Nginx: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 35: / Line 35: @@
    };
 };
-# Optional: You can configure the email address used with Let's Encrypt.
-# This way you get renewal reminders (automated by NixOS) as well as expiration emails.
+networking.firewall.allowedTCPPorts = [ 80 443 ];
-security.acme.certs = {
-   "blog.example.com".email = "youremail@address.com";
+security.acme = {
+  # Accept the CA’s terms of service. The default provider is Let’s Encrypt, you can find their ToS at https://letsencrypt.org/repository/.
+  acceptTerms = true;
+  # Optional: You can configure the email address used with Let's Encrypt.
+  # This way you get renewal reminders (automated by NixOS) as well as expiration emails.
+   defaults.email = "youremail@address.com";
 };
 </syntaxhighlight>
@@ Line 441: / Line 446: @@
 services.nginx.package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
 </syntaxHighlight>
+== Extra config ==
+Appart native options, Nix allows to specify verbatim Nginx configuration. Some options are mutually exclusive.
+Below table assumes "services.nginx." prefix for all options. These options allows to keep using Nix configuration file while taking advantage of Nginx features which are not representend in options.
+{| class="wikitable"
+|+
+!Options
+!Block
+!Behaviour
+|-
+|config
+|nginx.conf
+|Verbatim <code>nginx.conf</code> configuration
+|-
+|appendConfig
+|nginx.conf
+|Lines appended to the generated Nginx configuration file
+|-
+|httpConfig
+|http block
+|exclusive with the structured configuration via virtualHosts
+|-
+|appendHttpConfig
+|http block
+|lines appended. exclusive with using config and httpConfig
+|-
+|virtualHosts.<name>.extraConfig
+|server
+|These lines go to the end of the vhost verbatim.
+|-
+|virtualHosts.<name>.locations.<name>.extraConfig
+|server
+|These lines go to the end of the location  verbatim
+|}
 == See more ==