preisi/mailnix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

mailsystem: nginx: Replace incorrect usage of lib.mkIf with lib.optionalAttrs

Browse source 
Evaluation of lib.mkIf and lib.optionalAttrs is slightly different. In
this specific case, the usage of lib.mkIf resulted in the defined
virtualHost never actually being applied due to an earlier error in the
evaluation order.
This commit is contained in:
Thomas Preisner 2024-12-28 16:49:48 +01:00
parent f6b4f79bfd
commit d907cfdefe
1 changed files with 9 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

15
mailsystem/nginx.nix
View file

@ -11,12 +11,15 @@ in {
lib.mkIf cfg.enable {
services.nginx = {
enable = true;
virtualHosts."${cfg.fqdn}" = {
forceSSL = true;
enableACME = cfg.certificateScheme == "acme";
sslCertificate = lib.mkIf (cfg.certificateScheme == "selfsigned") sslCertPath;
sslCertificateKey = lib.mkIf (cfg.certificateScheme == "selfsigned") sslKeyPath;
};
virtualHosts."${cfg.fqdn}" =
{
forceSSL = true;
enableACME = cfg.certificateScheme == "acme";
}
// lib.optionalAttrs (cfg.certificateScheme == "selfsigned") {
sslCertificate = sslCertPath;
sslCertificateKey = sslKeyPath;
};
};
networking.firewall.allowedTCPPorts = lib.optionals cfg.openFirewall [80 443];