diff options
Diffstat (limited to 'nixos/modules/services/web-servers/lighttpd/default.nix')
-rw-r--r-- | nixos/modules/services/web-servers/lighttpd/default.nix | 95 |
1 files changed, 82 insertions, 13 deletions
diff --git a/nixos/modules/services/web-servers/lighttpd/default.nix b/nixos/modules/services/web-servers/lighttpd/default.nix index fc9487ab4859..06f310eeb933 100644 --- a/nixos/modules/services/web-servers/lighttpd/default.nix +++ b/nixos/modules/services/web-servers/lighttpd/default.nix @@ -8,12 +8,54 @@ let cfg = config.services.lighttpd; - needModRedirect = cfg.gitweb.enable; - needModAlias = cfg.cgit.enable || cfg.gitweb.enable; - needModSetenv = cfg.cgit.enable || cfg.gitweb.enable; - needModCgi = cfg.cgit.enable || cfg.gitweb.enable; - needModStatus = cfg.mod_status; - needModUserdir = cfg.mod_userdir; + # List of known lighttpd modules, ordered by how the lighttpd documentation + # recommends them being imported: + # http://redmine.lighttpd.net/projects/1/wiki/Server_modulesDetails + # + # Some modules are always imported and should not appear in the config: + # disallowedModules = [ "mod_indexfile" "mod_dirlisting" "mod_staticfile" ]; + # + # Get full module list: "ls -1 $lighttpd/lib/*.so" + allKnownModules = [ + "mod_rewrite" + "mod_redirect" + "mod_alias" + "mod_access" + "mod_auth" + "mod_status" + "mod_simple_vhost" + "mod_evhost" + "mod_userdir" + "mod_secdownload" + "mod_fastcgi" + "mod_proxy" + "mod_cgi" + "mod_ssi" + "mod_compress" + "mod_usertrack" + "mod_expire" + "mod_rrdtool" + "mod_accesslog" + # Remaining list of modules, order assumed to be unimportant. + "mod_cml" + "mod_dirlisting" + "mod_evasive" + "mod_extforward" + "mod_flv_streaming" + "mod_magnet" + "mod_mysql_vhost" + "mod_rewrite" + "mod_scgi" + "mod_setenv" + "mod_trigger_b4_dl" + "mod_webdav" + ]; + + maybeModuleString = moduleName: + if elem moduleName cfg.enableModules then ''"${moduleName}"'' else ""; + + modulesIncludeString = concatStringsSep ",\n" + (filter (x: x != "") (map maybeModuleString allKnownModules)); configFile = if cfg.configText != "" then pkgs.writeText "lighttpd.conf" '' @@ -38,13 +80,7 @@ let # been loaded already. So if two services were to put the same module in # server.modules += (), that would break the lighttpd configuration. server.modules = ( - ${optionalString needModRedirect ''"mod_redirect",''} - ${optionalString needModAlias ''"mod_alias",''} - ${optionalString needModSetenv ''"mod_setenv",''} - ${optionalString needModCgi ''"mod_cgi",''} - ${optionalString needModStatus ''"mod_status",''} - ${optionalString needModUserdir ''"mod_userdir",''} - "mod_accesslog" + ${modulesIncludeString} ) # Logging (logs end up in systemd journal) @@ -117,6 +153,19 @@ in ''; }; + enableModules = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "mod_cgi" "mod_status" ]; + description = '' + List of lighttpd modules to enable. Sub-services take care of + enabling modules as needed, so this option is mainly for when you + want to add custom stuff to + <option>services.lighttpd.extraConfig</option> that depends on a + certain module. + ''; + }; + mod_status = mkOption { default = false; type = types.uniq types.bool; @@ -152,6 +201,26 @@ in config = mkIf cfg.enable { + assertions = [ + { assertion = all (x: elem x allKnownModules) cfg.enableModules; + message = '' + One (or more) modules in services.lighttpd.enableModules are + unrecognized. + + Known modules: ${toString allKnownModules} + + services.lighttpd.enableModules: ${toString cfg.enableModules} + ''; + } + ]; + + services.lighttpd.enableModules = mkMerge + [ (mkIf cfg.mod_status [ "mod_status" ]) + (mkIf cfg.mod_userdir [ "mod_userdir" ]) + # always load mod_accesslog so that we can log to the journal + [ "mod_accesslog" ] + ]; + systemd.services.lighttpd = { description = "Lighttpd Web Server"; after = [ "network.target" ]; |