New module for nginx

README.md

@@ -9,6 +9,13 @@ Module List
 
      Automatically enable various security related settings for NixOS.
 
+  * `phoebe.services.nginx`:
+
+     Extra configuration for nginx (if it's enabled elsewhere).  For
+     example, automatically use syslog so no log files need to be
+     rotated.  See the `phoebe.services.nginx.syslog` option for more
+     details.
+
   * `phoebe.services.postgresql`:
 
     Start and manage PostgreSQL, including automatic user and database

modules/services/web/default.nix

@@ -2,6 +2,7 @@
 
 {
   imports = [
+    ./nginx
     ./rails
   ];
 }

modules/services/web/nginx/default.nix

@@ -0,0 +1,36 @@
+# Extra configuration for nginx:
+{ config, lib, pkgs, ...}:
+
+# Bring in library functions:
+with lib;
+
+let
+  ##############################################################################
+  # Save some typing.
+  cfg = config.phoebe.services.nginx;
+
+in
+{
+  #### Interface
+  options.phoebe.services.nginx = {
+    syslog = mkOption {
+      type = types.bool;
+      default = true;
+      description = ''
+        Whether to send nginx logging to syslog/journald.
+
+        This option only applies if nginx is enabled.
+      '';
+    };
+  };
+
+  #### Implementation
+  config = mkMerge [
+    (mkIf (config.services.nginx.enable && cfg.syslog) {
+      services.nginx.commonHttpConfig = ''
+        access_log syslog:server=unix:/dev/log;
+        error_log syslog:server=unix:/dev/log;
+      '';
+    })
+  ];
+}