From c48aa70a9aa68ac6f365663044357be77eb9e36a Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Sat, 9 Dec 2017 09:24:07 +0000 Subject: services: web: Remove default certificate and key files for nginx. If nginx is configured with a ssl-certificate file, and ssl-certificate-key, it will fail to start unless these exist. To avoid this happening, change the default to #f. * gnu/services/web.scm () [ssl-certificate,ssl-certificate-key]: Set the defaults to #f. * gnu/tests/web.scm (%nginx-servers): Remove redundant nginx-server-configuration fields. * doc/guix.texi (Web Services): Update examples and documentation. --- gnu/tests/web.scm | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'gnu/tests/web.scm') diff --git a/gnu/tests/web.scm b/gnu/tests/web.scm index 3fa272c676..de7ab3cd65 100644 --- a/gnu/tests/web.scm +++ b/gnu/tests/web.scm @@ -45,10 +45,7 @@ ;; Server blocks. (list (nginx-server-configuration (root "/srv") - (http-port 8042) - (https-port #f) - (ssl-certificate #f) - (ssl-certificate-key #f)))) + (http-port 8042)))) (define %nginx-os ;; Operating system under test. -- cgit 1.4.1 From 64bae7237c65b32d97e16ff6802124c26867754a Mon Sep 17 00:00:00 2001 From: nee Date: Mon, 9 Oct 2017 23:06:05 +0200 Subject: gnu: services: Add php-fpm. * gnu/services/web.scm (, ): New record types. (php-fpm-configuration?, php-fpm-process-manager-configuration?, php-fpm-service-type, nginx-php-location): New procedures. * doc/guix.texi (Web-Services): Document php-fpm service. * gnu/tests/web.scm: Add php-fpm system test. Signed-off-by: Christopher Baines --- doc/guix.texi | 140 +++++++++++++++++++++++++++++ gnu/services/web.scm | 247 ++++++++++++++++++++++++++++++++++++++++++++++++++- gnu/tests/web.scm | 123 ++++++++++++++++++++++++- 3 files changed, 508 insertions(+), 2 deletions(-) (limited to 'gnu/tests/web.scm') diff --git a/doc/guix.texi b/doc/guix.texi index 592cae5d59..bbeef47ec1 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -44,6 +44,7 @@ Copyright @copyright{} 2017 Tobias Geerinckx-Rice@* Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 Andy Wingo@* Copyright @copyright{} 2017 Arun Isaac +Copyright @copyright{} 2017 nee Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -15081,6 +15082,145 @@ capability also has to be configured on the front-end as well. @end table @end deftp +@cindex php-fpm +PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation +with some additional features useful for sites of any size. + +These features include: +@itemize @bullet +@item Adaptive process spawning +@item Basic statistics (similar to Apache's mod_status) +@item Advanced process management with graceful stop/start +@item Ability to start workers with different uid/gid/chroot/environment +and different php.ini (replaces safe_mode) +@item Stdout & stderr logging +@item Emergency restart in case of accidental opcode cache destruction +@item Accelerated upload support +@item Support for a "slowlog" +@item Enhancements to FastCGI, such as fastcgi_finish_request() - +a special function to finish request & flush all data while continuing to do +something time-consuming (video converting, stats processing, etc.) +@end itemize +... and much more. + +@defvr {Scheme Variable} php-fpm-service-type +A Service type for @code{php-fpm}. +@end defvr + +@deftp {Data Type} php-fpm-configuration +Data Type for php-fpm service configuration. +@table @asis +@item @code{php} (default: @code{php}) +The php package to use. +@item @code{socket} (default: @code{(string-append "/var/run/php" (version-major (package-version php)) "-fpm.sock")}) +The address on which to accept FastCGI requests. Valid syntaxes are: +@table @asis +@item @code{"ip.add.re.ss:port"} +Listen on a TCP socket to a specific address on a specific port. +@item @code{"port"} +Listen on a TCP socket to all addresses on a specific port. +@item @code{"/path/to/unix/socket"} +Listen on a unix socket. +@end table + +@item @code{user} (default: @code{php-fpm}) +User who will own the php worker processes. +@item @code{group} (default: @code{php-fpm}) +Group of the worker processes. +@item @code{socket-user} (default: @code{php-fpm}) +User who can speak to the php-fpm socket. +@item @code{socket-group} (default: @code{php-fpm}) +Group that can speak to the php-fpm socket. +@item @code{pid-file} (default: @code{(string-append "/var/run/php" (version-major (package-version php)) "-fpm.pid")}) +The process id of the php-fpm process is written to this file +once the service has started. +@item @code{log-file} (default: @code{(string-append "/var/log/php" (version-major (package-version php)) "-fpm.log")}) +Log for the php-fpm master process. +@item @code{process-manager} (default: @code{(php-fpm-dynamic-process-manager-configuration)}) +Detailed settings for the php-fpm process manager. +Must be either: +@table @asis +@item @code{} +@item @code{} +@item @code{} +@end table +@item @code{display-errors} (default @code{#f}) +Determines wether php errors and warning should be sent to clients +and displayed in their browsers. +This is useful for local php development, but a security risk for public sites, +as error messages can reveal passwords and personal data. +@item @code{workers-logfile} (default @code{(string-append "/var/log/php" (version-major (package-version php)) "-fpm.www.log")}) +This file will log the @code{stderr} outputs of php worker processes. +Can be set to @code{#f} to disable logging. +@item @code{file} (default @code{#f}) +An optional override of the whole configuration. +You can use the @code{mixed-text-file} function or an absolute filepath for it. +@end table +@end deftp + +@deftp {Data type} php-fpm-dynamic-process-manager-configuration +Data Type for the @code{dynamic} php-fpm process manager. With the +@code{dynamic} process manager, spare worker processes are kept around +based on it's configured limits. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@item @code{start-servers} (default: @code{2}) +How many worker processes should be started on start-up. +@item @code{min-spare-servers} (default: @code{1}) +How many spare worker processes should be kept around at minimum. +@item @code{max-spare-servers} (default: @code{3}) +How many spare worker processes should be kept around at maximum. +@end table +@end deftp + +@deftp {Data type} php-fpm-static-process-manager-configuration +Data Type for the @code{static} php-fpm process manager. With the +@code{static} process manager, an unchanging number of worker processes +are created. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@end table +@end deftp + +@deftp {Data type} php-fpm-on-demand-process-manager-configuration +Data Type for the @code{on-demand} php-fpm process manager. With the +@code{on-demand} process manager, worker processes are only created as +requests arrive. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@item @code{process-idle-timeout} (default: @code{10}) +The time in seconds after which a process with no requests is killed. +@end table +@end deftp + + +@deffn {Scheme Procedure} nginx-php-fpm-location @ + [#:nginx-package nginx] @ + [socket (string-append "/var/run/php" @ + (version-major (package-version php)) @ + "-fpm.sock")] +A helper function to quickly add php to an @code{nginx-server-configuration}. +@end deffn + +A simple services setup for nginx with php can look like this: +@example +(services (cons* (dhcp-client-service) + (service php-fpm-service-type) + (service nginx-service-type + (nginx-server-configuration + (server-name '("example.com")) + (root "/srv/http/") + (locations + (list (nginx-php-location))) + (https-port #f) + (ssl-certificate #f) + (ssl-certificate-key #f))) + %base-services)) +@end example + @node Certificate Services @subsubsection Certificate Services diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 7f338039e0..582cf535cb 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016 ng0 ;;; Copyright © 2016, 2017 Julien Lepiller ;;; Copyright © 2017 Christopher Baines +;;; Copyright © 2017 nee ;;; ;;; This file is part of GNU Guix. ;;; @@ -26,8 +27,11 @@ #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages web) + #:use-module (gnu packages php) #:use-module (guix records) #:use-module (guix gexp) + #:use-module ((guix utils) #:select (version-major)) + #:use-module ((guix packages) #:select (package-version)) #:use-module (srfi srfi-1) #:use-module (ice-9 match) #:export ( @@ -78,7 +82,49 @@ fcgiwrap-configuration fcgiwrap-configuration? - fcgiwrap-service-type)) + fcgiwrap-service-type + + + php-fpm-configuration + make-php-fpm-configuration + php-fpm-configuration? + php-fpm-configuration-php + php-fpm-configuration-socket + php-fpm-configuration-user + php-fpm-configuration-group + php-fpm-configuration-socket-user + php-fpm-configuration-socket-group + php-fpm-configuration-pid-file + php-fpm-configuration-log-file + php-fpm-configuration-process-manager + php-fpm-configuration-display-errors + php-fpm-configuration-workers-log-file + php-fpm-configuration-file + + + php-fpm-dynamic-process-manager-configuration + make-php-fpm-dynamic-process-manager-configuration + php-fpm-dynamic-process-manager-configuration? + php-fpm-dynamic-process-manager-configuration-max-children + php-fpm-dynamic-process-manager-configuration-start-servers + php-fpm-dynamic-process-manager-configuration-min-spare-servers + php-fpm-dynamic-process-manager-configuration-max-spare-servers + + + php-fpm-static-process-manager-configuration + make-php-fpm-static-process-manager-configuration + php-fpm-static-process-manager-configuration? + php-fpm-static-process-manager-configuration-max-children + + + php-fpm-on-demand-process-manager-configuration + make-php-fpm-on-demand-process-manager-configuration + php-fpm-on-demand-process-manager-configuration? + php-fpm-on-demand-process-manager-configuration-max-children + php-fpm-on-demand-process-manager-configuration-process-idle-timeout + + php-fpm-service-type + nginx-php-location)) ;;; Commentary: ;;; @@ -397,3 +443,202 @@ of index files." (service-extension account-service-type fcgiwrap-accounts))) (default-value (fcgiwrap-configuration)))) + +(define-record-type* php-fpm-configuration + make-php-fpm-configuration + php-fpm-configuration? + (php php-fpm-configuration-php ; + (default php)) + (socket php-fpm-configuration-socket + (default (string-append "/var/run/php" + (version-major (package-version php)) + "-fpm.sock"))) + (user php-fpm-configuration-user + (default "php-fpm")) + (group php-fpm-configuration-group + (default "php-fpm")) + (socket-user php-fpm-configuration-socket-user + (default "php-fpm")) + (socket-group php-fpm-configuration-socket-group + (default "nginx")) + (pid-file php-fpm-configuration-pid-file + (default (string-append "/var/run/php" + (version-major (package-version php)) + "-fpm.pid"))) + (log-file php-fpm-configuration-log-file + (default (string-append "/var/log/php" + (version-major (package-version php)) + "-fpm.log"))) + (process-manager php-fpm-configuration-process-manager + (default (php-fpm-dynamic-process-manager-configuration))) + (display-errors php-fpm-configuration-display-errors + (default #f)) + (workers-log-file php-fpm-configuration-workers-log-file + (default (string-append "/var/log/php" + (version-major (package-version php)) + "-fpm.www.log"))) + (file php-fpm-configuration-file ;#f | file-like + (default #f))) + +(define-record-type* + php-fpm-dynamic-process-manager-configuration + make-php-fpm-dynamic-process-manager-configuration + php-fpm-dynamic-process-manager-configuration? + (max-children php-fpm-dynamic-process-manager-configuration-max-children + (default 5)) + (start-servers php-fpm-dynamic-process-manager-configuration-start-servers + (default 2)) + (min-spare-servers php-fpm-dynamic-process-manager-configuration-min-spare-servers + (default 1)) + (max-spare-servers php-fpm-dynamic-process-manager-configuration-max-spare-servers + (default 3))) + +(define-record-type* + php-fpm-static-process-manager-configuration + make-php-fpm-static-process-manager-configuration + php-fpm-static-process-manager-configuration? + (max-children php-fpm-static-process-manager-configuration-max-children + (default 5))) + +(define-record-type* + php-fpm-on-demand-process-manager-configuration + make-php-fpm-on-demand-process-manager-configuration + php-fpm-on-demand-process-manager-configuration? + (max-children php-fpm-on-demand-process-manager-configuration-max-children + (default 5)) + (process-idle-timeout php-fpm-on-demand-process-manager-configuration-process-idle-timeout + (default 10))) + +(define php-fpm-accounts + (match-lambda + (($ php socket user group socket-user socket-group _ _ _ _ _ _) + (list + (user-group (name "php-fpm") (system? #t)) + (user-group + (name group) + (system? #t)) + (user-account + (name user) + (group group) + (supplementary-groups '("php-fpm")) + (system? #t) + (comment "php-fpm daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))))) + +(define (default-php-fpm-config socket user group socket-user socket-group + pid-file log-file pm display-errors workers-log-file) + (apply mixed-text-file "php-fpm.conf" + (flatten + "[global]\n" + "pid =" pid-file "\n" + "error_log =" log-file "\n" + "[www]\n" + "user =" user "\n" + "group =" group "\n" + "listen =" socket "\n" + "listen.owner =" socket-user "\n" + "listen.group =" socket-group "\n" + + (match pm + (($ + pm.max-children + pm.start-servers + pm.min-spare-servers + pm.max-spare-servers) + (list + "pm = dynamic\n" + "pm.max_children =" (number->string pm.max-children) "\n" + "pm.start_servers =" (number->string pm.start-servers) "\n" + "pm.min_spare_servers =" (number->string pm.min-spare-servers) "\n" + "pm.max_spare_servers =" (number->string pm.max-spare-servers) "\n")) + + (($ + pm.max-children) + (list + "pm = static\n" + "pm.max_children =" (number->string pm.max-children) "\n")) + + (($ + pm.max-children + pm.process-idle-timeout) + (list + "pm = ondemand\n" + "pm.max_children =" (number->string pm.max-children) "\n" + "pm.process_idle_timeout =" (number->string pm.process-idle-timeout) "s\n"))) + + + "php_flag[display_errors] = " (if display-errors "on" "off") "\n" + + (if workers-log-file + (list "catch_workers_output = yes\n" + "php_admin_value[error_log] =" workers-log-file "\n" + "php_admin_flag[log_errors] = on\n") + (list "catch_workers_output = no\n"))))) + +(define php-fpm-shepherd-service + (match-lambda + (($ php socket user group socket-user socket-group + pid-file log-file pm display-errors workers-log-file file) + (list (shepherd-service + (provision '(php-fpm)) + (documentation "Run the php-fpm daemon.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + '(#$(file-append php "/sbin/php-fpm") + "--fpm-config" + #$(or file + (default-php-fpm-config socket user group + socket-user socket-group pid-file log-file + pm display-errors workers-log-file))) + #:pid-file #$pid-file)) + (stop #~(make-kill-destructor))))))) + +(define php-fpm-activation + (match-lambda + (($ _ _ user _ _ _ _ log-file _ _ workers-log-file _) + #~(begin + (use-modules (guix build utils)) + (let* ((user (getpwnam #$user)) + (touch (lambda (file-name) + (call-with-output-file file-name (const #t)))) + (init-log-file + (lambda (file-name) + (when #$workers-log-file + (when (not (file-exists? file-name)) + (touch file-name)) + (chown file-name (passwd:uid user) (passwd:gid user)) + (chmod file-name #o660))))) + (init-log-file #$log-file) + (init-log-file #$workers-log-file)))))) + + +(define php-fpm-service-type + (service-type + (name 'php-fpm) + (description + "Run @command{php-fpm} to provide a fastcgi socket for calling php through +a webserver.") + (extensions + (list (service-extension shepherd-root-service-type + php-fpm-shepherd-service) + (service-extension activation-service-type + php-fpm-activation) + (service-extension account-service-type + php-fpm-accounts))) + (default-value (php-fpm-configuration)))) + +(define* (nginx-php-location + #:key + (nginx-package nginx) + (socket (string-append "/var/run/php" + (version-major (package-version php)) + "-fpm.sock"))) + "Return a nginx-location-configuration that makes nginx run .php files." + (nginx-location-configuration + (uri "~ \\.php$") + (body (list + "fastcgi_split_path_info ^(.+\\.php)(/.+)$;" + (string-append "fastcgi_pass unix:" socket ";") + "fastcgi_index index.php;" + (list "include " nginx-package "/share/nginx/conf/fastcgi.conf;"))))) diff --git a/gnu/tests/web.scm b/gnu/tests/web.scm index de7ab3cd65..e975cb8300 100644 --- a/gnu/tests/web.scm +++ b/gnu/tests/web.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017 Ludovic Courtès +;;; Copyright © 2017 Christopher Baines ;;; ;;; This file is part of GNU Guix. ;;; @@ -27,7 +28,8 @@ #:use-module (gnu services networking) #:use-module (guix gexp) #:use-module (guix store) - #:export (%test-nginx)) + #:export (%test-nginx + %test-php-fpm)) (define %index.html-contents ;; Contents of the /index.html file served by nginx. @@ -129,3 +131,122 @@ HTTP-PORT." (name "nginx") (description "Connect to a running NGINX server.") (value (run-nginx-test)))) + + +;;; +;;; PHP-FPM +;;; + +(define %make-php-fpm-http-root + ;; Create our server root in /srv. + #~(begin + (mkdir "/srv") + (call-with-output-file "/srv/index.php" + (lambda (port) + (display "\n" port))))) + +(define %php-fpm-nginx-server-blocks + (list (nginx-server-configuration + (root "/srv") + (locations + (list (nginx-php-location))) + (http-port 8042) + (https-port #f) + (ssl-certificate #f) + (ssl-certificate-key #f)))) + +(define %php-fpm-os + ;; Operating system under test. + (simple-operating-system + (dhcp-client-service) + (service php-fpm-service-type) + (service nginx-service-type + (nginx-configuration + (server-blocks %php-fpm-nginx-server-blocks))) + (simple-service 'make-http-root activation-service-type + %make-php-fpm-http-root))) + +(define* (run-php-fpm-test #:optional (http-port 8042)) + "Run tests in %PHP-FPM-OS, which has nginx running and listening on +HTTP-PORT, along with php-fpm." + (define os + (marionette-operating-system + %php-fpm-os + #:imported-modules '((gnu services herd) + (guix combinators)))) + + (define vm + (virtual-machine + (operating-system os) + (port-forwardings `((8080 . ,http-port))))) + + (define test + (with-imported-modules '((gnu build marionette) + (guix build utils)) + #~(begin + (use-modules (srfi srfi-11) (srfi srfi-64) + (gnu build marionette) + (web uri) + (web client) + (web response)) + + (define marionette + (make-marionette (list #$vm))) + + (mkdir #$output) + (chdir #$output) + + (test-begin "php-fpm") + + (test-assert "php-fpm running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (match (start-service 'php-fpm) + (#f #f) + (('service response-parts ...) + (match (assq-ref response-parts 'running) + ((pid) (number? pid)))))) + marionette)) + + (test-eq "nginx running" + 'running! + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (start-service 'nginx) + 'running!) + marionette)) + + (test-equal "http-get" + 200 + (let-values (((response text) + (http-get "http://localhost:8080/index.php" + #:decode-body? #t))) + (response-code response))) + + (test-equal "php computed result is sent" + "Computed by php:5" + (let-values (((response text) + (http-get "http://localhost:8080/index.php" + #:decode-body? #t))) + (begin + (use-modules (ice-9 regex)) + (let ((matches (string-match "Computed by php:5" text))) + (and matches + (match:substring matches 0)))))) + + (test-end) + + (exit (= (test-runner-fail-count (test-runner-current)) 0))))) + + (gexp->derivation "php-fpm-test" test)) + +(define %test-php-fpm + (system-test + (name "php-fpm") + (description "Test PHP-FPM through nginx.") + (value (run-php-fpm-test)))) -- cgit 1.4.1 From 8b223ceac4ff0781e95d69362875f87cff03f4d6 Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Sat, 9 Dec 2017 12:59:12 +0100 Subject: services: nginx: Replace 'http-port' and 'https-port' with 'listen'. * doc/guix.texi (Web Services, Version Control Services): Update accordingly. * gnu/services/certbot.scm (certbot-nginx-server-configurations): Likewise. * gnu/services/version-control.scm (%cgit-configuration-nginx): Likewise. * gnu/services/web.scm (, emit-nginx-server-config): Likewise. * gnu/tests/version-control.scm (%cgit-configuration-nginx, %git-nginx-configuration): Likewise. * gnu/tests/web.scm (%nginx-servers, %php-fpm-nginx-server-blocks): Likewise. --- doc/guix.texi | 20 +++++++++----------- gnu/services/certbot.scm | 4 ++-- gnu/services/version-control.scm | 3 ++- gnu/services/web.scm | 16 ++++++---------- gnu/tests/version-control.scm | 7 +++---- gnu/tests/web.scm | 6 +++--- 6 files changed, 25 insertions(+), 31 deletions(-) (limited to 'gnu/tests/web.scm') diff --git a/doc/guix.texi b/doc/guix.texi index 242e54fd15..e44478cbf4 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14938,17 +14938,15 @@ Data type representing the configuration of an nginx server block. This type has the following parameters: @table @asis -@item @code{http-port} (default: @code{80}) -Nginx will listen for HTTP connection on this port. Set it at @code{#f} if -nginx should not listen for HTTP (non secure) connection for this -@dfn{server block}. +@item @code{listen} (default: @code{'("80" "443 ssl")}) +Each @code{listen} directive sets the address and port for IP, or the +path for a UNIX-domain socket on which the server will accept requests. +Both address and port, or only address or only port can be specified. +An address may also be a hostname, for example: -@item @code{https-port} (default: @code{443}) -Nginx will listen for HTTPS connection on this port. Set it at @code{#f} if -nginx should not listen for HTTPS (secure) connection for this @dfn{server block}. - -Note that nginx can listen for HTTP and HTTPS connections in the same -@dfn{server block}. +@example +'("127.0.0.1:8000" "127.0.0.1" "8000" "*:8000" "localhost:8000") +@end example @item @code{server-name} (default: @code{(list 'default)}) A list of server names this server represents. @code{'default} represents the @@ -17689,7 +17687,7 @@ serve the default @file{/srv/git} over HTTPS might be: (server-blocks (list (nginx-server-configuration - (http-port #f) + (listen '("443 ssl")) (server-name "git.my-host.org") (ssl-certificate "/etc/letsencrypt/live/git.my-host.org/fullchain.pem") diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 0d72a4b700..8aac2638b3 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Sou Bunnbu +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -97,8 +98,7 @@ (map (lambda (host) (nginx-server-configuration - (http-port 80) - (https-port #f) + (listen '("80")) (ssl-certificate #f) (ssl-certificate-key #f) (server-name (list host)) diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm index fce2ce1c25..6bf656949a 100644 --- a/gnu/services/version-control.scm +++ b/gnu/services/version-control.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Sou Bunnbu ;;; Copyright © 2017 Oleg Pykhalov +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -231,7 +232,7 @@ access to exported repositories under @file{/srv/git}." "fastcgi_param HTTP_HOST $server_name;" "fastcgi_pass 127.0.0.1:9000;"))))) (try-files (list "$uri" "@cgit")) - (https-port #f) + (listen '("80")) (ssl-certificate #f) (ssl-certificate-key #f)))) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 582cf535cb..8a16f50de4 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2016, 2017 Julien Lepiller ;;; Copyright © 2017 Christopher Baines ;;; Copyright © 2017 nee +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -49,8 +50,7 @@ nginx-server-configuration nginx-server-configuration? - nginx-server-configuration-http-port - nginx-server-configuartion-https-port + nginx-server-configuration-listen nginx-server-configuration-server-name nginx-server-configuration-root nginx-server-configuration-locations @@ -135,10 +135,8 @@ (define-record-type* nginx-server-configuration make-nginx-server-configuration nginx-server-configuration? - (http-port nginx-server-configuration-http-port - (default 80)) - (https-port nginx-server-configuration-https-port - (default 443)) + (listen nginx-server-configuration-listen + (default '("80" "443 ssl"))) (server-name nginx-server-configuration-server-name (default (list 'default))) (root nginx-server-configuration-root @@ -225,8 +223,7 @@ of index files." " }\n")))) (define (emit-nginx-server-config server) - (let ((http-port (nginx-server-configuration-http-port server)) - (https-port (nginx-server-configuration-https-port server)) + (let ((listen (nginx-server-configuration-listen server)) (server-name (nginx-server-configuration-server-name server)) (ssl-certificate (nginx-server-configuration-ssl-certificate server)) (ssl-certificate-key @@ -245,8 +242,7 @@ of index files." '()))) (list " server {\n" - (and/l http-port " listen " (number->string <>) ";\n") - (and/l https-port " listen " (number->string <>) " ssl;\n") + (map (lambda (directive) (list " listen " directive ";\n")) listen) " server_name " (config-domain-strings server-name) ";\n" (and/l ssl-certificate " ssl_certificate " <> ";\n") (and/l ssl-certificate-key " ssl_certificate_key " <> ";\n") diff --git a/gnu/tests/version-control.scm b/gnu/tests/version-control.scm index 2cbacf0ef9..7367861b05 100644 --- a/gnu/tests/version-control.scm +++ b/gnu/tests/version-control.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017 Oleg Pykhalov ;;; Copyright © 2017 Ludovic Courtès +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -78,8 +79,7 @@ "fastcgi_param HTTP_HOST $server_name;" "fastcgi_pass 127.0.0.1:9000;"))))) (try-files (list "$uri" "@cgit")) - (http-port 19418) - (https-port #f) + (listen '("19418")) (ssl-certificate #f) (ssl-certificate-key #f)))) @@ -211,8 +211,7 @@ HTTP-PORT." (server-blocks (list (nginx-server-configuration - (http-port 19418) - (https-port #f) + (listen '("19418")) (ssl-certificate #f) (ssl-certificate-key #f) (locations diff --git a/gnu/tests/web.scm b/gnu/tests/web.scm index e975cb8300..f1214fb5fd 100644 --- a/gnu/tests/web.scm +++ b/gnu/tests/web.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017 Ludovic Courtès ;;; Copyright © 2017 Christopher Baines +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -47,7 +48,7 @@ ;; Server blocks. (list (nginx-server-configuration (root "/srv") - (http-port 8042)))) + (listen '("8042" "443 ssl"))))) (define %nginx-os ;; Operating system under test. @@ -153,8 +154,7 @@ echo(\"Computed by php:\".((string)(2+3))); (root "/srv") (locations (list (nginx-php-location))) - (http-port 8042) - (https-port #f) + (listen "8042") (ssl-certificate #f) (ssl-certificate-key #f)))) -- cgit 1.4.1