swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-28 16:10:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

nginx module: fix applying recommended proxy headers

Browse source 
Previously, if proxy_set_header would be used in an extraConfig of
a location, the headers defined in the http block by
recommendedProxySettings would be cleared. As this is not the intended
behaviour, these settings are now included from a separate file if
needed.
This commit is contained in:
Franz Pletz 2017-02-11 04:09:11 +01:00 committed by Robin Gloster
parent 0371f2b5cc
commit 530282eebe
No known key found for this signature in database
GPG key ID: D5C458DF6DD97EDF
2 changed files with 17 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -19,6 +19,16 @@ let
) cfg.virtualHosts;
enableIPv6 = config.networking.enableIPv6;
recommendedProxyConfig = pkgs.writeText "nginx-recommended-proxy-headers.conf" ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Accept-Encoding "";
'';
configFile = pkgs.writeText "nginx.conf" ''
user ${cfg.user} ${cfg.group};
error_log stderr;
@ -74,19 +84,12 @@ let
''}
${optionalString (cfg.recommendedProxySettings) ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Accept-Encoding "";
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_http_version 1.0;
include ${recommendedProxyConfig};
''}
client_max_body_size ${cfg.clientMaxBodySize};
@ -206,7 +209,10 @@ let
) virtualHosts);
mkLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: ''
location ${location} {
${optionalString (config.proxyPass != null) "proxy_pass ${config.proxyPass};"}
${optionalString (config.proxyPass != null) ''
proxy_pass ${config.proxyPass};
${optionalString cfg.recommendedProxySettings "include ${recommendedProxyConfig};"}
''}
${optionalString (config.index != null) "index ${config.index};"}
${optionalString (config.tryFiles != null) "try_files ${config.tryFiles};"}
${optionalString (config.root != null) "root ${config.root};"}

3
nixos/modules/services/web-servers/nginx/location-options.nix
View file

@ -14,7 +14,8 @@ with lib;
default = null;
example = "http://www.example.org/";
description = ''
Adds proxy_pass directive.
Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
'';
};