Nginx: Difference between revisions

← Older edit

VisualWikitext

@@ Line 1: / Line 1: @@
-[https://nginx.org/ {{PAGENAME}}] ([[wikipedia:en:{{PAGENAME}}]]) is a lightweight webserver. Configuration is handled using the {{nixos:option|services.nginx.}} options.
+[https://nginx.org/ {{PAGENAME}}] ([[wikipedia:en:{{PAGENAME}}]]) is a lightweight webserver.
+== Installation ==
+To install Nginx, add the following to your NixOS configuration:{{file|/etc/nixos/configuration.nix|nix|3=services.nginx.enable = true;}}
+More options are available: {{nixos:option|services.nginx.}}
 == Sample setups ==
@@ Line 8: / Line 12: @@
 services.nginx = {
    enable = true;
-   locations."/" = {
+   virtualHosts.localhost = {
-    return = "200 '<html><body>It works</body></html>'";
+    locations."/" = {
-    extraConfig = ''
+      return = "200 '<html><body>It works</body></html>'";
-      default_type text/html;
+      extraConfig = ''
-    '';
+        default_type text/html;
+      '';
+    };
    };
 };
@@ Line 29: / Line 35: @@
    };
 };
-# Optional: You can configure the email address used with Let's Encrypt.
-# This way you get renewal reminders (automated by NixOS) as well as expiration emails.
+networking.firewall.allowedTCPPorts = [ 80 443 ];
-security.acme.certs = {
-   "blog.example.com".email = "youremail@address.com";
+security.acme = {
+  # Accept the CA’s terms of service. The default provider is Let’s Encrypt, you can find their ToS at https://letsencrypt.org/repository/.
+  acceptTerms = true;
+  # Optional: You can configure the email address used with Let's Encrypt.
+  # This way you get renewal reminders (automated by NixOS) as well as expiration emails.
+   defaults.email = "youremail@address.com";
 };
 </syntaxhighlight>
@@ Line 70: / Line 81: @@
    };
 };
+</syntaxhighlight>
+'''Robots.txt'''
+If you want to set a robots.txt for your domain (or any subdomains), add this:
+<syntaxhighlight lang="nix">
+locations."/robots.txt" = {
+  extraConfig = ''
+    rewrite ^/(.*)  $1;
+    return 200 "User-agent: *\nDisallow: /";
+  '';
+};
 </syntaxhighlight>
@@ Line 262: / Line 287: @@
 systemd.services.hedgedoc.serviceConfig.UMask = "0000";
 </syntaxhighlight>
+== Modules ==
+Nginx can be run with optional modules. You can add them like this:
+   services.nginx.package = (pkgs.nginx.override { modules = [
+     pkgs.nginxModules.dav
+     pkgs.nginxModules.lua
+     ...
+   ]; });
+See [https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/http/nginx/modules.nix#L69 this] for a more comprehensive list of modules available via configuration.
 == Let's Encrypt certificates ==
@@ Line 421: / Line 456: @@
 services.nginx.package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
 </syntaxHighlight>
+== Extra config ==
+Apart native options, Nix allows to specify verbatim Nginx configuration. Some options are mutually exclusive.
+Below table assumes "services.nginx." prefix for all options. These options allows to keep using Nix configuration file while taking advantage of Nginx features which are not representend in options.
+{| class="wikitable"
+|+
+!Options
+!Block
+!Behaviour
+|-
+|config
+|nginx.conf
+|Verbatim <code>nginx.conf</code> configuration
+|-
+|appendConfig
+|nginx.conf
+|Lines appended to the generated Nginx configuration file
+|-
+|httpConfig
+|http block
+|exclusive with the structured configuration via virtualHosts
+|-
+|appendHttpConfig
+|http block
+|lines appended. exclusive with using config and httpConfig
+|-
+|virtualHosts.<name>.extraConfig
+|server
+|These lines go to the end of the vhost verbatim.
+|-
+|virtualHosts.<name>.locations.<name>.extraConfig
+|server
+|These lines go to the end of the location  verbatim
+|}
 == See more ==