NixOS · fpletz · Sep 26, 2024 · Sep 10, 2024 · Sep 25, 2024 · SuperSandro2000
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
@@ -129,12 +129,9 @@ let
   ''));
 
   commonHttpConfig = ''
-      # Load mime types.
+      # Load mime types and configure maximum size of the types hash tables.
       include ${cfg.defaultMimeTypes};
-      # When recommendedOptimisation is disabled nginx fails to start because the mailmap mime.types database
-      # contains 1026 entries and the default is only 1024. Setting to a higher number to remove the need to
-      # overwrite it because nginx does not allow duplicated settings.
-      types_hash_max_size 4096;
+      types_hash_max_size ${toString cfg.typesHashMaxSize};
 
       include ${cfg.package}/conf/fastcgi.conf;
       include ${cfg.package}/conf/uwsgi_params;
@@ -896,6 +893,19 @@ in
           '';
       };
 
+      typesHashMaxSize = mkOption {
+        type = types.ints.positive;
+        default = if cfg.defaultMimeTypes == "${pkgs.mailcap}/etc/nginx/mime.types" then 2688 else 1024;
+        defaultText = literalExpression ''if cfg.defaultMimeTypes == "''${pkgs.mailcap}/etc/nginx/mime.types" then 2688 else 1024'';
+        description = ''
+          Sets the maximum size of the types hash tables (`types_hash_max_size`).
+          It is recommended that the minimum size possible size is used.
+          If {option}`recommendedOptimisation` is disabled, nginx would otherwise
+          fail to start since the mailmap `mime.types` database has more entries
+          than the nginx default value 1024.
+        '';
+      };
+
       proxyCachePath = mkOption {
         type = types.attrsOf (types.submodule ({ ... }: {
           options = {

diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
@@ -667,6 +667,7 @@ in {
   nginx-etag-compression = handleTest ./nginx-etag-compression.nix {};
   nginx-globalredirect = handleTest ./nginx-globalredirect.nix {};
   nginx-http3 = handleTest ./nginx-http3.nix {};
+  nginx-mime = handleTest ./nginx-mime.nix {};
   nginx-modsecurity = handleTest ./nginx-modsecurity.nix {};
   nginx-moreheaders = handleTest ./nginx-moreheaders.nix {};
   nginx-njs = handleTest ./nginx-njs.nix {};

diff --git a/nixos/tests/nginx-mime.nix b/nixos/tests/nginx-mime.nix
@@ -0,0 +1,26 @@
+import ./make-test-python.nix (
+  { lib, pkgs, ... }:
+  {
+    name = "nginx-mime";
+    meta.maintainers = with pkgs.lib.maintainers; [ izorkin ];
+
+    nodes = {
+      server =
+        { pkgs, ... }:
+        {
+          services.nginx = {
+            enable = true;
+            virtualHosts."localhost" = { };
+          };
+        };
+    };
+
+    testScript = ''
+      server.start()
+      server.wait_for_unit("nginx")
+      # Check optimal size of types_hash
+      server.fail("journalctl --unit nginx --grep 'could not build optimal types_hash'")
+      server.shutdown()
+    '';
+  }
+)
diff --git a/pkgs/data/misc/mailcap/default.nix b/pkgs/data/misc/mailcap/default.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchurl
+, nixosTests
 
 # updater
 , git
@@ -44,6 +45,8 @@ stdenv.mkDerivation rec {
     exec nix-update --version "$VERSION" "$@"
   '';
 
+  passthru.tests.nginx-mime = nixosTests.nginx-mime;
+
   meta = with lib; {
     description = "Helper application and MIME type associations for file types";
     homepage = "https://pagure.io/mailcap";