dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #56496 from bachp/nextcloud-nginx-recommended

Browse Source 
nixos/nextcloud: Update recommended nginx settings
This commit is contained in:
Franz Pletz 2019-03-02 01:18:18 +00:00 committed by GitHub
commit 542e384916
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -5,14 +5,18 @@ with lib;
let
cfg = config.services.nextcloud;
phpPackage = pkgs.php73;
phpPackages = pkgs.php73Packages;
toKeyValue = generators.toKeyValue {
mkKeyValue = generators.mkKeyValueDefault {} " = ";
};
phpOptionsExtensions = ''
${optionalString cfg.caching.apcu "extension=${cfg.phpPackages.apcu}/lib/php/extensions/apcu.so"}
${optionalString cfg.caching.redis "extension=${cfg.phpPackages.redis}/lib/php/extensions/redis.so"}
${optionalString cfg.caching.memcached "extension=${cfg.phpPackages.memcached}/lib/php/extensions/memcached.so"}
${optionalString cfg.caching.apcu "extension=${phpPackages.apcu}/lib/php/extensions/apcu.so"}
${optionalString cfg.caching.redis "extension=${phpPackages.redis}/lib/php/extensions/redis.so"}
${optionalString cfg.caching.memcached "extension=${phpPackages.memcached}/lib/php/extensions/memcached.so"}
extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
zend_extension = opcache.so
opcache.enable = 1
'';
@ -94,18 +98,6 @@ in {
'';
};
phpPackages = mkOption {
type = types.attrs;
default = pkgs.php71Packages;
defaultText = "pkgs.php71Packages";
description = ''
Overridable attribute of the PHP packages set to use. If any caching
module is enabled, it will be taken from here. Therefore it should
match the version of PHP given to
<literal>services.phpfpm.phpPackage</literal>.
'';
};
phpOptions = mkOption {
type = types.attrsOf types.str;
default = {
@ -373,14 +365,14 @@ in {
};
services.phpfpm = {
phpOptions = phpOptionsExtensions;
phpPackage = pkgs.php71;
pools.nextcloud = let
phpAdminValues = (toKeyValue
(foldr (a: b: a // b) {}
(mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; })
phpOptions)));
in {
phpOptions = phpOptionsExtensions;
phpPackage = phpPackage;
listen = "/run/phpfpm/nextcloud";
extraConfig = ''
listen.owner = nginx
@ -421,7 +413,7 @@ in {
};
"/" = {
priority = 200;
extraConfig = "rewrite ^ /index.php$uri;";
extraConfig = "rewrite ^ /index.php$request_uri;";
};
"~ ^/store-apps" = {
priority = 201;
@ -458,22 +450,23 @@ in {
fastcgi_read_timeout 120s;
'';
};
"~ ^/(?:updater|ocs-provider)(?:$|/)".extraConfig = ''
"~ ^/(?:updater|ocs-provider|ocm-provider)(?:$|\/)".extraConfig = ''
try_files $uri/ =404;
index index.php;
'';
"~ \\.(?:css|js|woff|svg|gif)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args;
"~ \\.(?:css|js|woff2?|svg|gif)$".extraConfig = ''
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
access_log off;
'';
"~ \\.(?:png|html|ttf|ico|jpg|jpeg)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args;
try_files $uri /index.php$request_uri;
access_log off;
'';
};
@ -483,10 +476,12 @@ in {
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
client_max_body_size ${cfg.maxUploadSize};
fastcgi_buffers 64 4K;
fastcgi_hide_header X-Powered-By;
gzip on;
gzip_vary on;
gzip_comp_level 4;