diff options
author | Daniel Olsen <daniel.olsen99@gmail.com> | 2022-01-24 02:13:00 +0100 |
---|---|---|
committer | Daniel Olsen <daniel.olsen99@gmail.com> | 2022-01-24 02:20:30 +0100 |
commit | ab7e6995ac9df61ceac5188a0ec499e4eb3a825b (patch) | |
tree | f4fe52fdee71c648e96f0528a2bad2c002d931f0 /nixos | |
parent | 39ea4300929dad60dd283a4c9847763495d8fa89 (diff) |
nixos/nginx: Add defaultListenAddresses option
Lets you specify the default listen address if none are listed in the vhost configuration. Useful for hosts with more than one ip
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 41bce3669c585..a8610047f5f3b 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -245,12 +245,9 @@ let defaultListen = if vhost.listen != [] then vhost.listen else - let addrs = if vhost.listenAddresses != [] then vhost.listenAddresses else ( - [ "0.0.0.0" ] ++ optional enableIPv6 "[::0]" - ); - in - optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = 443; ssl = true; }) addrs) - ++ optionals (!onlySSL) (map (addr: { inherit addr; port = 80; ssl = false; }) addrs); + let addrs = if vhost.listenAddresses != [] then vhost.listenAddresses else cfg.defaultListenAddresses; + in optionals (hasSSL || vhost.rejectSSL) (map (addr: { inherit addr; port = 443; ssl = true; }) addrs) + ++ optionals (!onlySSL) (map (addr: { inherit addr; port = 80; ssl = false; }) addrs); hostListen = if vhost.forceSSL @@ -432,6 +429,16 @@ in "; }; + defaultListenAddresses = mkOption { + type = types.listOf types.str; + default = [ "0.0.0.0" ] ++ optional enableIPv6 "[::0]"; + defaultText = literalExpression ''[ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"''; + example = literalExpression ''[ "10.0.0.12" "[2002:a00:1::]" ]''; + description = " + If vhosts do not specify listenAddresses, use these addresses by default. + "; + }; + package = mkOption { default = pkgs.nginxStable; defaultText = literalExpression "pkgs.nginxStable"; |