colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
611,916 Commits 125 Branches 0 Tags 3.4 GiB
a55e0fa92d
Commit Graph

471 Commits

Author SHA1 Message Date
Doron Behar
01d4e2fe33 treewide: use ffmpeg_3 explicitly if not wanted otherwise 
After making `ffmpeg` point to the latest `ffmpeg_4`, all packages that
used `ffmpeg` without requiring a specific version now use ffmpeg_3
explicitly so they shouldn't change.
 2020-06-12 11:55:31 -07:00
Izorkin
70b11a0f50 nginxMainline: 1.18.0 -> 1.19.0 2020-05-31 09:46:48 +03:00
ajs124
deadc23034 nginxModules.fancyindex: 0.4.3 -> 0.4.4 2020-05-13 13:23:20 +02:00
Izorkin
aa12fb8adb nginxModules: add option allowMemoryWriteExecute 
The allowMemoryWriteExecute option is required to checking enabled nginxModules
and disable the nginx sandbox mode MemoryDenyWriteExecute.
 2020-05-12 20:03:29 +03:00
Izorkin
a19800fb48 nginx: change logs path 2020-05-04 16:36:38 +03:00
Izorkin
cbfe203da7 nginxMainline: 1.17.9 -> 1.18.0 2020-04-23 14:34:21 +03:00
Izorkin
2e6cd807d7 nginxStable: 1.16.1 -> 1.18.0 2020-04-23 14:34:13 +03:00
Milan
3847ec0e35
nginxMainline: 1.17.8 -> 1.17.9 (#84743) 2020-04-08 21:19:35 +02:00
aszlig
e1d63ada02
nginx: Fix ETag patch to ignore realpath(3) error 
While our ETag patch works pretty fine if it comes to serving data off
store paths, it unfortunately broke something that might be a bit more
common, namely when using regexes to extract path components of
location directives for example.

Recently, @devhell has reported a bug with a nginx location directive
like this:

  location ~^/\~([a-z0-9_]+)(/.*)?$" {
    alias /home/$1/public_html$2;
  }

While this might look harmless at first glance, it does however cause
issues with our ETag patch. The alias directive gets broken up by nginx
like this:

  *2 http script copy: "/home/"
  *2 http script capture: "foo"
  *2 http script copy: "/public_html/"
  *2 http script capture: "bar.txt"

In our patch however, we use realpath(3) to get the canonicalised path
from ngx_http_core_loc_conf_s.root, which returns the *configured* value
from the root or alias directive. So in the example above, realpath(3)
boils down to the following syscalls:

  lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
  lstat("/home/$1", 0x7ffd08da6f60) = -1 ENOENT (No such file or directory)

During my review[1] of the initial patch, I didn't actually notice that
what we're doing here is returning NGX_ERROR if the realpath(3) call
fails, which in turn causes an HTTP 500 error.

Since our patch actually made the canonicalisation (and thus additional
syscalls) necessary, we really shouldn't introduce an additional error
so let's - at least for now - silently skip return value if realpath(3)
has failed.

However since we're using the unaltered root from the config we have
another issue, consider this root:

  /nix/store/...-abcde/$1

Calling realpath(3) on this path will fail (except if there's a file
called "$1" of course), so even this fix is not enough because it
results in the ETag not being set to the store path hash.

While this is very ugly and we should fix this very soon, it's not as
serious as getting HTTP 500 errors for serving static files.

I added a small NixOS VM test, which uses the example above as a
regression test.

It seems that my memory is failing these days, since apparently I *knew*
about this issue since digging for existing issues in nixpkgs, I found
this similar pull request which I even reviewed:

https://github.com/NixOS/nixpkgs/pull/66532

However, since the comments weren't addressed and the author hasn't
responded to the pull request, I decided to keep this very commit and do
a follow-up pull request.

[1]: https://github.com/NixOS/nixpkgs/pull/48337

Signed-off-by: aszlig <aszlig@nix.build>
Reported-by: @devhell
Acked-by: @7c6f434c
Acked-by: @yorickvP
Merges: https://github.com/NixOS/nixpkgs/pull/80671
Fixes: https://github.com/NixOS/nixpkgs/pull/66532
 2020-03-28 02:57:21 +01:00
ajs124
0aec2cdd08 nginxModules.fastcgi-cache-purge: 2.3 -> 2.5 
switch to a fork that seems sort of alive
 2020-03-10 23:35:15 +01:00
Emily
6d046e1079 openresty: rebase on top of nginx package 
The primary motivation of this change was to allow third-party modules
to be used with OpenResty, but it also results in a significant
reduction of code duplication.
 2020-02-04 19:30:40 -06:00
Emily
db3182a65d nginxModules.brotli: v0.1.2 -> unstable 
The fork was merged back upstream but has yet to see a formal release.
 2020-02-04 19:30:40 -06:00
Will Dietz
92d29418b3
nginxMainline: 1.17.3 -> 1.17.8 
http://nginx.org/en/CHANGES
 2020-01-21 11:02:11 -06:00
Ryan Mulligan
6de8b8f144
Merge pull request #61722 from Izorkin/pinba-nginx 
nginxModules.pinba: init at 13.05.2019
 2020-01-04 07:58:18 -08:00
Frederik Rietdijk
7aa2b0215b Merge master into staging-next 2020-01-03 10:25:14 +01:00
Robin Gloster
6ca6ac796b
treewide: configureFlags is a flat list 2019-12-31 01:37:49 +01:00
Robin Gloster
5f2b92e3ec
treewide: NIX_*_COMPILE -> string 2019-12-31 00:13:29 +01:00
aszlig
ccf55bead1
nginx: Clear Last-Modified if ETag is from store 
This is what I've suspected a while ago[1]:

> Heads-up everyone: After testing this in a few production instances,
> it seems that some browsers still get cache hits for new store paths
> (and changed contents) for some reason. I highly suspect that it might
> be due to the last-modified header (as mentioned in [2]).
>
> Going to test this with last-modified disabled for a little while and
> if this is the case I think we should improve that patch by disabling
> last-modified if serving from a store path.

Much earlier[2] when I reviewed the patch, I wrote this:

> Other than that, it looks good to me.
>
> However, I'm not sure what we should do with Last-Modified header.
> From RFC 2616, section 13.3.4:
>
> - If both an entity tag and a Last-Modified value have been
>   provided by the origin server, SHOULD use both validators in
>   cache-conditional requests. This allows both HTTP/1.0 and
>   HTTP/1.1 caches to respond appropriately.
>
> I'm a bit nervous about the SHOULD here, as user agents in the wild
> could possibly just use Last-Modified and use the cached content
> instead.

Unfortunately, I didn't pursue this any further back then because
@pbogdan noted[3] the following:

> Hmm, could they (assuming they are conforming):
>
>  * If an entity tag has been provided by the origin server, MUST
>    use that entity tag in any cache-conditional request (using If-
>    Match or If-None-Match).

Since running with this patch in some deployments, I found that both
Firefox and Chrome/Chromium do NOT re-validate against the ETag if the
Last-Modified header is still the same.

So I wrote a small NixOS VM test with Geckodriver to have a test case
which is closer to the real world and I indeed was able to reproduce
this.

Whether this is actually a bug in Chrome or Firefox is an entirely
different issue and even IF it is the fault of the browsers and it is
fixed at some point, we'd still need to handle this for older browser
versions.

Apart from clearing the header, I also recreated the patch by using a
plain "git diff" with a small description on top. This should make it
easier for future authors to work on that patch.

[1]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-495072764
[2]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451644084
[3]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451646135

Signed-off-by: aszlig <aszlig@nix.build>
 2019-12-30 14:30:36 +01:00
Izorkin
edddf0ac47 nginxModules.pinba: init at 13.05.2019 2019-12-11 10:06:55 +03:00
Jörg Thalheim
571ed9d22e
nginx: reference tests 2019-11-29 12:27:55 +00:00
tekeri
a5f26644d4 Add nginx perl modules (#73198) 
* nginx: enable perl_module if perl is given

* nginx: move `perl = null` to toplevel
 2019-11-27 17:08:56 +00:00
Franz Pletz
de85797565
Merge remote-tracking branch 'origin/master' into gcc-8 2019-09-03 22:15:07 +02:00
Robin Gloster
616b8343c4
Merge remote-tracking branch 'upstream/master' into gcc-8 2019-08-25 18:55:46 +02:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next 
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
 2019-08-24 08:55:37 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
volth
c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00
Izorkin
83381bec9c nginxMainline: 1.17.2 -> 1.17.3 2019-08-13 21:31:57 +03:00
Izorkin
aec55db737 nginxStable: 1.16.0 -> 1.16.1 2019-08-13 21:30:08 +03:00
Izorkin
293e5d8365 nginxMainline: 1.16.0 -> 1.17.2 2019-07-24 21:09:22 +03:00
Franz Pletz
c051374da2
nginx: fix build with gcc8 2019-06-17 07:06:02 +02:00
Izorkin
872f056bb4 nginxModules.lua: 0.10.14 -> 0.10.15 2019-05-13 12:37:14 +03:00
Izorkin
fa3f68edab nginxModules.http_proxy_connect_module: 16.04.2019 -> 06.05.2019 2019-05-13 12:37:10 +03:00
Jörg Thalheim
0816c69173
nginxModules: update and add nginx modules (#59949) 
nginxModules: update and add nginx modules
 2019-05-13 10:15:09 +01:00
Izorkin
619aa5c97f nginxMainline: 1.15.12 -> 1.16.0 2019-04-30 07:56:29 +03:00
Izorkin
65a736064a nginxStable: 1.14.2 -> 1.16.0 2019-04-30 07:56:23 +03:00
Yurii Izorkin
5ba8811758 nginxMainline: 1.15.10 -> 1.15.12 (#59950) 2019-04-22 00:08:08 +02:00
Izorkin
452cf0b3e2 nginxModules.naxsi: init at 0.56 2019-04-21 11:10:49 +03:00
Izorkin
6600d00ed1 nginxModules.video-thumbextractor: init at 0.9.0 2019-04-21 10:32:46 +03:00
Izorkin
f6525448a5 nginxModules.sorted-querystring: init at 0.3 2019-04-21 10:30:29 +03:00
Izorkin
b329187524 nginxModules.limit-speed: init at 21.05.2014 2019-04-21 10:27:31 +03:00
Izorkin
13c938ac1e nginxModules.subsFilter: 0.6.4 -> 13.04.2016 2019-04-21 10:21:44 +03:00
Izorkin
d1dff5a9ec nginxModules.upstream-tarantool: 2.7 -> 2.7.1 2019-04-20 23:11:08 +03:00
Izorkin
6a154d00c3 nginxModules.upstream-check: 10.11.2017 -> 12.08.2018 2019-04-20 23:08:55 +03:00
Izorkin
d66b94da62 nginxModules.coolkit: init at 0.2 2019-04-20 22:35:55 +03:00
Izorkin
80666e68b2 nginxModules.slowfs-cache: init at 1.10 2019-04-20 22:29:29 +03:00
Izorkin
8c1131ef28 nginxModules.lua: 0.10.13 -> 0.10.14 2019-04-20 22:29:29 +03:00
Izorkin
89a73423ab nginxModules.mpeg-ts: init at 0.1.1 2019-04-20 22:29:24 +03:00
Izorkin
c940a7caa0 nginxModules.live: init at 18.11.2018 2019-04-20 21:46:45 +03:00
Izorkin
b0dc2d6106 nginxModules.dav: 0.1.0 -> 3.0.0 2019-04-20 21:40:09 +03:00
Izorkin
7a5d938067 nginxModules.http_proxy_connect_module: 05.09.2018 -> 16.04.2019 2019-04-20 21:33:18 +03:00
aszlig
1f24685d93
nginx/etag-patch: Use Nix store dir from build env 
So far, the Nix store directory was hardcoded and if someone uses a
different Nix store directory the patch won't work. Of course, this is
pretty uncommon, but by not only substituting the store directory but
also the length of it we also save a few calls to ngx_strlen(), which
should save us a few cycles.

Signed-off-by: aszlig <aszlig@nix.build>
 2019-04-18 10:07:55 +02:00
aszlig
af5a3ce474
nginx: Fix memleak in nix-etag patch 
The original patch introduced a new "real" variable which gets populated
(and allocated) via ngx_realpath(). It's properly freed in error
conditions but it won't be freed if ngx_http_set_etag returns
successfully.

Adding another ngx_free() just before returning fixes that memory leak.

I also fixed a small indentation issue along the way.

Signed-off-by: aszlig <aszlig@nix.build>
 2019-04-18 09:40:13 +02:00
Yegor Timoshenko
1da8eec00f
nginx: handle impure symlinks in ETag patch 2019-04-18 09:40:11 +02:00
Yegor Timoshenko
f03302b636
nginx: check for realpath() == NULL in ETag patch 
Thanks to Gabriel Ebner!
 2019-04-18 09:40:09 +02:00
Yegor Timoshenko
135d54f535
nginx: if root is in Nix store, use path's hash as ETag 
Resolves #25485. Usage example:

$ realpath /var/www
/nix/store/wnrhnnpdj3x50j5xz38zp1qxs1ygwccw-site
$ curl --head localhost
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Sep 2018 06:09:25 GMT
Content-Type: text/html
Content-Length: 50
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Connection: keep-alive
ETag: "wnrhnnpdj3x50j5xz38zp1qxs1ygwccw"
Accept-Ranges: bytes
 2019-04-18 09:40:06 +02:00
Franz Pletz
4c0d1ae7be
nginxMainline: 1.15.9 -> 1.15.10 2019-04-02 12:02:39 +02:00
Maximilian Bosch
37867dba74
nginxModules.http_proxy_connect_module: init 
This adds the nginx module `ngx_http_proxy_connect_module` which allows
to tunnel HTTPS through an nginx proxy[1].

As this module contained patches for several nginx version, some minor
adjustments were needed:

* Allowed each entry in `nginxModules` to provide patches.

* Added an optional `supports` attribute to ensure that each module can
  determine if it supports the currently built nginx version (e.g. stable
  1.14 ATM or mainline 1.15 ATM).

[1] https://github.com/chobits/ngx_http_proxy_connect_module
 2019-03-29 23:53:09 +01:00
Benjamin Smith
f4d24273e5 nginx: add http subs filter module (#56546) 2019-03-13 02:16:40 +02:00
Alyssa Ross
2576d09716 nginxMainline: 1.15.8 -> 1.15.9 (#56416) 2019-02-28 22:13:35 +01:00
Vincent Bernat
33802e9ed8 nginx: expose list of additional modules (#53897) 
Currently, it seems there is no easy way to override package to add
modules. For example, if we want to add the `ipscrub` module, we can
do:

    pkgs.nginxStable.override {
      modules = [ pkgs.nginxModules.ipscrub ];
    };

But, then, we loose `rtmp`, `dav` and `moreheaders` which are defined
in `all-packages.nix`. With this modification, we can now do:

    pkgs.nginxStable.override {
      modules = pkg.nginxStable.passthru.modules ++ [ pkgs.nginxModules.ipscrub ];
    };
 2019-01-31 02:15:14 +02:00
Franz Pletz
9ea5b2c052
nginxMainline: 1.15.7 -> 1.15.8 2019-01-11 07:55:25 +01:00
Jörg Thalheim
8871ffccff nginx: fix cross-build 2018-12-11 18:13:21 +01:00
Alyssa Ross
703827f36c nginx: 1.14.1 -> 1.14.2 2018-12-05 10:56:06 -06:00
Alyssa Ross
dcae76862b nginxMainline: 1.15.6 -> 1.15.7 2018-11-27 21:28:49 +00:00
Alyssa Ross
de9026de6e
nginxMainline: 1.15.5 -> 1.15.6 
CVE-2018-16843, CVE-2018-16844

https://nginx.org/en/security_advisories.html
 2018-11-15 17:52:05 +00:00
Alyssa Ross
1908322d10
nginxStable: 1.14.0 -> 1.14.1 
CVE-2018-16843, CVE-2018-16844

https://nginx.org/en/security_advisories.html
 2018-11-15 17:51:51 +00:00
Daiderd Jordan
6d71316410
nginx: init ngx_aws_auth at 2.1.1 2018-11-08 20:02:44 +01:00
Rob Vermaas
75167083e5 nginx-opentracing: init at 0.7.0 
(cherry picked from commit 9d6184f1bcd2a57db31c48fd0e1847147d44715a)
 2018-10-23 18:08:01 +02:00
Thilo Uttendorfer
205b3d94e1 nginxMainline: 1.15.3 -> 1.15.5 (#48127) 2018-10-10 00:18:54 +02:00
Franz Pletz
647b5b1a29
nginxMainline: 1.15.2 -> 1.15.3 2018-08-31 14:42:14 +02:00
xeji
176891c0ad
Merge pull request #44467 from Izorkin/nginx-modules 
Nginx modules
 2018-08-05 22:20:05 +02:00
Johannes Frankenau
c481117673 nginxMainline: 1.15.1 -> 1.15.2 (#44431) 2018-08-04 21:06:35 +02:00
Izorkin
e0de8354b9 nginxModules.lua-upstream: init at v0.07 2018-08-04 20:54:36 +03:00
Izorkin
29b3e11541 nginxModules.url: init at rev 9299816 2018-08-04 20:54:36 +03:00
Izorkin
a5674cebb9 nginxModules.sysguard: init at rev e512897 2018-08-04 20:54:35 +03:00
Izorkin
9100091f3f nginxModules.stream-sts: init at v0.1.1 2018-08-04 20:54:35 +03:00
Izorkin
9958868dfd nginxModules.sts: init at v0.1.1 2018-08-04 20:54:35 +03:00
Izorkin
07e7966d3b nginxModules.upstream-tarantool: init at v2.7 2018-07-29 14:54:55 +03:00
Izorkin
ca37481d25 nginxModules.push-stream: init at v0.5.4 2018-07-29 14:54:47 +03:00
Izorkin
aa68f56c0a nginxModules.vts: init at v0.1.18 2018-07-29 14:54:08 +03:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Izorkin
e76f382c75 nginxModules: sorting of modules alphabetically 2018-07-16 03:44:32 +00:00
Franz Pletz
0a5186a7cb
Merge pull request #43580 from Izorkin/nginx-modules 
Update nginx modules
 2018-07-15 21:56:09 +00:00
Izorkin
3a5d104a33 nginxModules.develkit: update to v0.3.1rc1 2018-07-16 00:25:36 +03:00
Izorkin
75b2940145 nginxModules.upstream-check: update to rev 9aecf15 2018-07-16 00:25:20 +03:00
Izorkin
c96d49733a nginxModules.statsd: update to rev b970e40 2018-07-16 00:25:01 +03:00
Izorkin
04eb0731fb nginxModules.pam: update to v1.5.1 2018-07-16 00:24:45 +03:00
Izorkin
eff0def7dc nginxModules.set-misc: update to v0.32 2018-07-16 00:24:27 +03:00
Izorkin
ea52907348 nginxModules.lua: update to v0.10.13 2018-07-16 00:24:14 +03:00
Izorkin
8584845aa1 nginxModules.moreheaders: update to v0.33 2018-07-16 00:23:41 +03:00
Izorkin
a16eee878f nginxModules.ipscrub: update to v1.0.1 2018-07-16 00:22:54 +03:00
Izorkin
11653f8e6b nginxModules.sla: init at 7778f01 2018-07-15 20:29:57 +00:00
Franz Pletz
3239ef84ea
nginxMainline: 1.13.12 -> 1.15.1 2018-07-15 21:41:45 +02:00
Izorkin
bfb393f55e nginx-fancyindex: init at 0.4.3 2018-07-15 20:07:34 +03:00
Matthew Bauer
af56538c89
Merge pull request #42687 from nh2/nginx-debug-build 
nginx: Flag to build with debugging and parallel builds
 2018-07-05 22:11:51 -04:00
Silvan Mosberger
57bccb3cb8 treewide: http -> https sources (#42676) 
* treewide: http -> https sources

This updates the source urls of all top-level packages from http to
https where possible.

* buildtorrent: fix url and tab -> spaces
 2018-06-28 20:43:35 +02:00
Niklas Hambüchen
c834fb39c3 nginx: Enable parallel building 2018-06-28 01:35:41 +02:00
Niklas Hambüchen
94d97fe290 nginx: Add withDebug argument 2018-06-28 01:35:41 +02:00
Will Dietz
516c5f54ed ngx_brotli: 0.1.1 -> 0.1.2 
Fixes socket closing issues
(only happened in some circumstances AFAICT).
 2018-06-18 10:41:24 -05:00
Johannes Frankenau
db5ab167df nginxModules.ipscrub: init at 99230f6 2018-05-13 17:31:54 +02:00
Michael Raskin
36f9b216eb nginxStable: 1.12.2 -> 1.14.0 2018-05-02 02:46:52 +02:00
Michael Raskin
18d73458c8 nginxMainline: 1.13.9 -> 1.13.12 2018-05-02 02:46:52 +02:00
Will Dietz
bec9726946 ngx_brotli: -> 0.1.1 2018-04-24 12:55:16 -05:00
Will Dietz
0fdc4cb94b ngx_brotli: update for fixes, zero copy. 2018-03-21 15:15:50 -05:00
Tuomas Tynkkynen
2fec9c6e29 Merge remote-tracking branch 'upstream/master' into staging 
Conflicts:
	pkgs/development/tools/build-managers/conan/default.nix
 2018-03-13 23:04:18 +02:00
John Ericson
eeb8419c6a ceph: Fix --with-file-aio logic for new meta.platforms and cross 2018-03-12 18:55:41 -04:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging 
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
 2018-03-10 20:38:13 +00:00
Franz Pletz
94db63f5d4
nginxMainline: 1.13.8 -> 1.13.9 2018-03-05 15:49:07 +01:00
Will Dietz
40b14109d3 nginx/modules: brotli: no-op bump to latest that uses 1.0.2 as submodule 
We have it use our system copy regardless, but might as well.

(yes, hash does not change, since we don't fetch submodule here)
 2018-02-20 14:08:22 -06:00
Will Dietz
df9ebaf8c7 nginx/modules: use eustas' brotli module, google one is abandoned 
This fork is also used by FreeBSD as of Dec 2017:
https://svnweb.freebsd.org/ports?view=revision&revision=455560

See also:
https://github.com/google/ngx_brotli/issues/62
 2018-02-20 14:01:18 -06:00
Will Dietz
06e50006d4 nginxModules.pagespeed: be consistent about rev 
Yes hash doesn't change, stable is copy of beta used previously.
 2018-02-13 15:17:21 -06:00
Will Dietz
75068a6770 psol, ngx_pagespeed: 1.13.35.1 -> 1.13.35.2 2018-01-31 05:46:52 +09:00
adisbladis
67906744ec
Merge pull request #33658 from dtzWill/update/ngx_pagespeed 
ngx_pagespeed, psol: 1.11.33.4 -> 1.13.35.1
 2018-01-10 20:04:59 +08:00
Will Dietz
be2e01f8a0 ngx_pagespeed, psol: 1.11.33.4 -> 1.13.35.1 
Fixes build when used with nginxMainline.

(FWIW, 1.11.33.4 is from 2016-09-15)
 2018-01-09 10:57:17 -06:00
Will Dietz
0bbcfb0d6d nginxMainline: 1.13.6 -> 1.13.8 
See http://nginx.org/en/CHANGES
 2018-01-09 10:55:52 -06:00
Izorkin
37d66db7f9 modsecurity-nginx: 2017-08-23 -> 1.0.0 Stable 2017-12-21 23:41:38 +03:00
Jörg Thalheim
bc97af0b31
Merge pull request #32449 from Izorkin/ModSecurity-nginx 
nginxModules.ModSecurity-beta: 2017-06-17 -> 2017-08-23
 2017-12-16 23:21:12 -08:00
Izorkin
2c7912ce49 ModSecurity-nginx: update revision 2017-12-09 23:03:12 +03:00
Andreas Rammhold
a004f9f806
nginxModules.rtmp: v1.1.11 -> v1.2.1 
adds support for gcc-7 and fixes nginx for #31747
 2017-12-04 16:52:39 +01:00
Orivej Desh
6de0380378 nginxModules.brotli: 2015-11-18 -> 2016-12-02 
This version bundles brotli.
 2017-11-29 00:59:46 +00:00
Izorkin
cf6e90c104 nginx: add ModSecurity Nginx Connector (#28545) 
nginx: add ModSecurity Nginx Connector
 2017-11-26 07:57:19 -05:00
Vladimír Čunát
f90c468ea5
nginxModules.moreheaders: fix source hash 
An amended git tag, apparently.  There are only changes in documentation
and whitespace changes in code.  Sigh.  Uncovered by c3255fe8ec.
 2017-10-31 23:03:34 +01:00
Franz Pletz
0f0fcf84ce
nginx: 1.12.1 -> 1.12.2 2017-10-24 16:06:51 +02:00
Franz Pletz
0f01f8b882
nginxMainline: 1.13.5 -> 1.13.6 2017-10-14 20:07:27 +02:00
Franz Pletz
f03462eda8
nginxMainline: 1.13.4 -> 1.13.5 2017-10-02 20:24:48 +02:00
Vaibhav Sagar
dea2affe6c nginxModules.echo: 0.57 -> 0.61 
This fixes #29555.
 2017-09-21 11:01:35 +00:00
Vaibhav Sagar
70eb31c853 nginx-modules: remove unused fetchpatch 2017-09-17 19:25:50 +08:00
rnhmjoj
d0aa64a8e2
lua-nginx-module: 0.10.5 -> 0.10.10 2017-09-14 22:18:57 +02:00
Daiderd Jordan
734788b71d
nginx: disable pie on darwin 2017-09-12 22:42:04 +02:00
José Luis Lafuente
eb159a0e5a
nignx-dav-ext-module: 0.0.3 -> 0.1.0 2017-08-26 18:07:18 +02:00
Pascal Bach
ec779fb2c3 nginx: enable stream support by default 
TCP proxying should be a default feature of nginx
 2017-08-21 20:30:41 +02:00
Pascal Bach
6de00c1cb2 nginx: add possibility to compile reverse proxy with mail support 2017-08-21 20:30:41 +02:00
Pascal Bach
1d8412d17a nginx: add additional features when streams are enabled 
This allows nginx to work as a TCP load balancer including
TLS and geo IP routing support
 2017-08-21 20:30:41 +02:00
Pascal Bach
e309c318c6 nginx: enable additional compile flags 
These flags can increase performance.

They are also enabled by default on Debian and Archlinux
 2017-08-21 20:30:41 +02:00
Pascal Bach
12e0e9d31c nginx: remove deprecated ipv6 compile flag 
The build process for both mainline and stable print a warning that
"--with-ipv6" is deprecated
 2017-08-21 20:30:41 +02:00
Franz Pletz
6fdf8b3f77
nginxMainline: 1.13.3 -> 1.13.4 2017-08-11 17:32:23 +02:00
Franz Pletz
6e1aaeacfc
nginx: 1.12.0 -> 1.12.1 for CVE-2017-7529 2017-07-14 00:03:41 +02:00
Franz Pletz
af70b8fc23
nginxMainline: 1.13.2 -> 1.13.3 for CVE-2017-7529 2017-07-14 00:03:41 +02:00
Franz Pletz
c71989022e
nginxMainline: 1.13.1 -> 1.13.2 2017-07-05 19:04:17 +02:00
Franz Pletz
b74866b9a7
nginxMainline: 1.13.0 -> 1.13.1 2017-06-06 03:59:20 +02:00
Robin Gloster
4a83c099e1
nginx: 1.10.3 -> 1.12.0 2017-05-23 11:37:57 +02:00
Robin Gloster
4f51da2ff7
nginx-rtmp-module: 1.1.9 -> 1.1.11 2017-05-23 11:37:57 +02:00
Vaibhav Sagar
d575102556 nginx: remove syslog module 
This module has not been required for over 2 years. See https://github.com/yaoweibin/nginx_syslog_patch/issues/15
 2017-05-04 09:39:19 +08:00
jammerful
da5bc79469 nginx: Add Shibboleth Module 
Also add nginxShibboleth package
 2017-05-01 17:09:00 -04:00
Franz Pletz
32401d17c6
nginxMainline: 1.11.13 -> 1.13.0 2017-04-27 18:20:42 +02:00
Franz Pletz
73f04ddd57
nginxMainline: 1.11.10 -> 1.11.13 2017-04-11 19:57:28 +02:00
Franz Pletz
c13922f012
nginx: explicitly use stable version 
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.

Fixes #21665.
 2017-03-20 20:04:09 +01:00
Franz Pletz
e18bec1e3c
nginxMainline: 1.11.9 -> 1.11.10 2017-02-15 00:42:29 +01:00
Michael Raskin
846007b8db nginx: 1.10.2 -> 1.10.3 2017-02-01 19:28:45 +01:00
Franz Pletz
f1ba2c8d3b
nginxMainline: 1.11.8 -> 1.11.9 2017-01-26 01:04:49 +01:00
3noch
0d4d401b7f
nginx: add PageSpeed module (Linux only) 2017-01-10 17:26:50 -05:00
3noch
7f99fd086b
nginx: add 'cache_purge' module for purging FastCGI cache 2017-01-06 11:27:48 -05:00
Michael Raskin
ca8d3de1d2 nginx: 1.11.7 -> 1.11.8 2017-01-02 20:18:50 +01:00
Corbin
ca2fa4416e nginx: Allow GD to be optional. 
This commit permits incantations like `pkgs.nginx.override { gd = null; }` to
produce a slimmed-down nginx.

When used, this functionality removes a pile of stuff from nginx's closure.
The resulting nginx's closure:

    $ nix-store -q -R /nix/store/wk3h0a4dmdmjmxkbd0q09iw0wfq0yzpz-nginx-1.10.2 | wc -l
    12
    $ nix-store -q -R /nix/store/gpcx77anqrj05qz0mrwm7hf4wgxry5py-nginx-1.10.2 | wc -l
    24
 2016-12-26 10:24:58 -08:00
Franz Pletz
d3be9a50e0
nginxMainline: 1.11.6 -> 1.11.7 2016-12-13 21:39:31 +01:00
Franz Pletz
a04a4b2a6a
nginxMainline: 1.11.5 -> 1.11.6 2016-11-23 13:23:33 +01:00
Franz Pletz
323acff8e6
nginxMainline: 1.11.4 -> 1.11.5 2016-10-24 18:10:14 +02:00
Franz Pletz
4ae2189d8c
nginx: 1.10.1 -> 1.10.2 2016-10-24 18:10:14 +02:00
Tim Steinbach
f091686a18
nginxMainline: 1.11.3 -> 1.11.4 2016-09-23 08:20:03 -04:00
Matt Billenstein
cba2dd0044 nginx modules: update rtmp to 1.1.9 fixing build failures against 1.11.x 2016-09-08 16:21:13 -07:00
Matt Billenstein
6ce8575a2e nginx modules: update ngx_devel_kit to 0.3.0 2016-09-08 16:20:27 -07:00
Matt Billenstein
ca60da8031 nginx module: update statsd to support 1.10.1 -- the zebrafishlabs github repo 
seems dead
 2016-09-08 15:59:11 -07:00
Matt Billenstein
a49133b07f nginx module: add upstream check module 2016-09-08 12:02:15 -07:00
Robin Gloster
b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
Michael Raskin
d1435913cf nginx: 1.11.2 -> 1.11.3 2016-08-11 17:57:35 +02:00
Robin Gloster
203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Franz Pletz
b5daad4268 nginx: refactor and add mainline version 
Upstream calls the unstable version mainline.
 2016-07-19 01:20:49 +02:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Franz Pletz
9eec064355 nginx: 1.10.0 -> 1.10.1 (security) 
Fixes CVE-2016-4450.
 2016-07-10 10:48:11 +02:00
Robin Gloster
8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Teo Klestrup Röijezon
3f5186fd54 nginxModules.lua: 0.10.0 -> 0.10.5 2016-06-05 12:48:06 +02:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Tuomas Tynkkynen
d298b52fd3 treewide: Make explicit that 'dev' output of aprutil is used 2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen
29694b43b6 treewide: Make explicit that 'dev' output of apr is used 2016-05-19 10:00:24 +02:00
Tuomas Tynkkynen
16cc4ac83b treewide: Make explicit that 'dev' output of apacheHttpd is used 2016-05-19 10:00:23 +02:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Tobias Geerinckx-Rice
ab6e0861d4
nginx: restore .upstream files 
07d9de713a
 2016-05-06 15:37:22 +02:00
Tobias Geerinckx-Rice
b0f8349d95
nginxUnstable: alias to nginx until next unstable release 2016-05-06 13:47:36 +02:00
Tobias Geerinckx-Rice
07d9de713a
nginx: remove .upstream files 2016-05-06 13:47:12 +02:00
Tobias Geerinckx-Rice
959472a824
nginx: 1.8.1 -> 1.10.0 
Changes: http://nginx.org/en/CHANGES-1.10
 2016-05-03 20:05:57 +02:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Michael Raskin
c82272fdc0 nginxUnstable: 1.9.11 -> 1.9.14 2016-04-13 14:47:04 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size 
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
 2016-04-01 10:06:01 +02:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Luca Bruno
dcfca100ec Merge pull request #12525 from knupfer/ngx_brotli 
add nginxModules.brotli
 2016-03-11 11:05:21 +01:00
Vladimír Čunát
09af15654f Merge master into closure-size 
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
 2016-03-08 09:58:19 +01:00
Franz Pletz
fedf31660d nginx: Rmove custom hardening, now enabled by default 2016-03-08 00:39:07 +01:00
Franz Pletz
cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists 
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
 2016-03-05 18:55:26 +01:00
Michael Raskin
708c6094c5 nginx, nginxUnstable: hardening: only use when the compiler is gcc 2016-03-04 16:57:47 +01:00
Michael Raskin
7b9684a5b5 nginx, nginxUnstable: enable hardening. Flags as recommended by @arno01 (Andrey Arapov) in #7190 2016-03-04 16:54:37 +01:00
Robin Gloster
310fa56788 nginx: enable pie hardening 2016-02-26 16:38:26 +00:00
Michael Raskin
9e7c28cb56 nginxUnstable: 1.9.10 -> 1.9.11 2016-02-14 21:17:07 +01:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size 
Let's get rid of those merge conflicts.
 2016-02-03 16:57:19 +01:00
Rok Garbas
cf40e86fb0 nginx: 1.8.0->1.8.1, 1.9.9->1.9.10 2016-01-26 18:12:01 +01:00
Benjamin Staffin
9bad9c8bf3 nginx: add statsd to the available modules 2016-01-23 17:25:49 -05:00
knupfer
8e604f7937 nginxModules.brotli: init at 788615e 2016-01-21 22:14:39 +01:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Christoph Hrdinka
a3e3b76363 nginxModules.lua: 0.9.19 -> 0.10.0 2016-01-16 16:35:07 +01:00
Michael Raskin
ab3277e68a nginxUnstable: 1.9.7 -> 1.9.9 2016-01-01 12:30:17 +03:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Teo Klestrup Röijezon
53441bcc93 nginx: 1.9.4 -> 1.9.7, fixes #11515 2015-12-07 14:56:27 +01:00
Christoph Hrdinka
1391ca3af1 nginxModules.lua: 0.9.16 -> 0.9.19 2015-12-02 23:06:34 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size 
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
 2015-11-20 14:32:58 +01:00
Nikolay Amiantov
d2fc6e6a02 nginxModules.pam: init at 1.4 2015-10-19 16:46:09 +03:00
Nikolay Amiantov
9424238d14 nginx: factor out modules in a separate file 2015-10-19 16:46:02 +03:00
Vladimír Čunát
38313d5d87 libxml2,libxslt: split into multiple outputs 
Fixed all references, hopefully.
libxml2Python is slightly hacky now, but it seems to work.
 2015-10-05 13:44:16 +02:00
Jaka Hudoklin
ea4850ca64 Merge pull request #10023 from offlinehacker/pkgs/modsecurity/add 
modsecurity: add modsecurity, and create nginx plugin
 2015-09-30 00:19:38 +02:00
Jaka Hudoklin
46828582ab nginx: add support for modescurity 2015-09-23 20:35:28 +02:00
Hoang Xuan Phu
4ac4f2dcd9 nginx: add an option to build the stream module 2015-09-22 13:09:11 +08:00
Hoang Xuan Phu
942d2798c5 nginx: bump lua module to fix build error 
(https://github.com/openresty/lua-nginx-module/pull/500)
 2015-09-22 13:08:42 +08:00
Austin Seipp
860d720940 nixpkgs: nginxUnstable 1.9.3 -> 1.9.4 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2015-08-31 03:17:17 -05:00
Austin Seipp
131e41191b nixpkgs: nginxUnstable 1.9.2 -> 1.9.3 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2015-07-20 13:52:33 -05:00
Rickard Nilsson
7e021a0fd6 nginx package: Allow adding arbitrary modules 2015-07-12 00:49:18 +02:00
Rickard Nilsson
ef5dafd66d lua-nginx-module: Update from v0.9.16rc1 to v0.9.16 2015-07-12 00:49:18 +02:00
Michael Raskin
7c5129706f nginx unstable: update 1.9.1 -> 1.9.2 2015-07-05 00:32:53 +03:00
Michael Raskin
ed145cb07f Update Nginx unstable 2015-06-14 11:22:23 +03:00
Rickard Nilsson
a92271f195 lua-nginx-module: Update from 0.9.15 to 0.9.16rc1 
This fixes the build that has been broken since nginx was bumped to 1.8.0
 2015-05-26 08:05:26 +02:00
John Wiegley
5ac9e87b1b nginx: Fix build for Darwin (no AIO there) 2015-05-21 12:42:06 -05:00
Michael Raskin
f6e852554c Update Nginx 2015-05-10 13:36:43 +03:00
William A. Kennington III
6e2dde7b78 nginx: 1.6.3 -> 1.8.0 2015-04-22 15:28:10 -07:00
Rickard Nilsson
c61dff28ae nginx: Add fluentd module 2015-04-15 13:12:32 +02:00
William A. Kennington III
9ca0d6ecf8 nginx: 1.6.2 -> 1.6.3 2015-04-08 13:17:42 -07:00
Austin Seipp
6a41d14686 nixpkgs: nginxUnstable 1.7.10 -> 1.7.11 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2015-04-02 16:27:51 -05:00
Michael Raskin
09e74005b0 update nginx unstable 2015-03-09 01:03:01 +03:00
Rickard Nilsson
c7c917dfff nginx: Add set-misc-nginx-module 2015-01-21 12:38:34 +01:00
Jaka Hudoklin
a6fd4673b0 Merge pull request #5555 from offlinehacker/pkgs/nginx/syslog_fix_rev 
nginx: syslog extension, fix git revision
 2015-01-05 13:25:00 +01:00
Jaka Hudoklin
9e766dcc6b nginx: syslog extension, fix git revision 2015-01-03 20:08:33 +01:00
Michael Raskin
b51dec7b77 Nginx unstable: 1.7.8 -> 1.7.9 2014-12-31 20:53:58 +03:00
Michael Raskin
90b05b8d0e Nginx-unstable: 1.7.7 → 1.7.8 2014-12-21 11:14:25 +03:00
Vladimír Čunát
52404a868d Merge recent master into staging 
Nixpkgs Hydra: ?compare=1157272

TODO: port e22889064f

Conflicts:
	nixos/tests/gnome3_10.nix (auto-solved)
	pkgs/applications/video/aegisub/default.nix
	pkgs/development/libraries/boost/1.55.nix
 2014-11-05 15:00:44 +01:00
Michael Raskin
b7f7341169 Add Nginx 1.7.7; RTMP module fails for some reason 2014-11-04 00:54:15 +03:00
Eelco Dolstra
811de3bfaa Merge remote-tracking branch 'origin/staging' into darwin-clang-stdenv 
Conflicts:
	pkgs/tools/security/gnupg/default.nix
 2014-10-09 10:57:57 +02:00
William A. Kennington III
0001e4819e nginx: 1.6.1 -> 1.6.2 
Additionally, update all extensions and convert them to fetchFromGitHub
 2014-09-19 16:42:04 -07:00
Joel Taylor
3e8344d334 suitable clang stdenv 2014-09-09 13:54:24 -07:00
Patrick Mahoney
2559ea7138 nginx: add lua module 2014-08-30 12:08:58 -05:00
Austin Seipp
ec42370aee nginx: 1.6.0 -> 1.6.1 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-08-17 06:35:40 -05:00
Mathijs Kwik
76c2c0c499 nginx: add echo module, fix aio on linux&freebsd 2014-06-16 22:43:58 +02:00
Austin Seipp
008dc39ca3 Merge pull request #2518 from jwiegley/nginx 
Add -Wno-error=deprecated-declarations for nginx, required to build on Darwin
 2014-05-17 14:48:27 -05:00
Jaka Hudoklin
eabfc509ef nginx: fix syslog module 2014-05-07 23:54:57 +02:00
John Wiegley
622aa834b7 Add -Wno-error=deprecated-declarations for nginx, required to build on Darwin 2014-05-05 02:18:47 -05:00
Austin Seipp
b10f4af8f9 nginx: upgrade to 1.6.0, expose many more modules 
By default, we now build all the optional nginx modules, including the
out-of-band ones like moreheaders and rtmp support.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-05-02 01:24:38 -05:00
Austin Seipp
e67cc9ba07 nginx: build http_stub_status module 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-05-02 00:42:40 -05:00
Evgeny Egorochkin
431ff0f769 nginx: update from 1.4.6 to 1.4.7 2014-03-26 19:15:04 +02:00
Evgeny Egorochkin
20a2b1af93 nginx: update from 1.4.5 to 1.4.6 2014-03-05 05:10:32 +02:00
Domen Kožar
aa6ddfb119 nginx: 1.4.4 -> 1.4.5 2014-02-12 19:13:36 +01:00
Domen Kožar
b239c3f3ee Merge pull request #1370 from offlinehacker/pkgs/nginx/module_moreheaders 
nginx: add headers more nginx module
 2013-12-13 02:45:45 -08:00
Jaka Hudoklin
1b019fe39f nginx: enable ipv6 and spdy 2013-12-13 09:42:06 +01:00
Jaka Hudoklin
698860bf7c nginx: add headers more nginx module 2013-12-13 09:38:34 +01:00
Michael Raskin
2f53f6c82d Fixing automatic update of Nginx 2013-11-25 10:59:39 +04:00