From 56e32d11efc51fb6f132d402fc6c262489bb6224 Mon Sep 17 00:00:00 2001
From: Emily <vcs@emily.moe>
Date: Thu, 16 Jan 2020 05:21:09 +0000
Subject: [PATCH 1/2] nginxModules.brotli: v0.1.2 -> unstable

The fork was merged back upstream but has yet to see a formal release.
---
 pkgs/servers/http/nginx/modules.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkgs/servers/http/nginx/modules.nix b/pkgs/servers/http/nginx/modules.nix
index 78ad5c5582d811..b5282d862af6ac 100644
--- a/pkgs/servers/http/nginx/modules.nix
+++ b/pkgs/servers/http/nginx/modules.nix
@@ -20,14 +20,14 @@ in
 {
   brotli = {
     src = let gitsrc = pkgs.fetchFromGitHub {
-      owner = "eustas";
+      owner = "google";
       repo = "ngx_brotli";
-      rev = "v0.1.2";
-      sha256 = "19r9igxm4hrzrhxajlxw2ccq0057h8ipkfiif725x0xqbxjskl6c";
+      rev = "e505dce68acc190cc5a1e780a3b0275e39f160ca";
+      sha256 = "00j48lffki62y1nmjyy81iklw5nlyzvrjy3z04qch4fp3p57hwla";
     }; in pkgs.runCommandNoCC "ngx_brotli-src" {} ''
       cp -a ${gitsrc} $out
-      substituteInPlace $out/config \
-        --replace /usr/local ${lib.getDev pkgs.brotli}
+      substituteInPlace $out/filter/config \
+        --replace '$ngx_addon_dir/deps/brotli/c' ${lib.getDev pkgs.brotli}
     '';
     inputs = [ pkgs.brotli ];
   };

From a989fe2acbc36a7f448896d06b6d0bebc64b6b7c Mon Sep 17 00:00:00 2001
From: Emily <vcs@emily.moe>
Date: Tue, 4 Feb 2020 22:06:02 +0000
Subject: [PATCH 2/2] openresty: rebase on top of nginx package

The primary motivation of this change was to allow third-party modules
to be used with OpenResty, but it also results in a significant
reduction of code duplication.
---
 pkgs/servers/http/nginx/generic.nix     | 74 +++++++++++++++----------
 pkgs/servers/http/nginx/mainline.nix    |  4 +-
 pkgs/servers/http/nginx/stable.nix      |  4 +-
 pkgs/servers/http/openresty/default.nix | 61 ++++++++------------
 4 files changed, 72 insertions(+), 71 deletions(-)

diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix
index 990d7c5cf13480..31a501332fff27 100644
--- a/pkgs/servers/http/nginx/generic.nix
+++ b/pkgs/servers/http/nginx/generic.nix
@@ -5,7 +5,20 @@
 , withStream ? true
 , withMail ? false
 , modules ? []
-, version, sha256, ...
+, ...
+}:
+
+{ pname ? "nginx"
+, version
+, nginxVersion ? version
+, src ? null # defaults to upstream nginx ${version}
+, sha256 ? null # when not specifying src
+, configureFlags ? []
+, buildInputs ? []
+, fixPatch ? p: p
+, preConfigure ? ""
+, postInstall ? null
+, meta ? null
 }:
 
 with stdenv.lib;
@@ -16,21 +29,23 @@ let
     (mod:
       let supports = mod.supports or (_: true);
       in
-        if supports version then mod.${attrPath} or []
-        else throw "Module at ${toString mod.src} does not support nginx version ${version}!");
+        if supports nginxVersion then mod.${attrPath} or []
+        else throw "Module at ${toString mod.src} does not support nginx version ${nginxVersion}!");
 
 in
 
 stdenv.mkDerivation {
-  pname = "nginx";
+  inherit pname;
   inherit version;
+  inherit nginxVersion;
 
-  src = fetchurl {
+  src = if src != null then src else fetchurl {
     url = "https://nginx.org/download/nginx-${version}.tar.gz";
     inherit sha256;
   };
 
   buildInputs = [ openssl zlib pcre libxml2 libxslt gd geoip perl ]
+    ++ buildInputs
     ++ mapModules "inputs";
 
   configureFlags = [
@@ -71,6 +86,7 @@ stdenv.mkDerivation {
   ]
     ++ optional (gd != null) "--with-http_image_filter_module"
     ++ optional (with stdenv.hostPlatform; isLinux || isFreeBSD) "--with-file-aio"
+    ++ configureFlags
     ++ map (mod: "--add-module=${mod.src}") modules;
 
   NIX_CFLAGS_COMPILE = toString ([
@@ -80,33 +96,35 @@ stdenv.mkDerivation {
 
   configurePlatforms = [];
 
-  preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules);
-
-  patches = stdenv.lib.singleton (substituteAll {
-    src = ./nix-etag-1.15.4.patch;
-    preInstall = ''
-      export nixStoreDir="$NIX_STORE" nixStoreDirLen="''${#NIX_STORE}"
-    '';
-  }) ++ stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
-    (fetchpatch {
-      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/102-sizeof_test_fix.patch";
-      sha256 = "0i2k30ac8d7inj9l6bl0684kjglam2f68z8lf3xggcc2i5wzhh8a";
-    })
-    (fetchpatch {
-      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/101-feature_test_fix.patch";
-      sha256 = "0v6890a85aqmw60pgj3mm7g8nkaphgq65dj4v9c6h58wdsrc6f0y";
-    })
-    (fetchpatch {
-      url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/103-sys_nerr.patch";
-      sha256 = "0s497x6mkz947aw29wdy073k8dyjq8j99lax1a1mzpikzr4rxlmd";
-    })
-  ] ++ mapModules "patches";
+  preConfigure = preConfigure
+    + concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules;
+
+  patches = map fixPatch
+    (singleton (substituteAll {
+      src = ./nix-etag-1.15.4.patch;
+      preInstall = ''
+        export nixStoreDir="$NIX_STORE" nixStoreDirLen="''${#NIX_STORE}"
+      '';
+    }) ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+      (fetchpatch {
+        url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/102-sizeof_test_fix.patch";
+        sha256 = "0i2k30ac8d7inj9l6bl0684kjglam2f68z8lf3xggcc2i5wzhh8a";
+      })
+      (fetchpatch {
+        url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/101-feature_test_fix.patch";
+        sha256 = "0v6890a85aqmw60pgj3mm7g8nkaphgq65dj4v9c6h58wdsrc6f0y";
+      })
+      (fetchpatch {
+        url = "https://raw.githubusercontent.com/openwrt/packages/master/net/nginx/patches/103-sys_nerr.patch";
+        sha256 = "0s497x6mkz947aw29wdy073k8dyjq8j99lax1a1mzpikzr4rxlmd";
+      })
+    ] ++ mapModules "patches");
 
   hardeningEnable = optional (!stdenv.isDarwin) "pie";
 
   enableParallelBuilding = true;
 
-  postInstall = ''
+  postInstall = if postInstall != null then postInstall else ''
     mv $out/sbin $out/bin
   '';
 
@@ -115,7 +133,7 @@ stdenv.mkDerivation {
     tests.nginx = nixosTests.nginx;
   };
 
-  meta = {
+  meta = if meta != null then meta else {
     description = "A reverse proxy and lightweight webserver";
     homepage    = http://nginx.org;
     license     = licenses.bsd2;
diff --git a/pkgs/servers/http/nginx/mainline.nix b/pkgs/servers/http/nginx/mainline.nix
index e300c5b7a95d61..8626dd4a762627 100644
--- a/pkgs/servers/http/nginx/mainline.nix
+++ b/pkgs/servers/http/nginx/mainline.nix
@@ -1,6 +1,6 @@
 { callPackage, ... }@args:
 
-callPackage ./generic.nix (args // {
+callPackage ./generic.nix args {
   version = "1.17.8";
   sha256 = "0nwn4md8sxhks2j77qq1nvk5pfz3yykfhh2b507b6l2idp7kxllp";
-})
+}
diff --git a/pkgs/servers/http/nginx/stable.nix b/pkgs/servers/http/nginx/stable.nix
index 31aeaa6f08436f..001ea60839a285 100644
--- a/pkgs/servers/http/nginx/stable.nix
+++ b/pkgs/servers/http/nginx/stable.nix
@@ -1,6 +1,6 @@
 { callPackage, ... } @ args:
 
-callPackage ./generic.nix (args // {
+callPackage ./generic.nix args {
   version = "1.16.1";
   sha256 = "0az3vf463b538ajvaq94hsz9ipmjgnamfj1jy0v5flfks5njl77i";
-})
+}
diff --git a/pkgs/servers/http/openresty/default.nix b/pkgs/servers/http/openresty/default.nix
index 328db9ec98614b..55e813a2ce72c1 100644
--- a/pkgs/servers/http/openresty/default.nix
+++ b/pkgs/servers/http/openresty/default.nix
@@ -1,52 +1,35 @@
-{ stdenv, fetchurl, openssl, zlib, pcre, postgresql, libxml2, libxslt,
-gd, geoip, perl }:
-
-with stdenv.lib;
-
-stdenv.mkDerivation rec {
+{ callPackage
+, runCommand
+, lib
+, fetchurl
+, postgresql
+, ...
+}@args:
+
+callPackage ../nginx/generic.nix args rec {
   pname = "openresty";
-  version = "1.15.8.2";
+  nginxVersion = "1.15.8";
+  version = "${nginxVersion}.2";
 
   src = fetchurl {
     url = "https://openresty.org/download/openresty-${version}.tar.gz";
     sha256 = "05jxrb8hv758nm38jil8n63q1nhrz3d249bsrwc7maa7sn24wss3";
   };
 
-  buildInputs = [ openssl zlib pcre libxml2 libxslt gd geoip postgresql ];
-  nativeBuildInputs = [ perl ];
+  fixPatch = patch:
+    runCommand "openresty-${patch.name}" { src = patch; } ''
+      substitute $src $out \
+        --replace "src/" "bundle/nginx-${nginxVersion}/src/"
+    '';
 
-  NIX_CFLAGS_COMPILE = "-I${libxml2.dev}/include/libxml2";
+  buildInputs = [ postgresql ];
+
+  configureFlags = [ "--with-http_postgres_module" ];
 
   preConfigure = ''
     patchShebangs .
   '';
 
-  configureFlags = [
-    "--with-pcre-jit"
-    "--with-http_ssl_module"
-    "--with-http_v2_module"
-    "--with-http_realip_module"
-    "--with-http_addition_module"
-    "--with-http_xslt_module"
-    "--with-http_image_filter_module"
-    "--with-http_geoip_module"
-    "--with-http_sub_module"
-    "--with-http_dav_module"
-    "--with-http_flv_module"
-    "--with-http_mp4_module"
-    "--with-http_gunzip_module"
-    "--with-http_gzip_static_module"
-    "--with-http_auth_request_module"
-    "--with-http_random_index_module"
-    "--with-http_secure_link_module"
-    "--with-http_degradation_module"
-    "--with-http_stub_status_module"
-    "--with-http_postgres_module"
-    "--with-ipv6"
-  ];
-
-  enableParallelBuilding = true;
-
   postInstall = ''
     ln -s $out/luajit/bin/luajit-2.1.0-beta3 $out/bin/luajit-openresty
     ln -s $out/nginx/sbin/nginx $out/bin/nginx
@@ -55,8 +38,8 @@ stdenv.mkDerivation rec {
   meta = {
     description = "A fast web application server built on Nginx";
     homepage    = http://openresty.org;
-    license     = licenses.bsd2;
-    platforms   = platforms.all;
-    maintainers = with maintainers; [ thoughtpolice lblasc ];
+    license     = lib.licenses.bsd2;
+    platforms   = lib.platforms.all;
+    maintainers = with lib.maintainers; [ thoughtpolice lblasc emily ];
   };
 }