diffstat (limited to 'nixos/modules/services/web-servers/apache-httpd/default.nix')
-rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/default.nix | 55 |
1 files changed, 13 insertions, 42 deletions
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index a8fb11f114ec..bf99f6c132af 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -8,8 +8,6 @@ let httpd = mainCfg.package.out; - version24 = !versionOlder httpd.version "2.4"; - httpdConf = mainCfg.configFile; php = mainCfg.phpPackage.override { apacheHttpd = httpd.dev; /* otherwise it only gets .out */ }; @@ -107,11 +105,10 @@ let "auth_basic" "auth_digest" # Authentication: is the user who he claims to be? - "authn_file" "authn_dbm" "authn_anon" - (if version24 then "authn_core" else "authn_alias") + "authn_file" "authn_dbm" "authn_anon" "authn_core" # Authorization: is the user allowed access? - "authz_user" "authz_groupfile" "authz_host" + "authz_user" "authz_groupfile" "authz_host" "authz_core" # Other modules. "ext_filter" "include" "log_config" "env" "mime_magic" @@ -119,14 +116,9 @@ let "mime" "dav" "status" "autoindex" "asis" "info" "dav_fs" "vhost_alias" "negotiation" "dir" "imagemap" "actions" "speling" "userdir" "alias" "rewrite" "proxy" "proxy_http" - ] - ++ optionals version24 [ + "unixd" "cache" "cache_disk" "slotmem_shm" "socache_shmcb" "mpm_${mainCfg.multiProcessingModule}" - "authz_core" - "unixd" - "cache" "cache_disk" - "slotmem_shm" - "socache_shmcb" + # For compatibility with old configurations, the new module mod_access_compat is provided. "access_compat" ] @@ -135,19 +127,8 @@ let ++ extraApacheModules; - allDenied = if version24 then '' - Require all denied - '' else '' - Order deny,allow - Deny from all - ''; - - allGranted = if version24 then '' - Require all granted - '' else '' - Order allow,deny - Allow from all - ''; + allDenied = "Require all denied"; + allGranted = "Require all granted"; loggingConf = (if mainCfg.logFormat != "none" then '' @@ -180,9 +161,9 @@ let sslConf = '' - SSLSessionCache ${if version24 then "shmcb" else "shm"}:${mainCfg.stateDir}/ssl_scache(512000) + SSLSessionCache shmcb:${mainCfg.stateDir}/ssl_scache(512000) - ${if version24 then "Mutex" else "SSLMutex"} posixsem + Mutex posixsem SSLRandomSeed startup builtin SSLRandomSeed connect builtin @@ -322,9 +303,7 @@ let ServerRoot ${httpd} - ${optionalString version24 '' - DefaultRuntimeDir ${mainCfg.stateDir}/runtime - ''} + DefaultRuntimeDir ${mainCfg.stateDir}/runtime PidFile ${mainCfg.stateDir}/httpd.pid @@ -397,14 +376,6 @@ let # Generate directives for the main server. ${perServerConf true mainCfg} - # Always enable virtual hosts; it doesn't seem to hurt. - ${let - listen = concatMap getListen allHosts; - uniqueListen = uniqList {inputList = listen;}; - directives = concatMapStrings (listen: "NameVirtualHost ${listenToString listen}\n") uniqueListen; - in optionalString (!version24) directives - } - ${let makeVirtualHost = vhost: '' <VirtualHost ${concatStringsSep " " (map listenToString (getListen vhost))}> @@ -717,10 +688,10 @@ in '' mkdir -m 0750 -p ${mainCfg.stateDir} [ $(id -u) != 0 ] || chown root.${mainCfg.group} ${mainCfg.stateDir} - ${optionalString version24 '' - mkdir -m 0750 -p "${mainCfg.stateDir}/runtime" - [ $(id -u) != 0 ] || chown root.${mainCfg.group} "${mainCfg.stateDir}/runtime" - ''} + + mkdir -m 0750 -p "${mainCfg.stateDir}/runtime" + [ $(id -u) != 0 ] || chown root.${mainCfg.group} "${mainCfg.stateDir}/runtime" + mkdir -m 0700 -p ${mainCfg.logDir} # Get rid of old semaphores. These tend to accumulate across |