diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 7350a6a68c70..e3f1a7fb1bda 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -117,6 +117,7 @@ let ] ++ (if mainCfg.multiProcessingModule == "prefork" then [ "cgi" ] else [ "cgid" ]) ++ optional enableSSL "ssl" + ++ optional mainCfg.enableCompression "deflate" ++ extraApacheModules; @@ -176,6 +177,27 @@ let SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!EXP ''; + # From http://paulstamatiou.com/how-to-optimize-your-apache-site-with-mod-deflate/ + compressConf = '' + SetOutputFilter DEFLATE + + # Don't compress binaries + SetEnvIfNoCase Request_URI .(?:exe|t?gz|zip|iso|tar|bz2|sit|rar) no-gzip dont-vary + # Don't compress images + SetEnvIfNoCase Request_URI .(?:gif|jpe?g|jpg|ico|png) no-gzip dont-vary + # Don't compress PDFs + SetEnvIfNoCase Request_URI .pdf no-gzip dont-vary + # Don't compress flash files (only relevant if you host your own videos) + SetEnvIfNoCase Request_URI .flv no-gzip dont-vary + # Netscape 4.X has some problems + BrowserMatch ^Mozilla/4 gzip-only-text/html + # Netscape 4.06-4.08 have some more problems + BrowserMatch ^Mozilla/4.0[678] no-gzip + # MSIE masquerades as Netscape, but it is fine + BrowserMatch \bMSIE !no-gzip !gzip-only-text/html + # Make sure proxies don't deliver the wrong content + Header append Vary User-Agent env=!dont-vary + ''; mimeConf = '' TypesConfig ${httpd}/conf/mime.types @@ -351,6 +373,7 @@ let ${mimeConf} ${loggingConf} ${browserHacks} + ${optionalString mainCfg.enableCompression compressConf} Include ${httpd}/conf/extra/httpd-default.conf Include ${httpd}/conf/extra/httpd-autoindex.conf @@ -423,7 +446,7 @@ in enable = mkOption { type = types.bool; default = false; - description = "Whether to enable the Apache HTTP Server."; + description = "Enable the Apache HTTP Server."; }; package = mkOption { @@ -586,6 +609,12 @@ in description = "Maximum number of httpd requests answered per httpd child (prefork), 0 means unlimited"; }; + + enableCompression = mkOption { + type = types.bool; + default = false; + description = "Enable compression of responses using mod_deflate."; + }; } # Include the options shared between the main server and virtual hosts.