| blob | cb77c0c6d1cd0fc0698647738bca049914d7b20c |
1 { lib, ... }:
2 { options.services.nghttpx = {
3 enable = lib.mkEnableOption "nghttpx";
5 frontends = lib.mkOption {
6 type = lib.types.listOf (lib.types.submodule (import ./frontend-submodule.nix));
7 description = ''
8 A list of frontend listener specifications.
9 '';
10 example = [
11 { server = {
12 host = "*";
13 port = 80;
14 };
16 params = {
17 tls = "no-tls";
18 };
19 }
20 ];
21 };
23 backends = lib.mkOption {
24 type = lib.types.listOf (lib.types.submodule (import ./backend-submodule.nix));
25 description = ''
26 A list of backend specifications.
27 '';
28 example = [
29 { server = {
30 host = "172.16.0.22";
31 port = 8443;
32 };
33 patterns = [ "/" ];
34 params = {
35 proto = "http/1.1";
36 redirect-if-not-tls = true;
37 };
38 }
39 ];
40 };
42 tls = lib.mkOption {
43 type = lib.types.nullOr (lib.types.submodule (import ./tls-submodule.nix));
44 default = null;
45 description = ''
46 TLS certificate and key paths. Note that this does not enable
47 TLS for a frontend listener, to do so, a frontend
48 specification must set `params.tls` to true.
49 '';
50 example = {
51 key = "/etc/ssl/keys/server.key";
52 crt = "/etc/ssl/certs/server.crt";
53 };
54 };
56 extraConfig = lib.mkOption {
57 type = lib.types.lines;
58 default = "";
59 description = ''
60 Extra configuration options to be appended to the generated
61 configuration file.
62 '';
63 };
65 single-process = lib.mkOption {
66 type = lib.types.bool;
67 default = false;
68 description = ''
69 Run this program in a single process mode for debugging
70 purpose. Without this option, nghttpx creates at least 2
71 processes: master and worker processes. If this option is
72 used, master and worker are unified into a single
73 process. nghttpx still spawns additional process if neverbleed
74 is used. In the single process mode, the signal handling
75 feature is disabled.
77 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-process
78 '';
79 };
81 backlog = lib.mkOption {
82 type = lib.types.int;
83 default = 65536;
84 description = ''
85 Listen backlog size.
87 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backlog
88 '';
89 };
91 backend-address-family = lib.mkOption {
92 type = lib.types.enum [
93 "auto"
94 "IPv4"
95 "IPv6"
96 ];
97 default = "auto";
98 description = ''
99 Specify address family of backend connections. If "auto" is
100 given, both IPv4 and IPv6 are considered. If "IPv4" is given,
101 only IPv4 address is considered. If "IPv6" is given, only IPv6
102 address is considered.
104 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--backend-address-family
105 '';
106 };
108 workers = lib.mkOption {
109 type = lib.types.int;
110 default = 1;
111 description = ''
112 Set the number of worker threads.
114 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-n
115 '';
116 };
118 single-thread = lib.mkOption {
119 type = lib.types.bool;
120 default = false;
121 description = ''
122 Run everything in one thread inside the worker process. This
123 feature is provided for better debugging experience, or for
124 the platforms which lack thread support. If threading is
125 disabled, this option is always enabled.
127 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--single-thread
128 '';
129 };
131 rlimit-nofile = lib.mkOption {
132 type = lib.types.int;
133 default = 0;
134 description = ''
135 Set maximum number of open files (RLIMIT_NOFILE) to \<N\>. If 0
136 is given, nghttpx does not set the limit.
138 Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx--rlimit-nofile
139 '';
140 };
141 };
142 }