diff options
author | tv <tv@krebsco.de> | 2016-02-08 03:23:28 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-02-08 03:35:29 +0100 |
commit | 8e93530796982db49ddeb06201d2f5bb57d51ccc (patch) | |
tree | 0c2982f48ca668cc034f4c10485c6a5b0e841d81 /lass/3modules/wordpress_nginx.nix | |
parent | 7a9f130c1230faf9662000dbd9ba8f06170bf254 (diff) | |
parent | 5856d240888e89dbed141087c9580026f52dff59 (diff) |
Merge remote-tracking branch 'cloudkrebs/master'
Diffstat (limited to 'lass/3modules/wordpress_nginx.nix')
-rw-r--r-- | lass/3modules/wordpress_nginx.nix | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix index 974aacd83..bfed9e7c6 100644 --- a/lass/3modules/wordpress_nginx.nix +++ b/lass/3modules/wordpress_nginx.nix @@ -53,6 +53,23 @@ let "1" = "test.testsite.de"; }; }; + ssl = mkOption { + type = with types; submodule ({ + options = { + enable = mkEnableOption "ssl"; + certificate = mkOption { + type = str; + }; + certificate_key = mkOption { + type = str; + }; + ciphers = mkOption { + type = str; + default = "AES128+EECDH:AES128+EDH"; + }; + }; + }); + }; }; })); default = {}; @@ -68,7 +85,7 @@ let # } #''; - krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, multiSite, ... }: { + krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, multiSite, ssl, ... }: { server-names = [ "${domain}" "www.${domain}" @@ -114,7 +131,17 @@ let error_log /tmp/nginx_err.log; error_page 404 /404.html; error_page 500 502 503 504 /50x.html; + ${if ssl.enable then '' + ssl_certificate ${ssl.certificate}; + ssl_certificate_key ${ssl.certificate_key}; + '' else ""} + ''; + listen = (if ssl.enable then + [ "80" "443 ssl" ] + else + "80" + ); }); services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, folder, ... }: '' listen = ${folder}/phpfpm.pool |