Nginx: Difference between revisions
imported>Makefu add note about nixos options |
imported>Makefu m spacing |
||
| Line 4: | Line 4: | ||
In wake of the 2022 openssl library, nix can support in mitigating the library by downgrading (or replacing) the SSL library. For this, the [[Overlay|overlay]] facility of nixpkgs can be used: | In wake of the 2022 openssl library, nix can support in mitigating the library by downgrading (or replacing) the SSL library. For this, the [[Overlay|overlay]] facility of nixpkgs can be used: | ||
<syntaxHighlight lang=nix> | <syntaxHighlight lang=nix> | ||
nixpkgs.overlays = [ | |||
(final: super: { | |||
nginxStable = super.nginxStable.override { openssl = super.pkgs.libressl; }; | |||
} ) | |||
]; | |||
</syntaxHighlight> | </syntaxHighlight> | ||
When utilizing Nixos options the following configuration will also work: | When utilizing Nixos options the following configuration will also work: | ||
<syntaxHighlight lang=nix> | <syntaxHighlight lang=nix> | ||
services.nginx.package = pkgs.nginxStable.override { openssl = pkgs.libressl; }; | |||
</syntaxHighlight> | </syntaxHighlight> | ||