Nginx: Difference between revisions
imported>Srid →Sample setups: The email attribute is needed for trusted certs in browser |
imported>Fadenb m Mark security.acme.certs as optional in the example |
||
Line 4: | Line 4: | ||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
services.nginx = { | services.nginx = { | ||
enable = true; | enable = true; | ||
Line 15: | Line 12: | ||
}; | }; | ||
} | } | ||
# Optional: You can configure the email address used with Let's Encrypt. | |||
# This way you get renewal reminders (automated by NixOS) as well as expiration emails. | |||
security.acme.certs = { | |||
"blog.example.com".email = "youremail@address.com"; | |||
}; | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 17:21, 8 February 2018
Sample setups
Static blog with ssl enforced in configuration.nix
services.nginx = {
enable = true;
virtualHosts."blog.example.com" = {
enableACME = true;
forceSSL = true;
root = "/var/www/blog";
};
}
# Optional: You can configure the email address used with Let's Encrypt.
# This way you get renewal reminders (automated by NixOS) as well as expiration emails.
security.acme.certs = {
"blog.example.com".email = "youremail@address.com";
};
LEMP stack (Nginx/MySQL/PHP) in configuration.nix
services.nginx = {
enable = true;
virtualHosts."blog.example.com" = {
enableACME = true;
forceSSL = true;
root = "/var/www/blog";
locations."~ \.php$".extraConfig = ''
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
'';
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
};
services.phpfpm.poolConfigs.mypool = ''
listen = 127.0.0.1:9000
user = nobody
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500
'';