Skip to content

Commit 2ad694f

Browse files
Ma27Ma27
committed
nixos/nginx: remove custom HTTP_ header from recommendedUwsgiSettings
`uwsgi_pass` uses the uwsgi protocol instead of the HTTP protocol (that's what `proxy_pass` is for). Also, the source IP is already derived from the REMOTE_ADDR param that's specified by the uwsgi defaults from nginx, similarily to how it's done for fcgi. Hence, removing that since it seems not necessary (and perhaps even wrong).
1 parent d1a28bb commit 2ad694f

File tree

1 file changed

+1
-10
lines changed

1 file changed

+1
-10
lines changed

nixos/modules/services/web-servers/nginx/default.nix

Lines changed: 1 addition & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -102,14 +102,6 @@ let
102102
proxy_set_header X-Forwarded-Host $host;
103103
proxy_set_header X-Forwarded-Server $host;
104104
'';
105-
recommendedUwsgiConfig = pkgs.writeText "nginx-recommended-uwsgi_param-headers.conf" ''
106-
uwsgi_param HTTP_HOST $host;
107-
uwsgi_param HTTP_X_REAL_IP $remote_addr;
108-
uwsgi_param HTTP_X_FORWARDED_FOR $proxy_add_x_forwarded_for;
109-
uwsgi_param HTTP_X_FORWARDED_PROTO $scheme;
110-
uwsgi_param HTTP_X_FORWARDED_HOST $host;
111-
uwsgi_param HTTP_X_FORWARDED_SERVER $host;
112-
'';
113105

114106
proxyCachePathConfig = concatStringsSep "\n" (mapAttrsToList (name: proxyCachePath: ''
115107
proxy_cache_path ${concatStringsSep " " [
@@ -252,7 +244,6 @@ let
252244
uwsgi_read_timeout ${cfg.uwsgiTimeout};
253245
uwsgi_param HTTP_CONNECTION "";
254246
include ${cfg.package}/conf/uwsgi_params;
255-
include ${recommendedUwsgiConfig};
256247
''}
257248
258249
${optionalString (cfg.mapHashBucketSize != null) ''
@@ -477,7 +468,7 @@ let
477468
${optionalString (config.return != null) "return ${toString config.return};"}
478469
${config.extraConfig}
479470
${optionalString (config.proxyPass != null && config.recommendedProxySettings) "include ${recommendedProxyConfig};"}
480-
${optionalString (config.uwsgiPass != null && config.recommendedUwsgiSettings) "include ${cfg.package}/conf/uwsgi_params; include ${recommendedUwsgiConfig};"}
471+
${optionalString (config.uwsgiPass != null && config.recommendedUwsgiSettings) "include ${cfg.package}/conf/uwsgi_params;"}
481472
${mkBasicAuth "sublocation" config}
482473
}
483474
'') (sortProperties (mapAttrsToList (k: v: v // { location = k; }) locations)));

0 commit comments

Comments
 (0)