mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-24 07:53:19 +00:00
kresd: Unified listen declarations
Deperecates the interfaces option which was used to generate a host:port list whereas the port was always hardcoded to 53. This unifies the listen configuration for plain and TLS sockets and allows to specify a port without an address for wildcard binds.
This commit is contained in:
parent
b443abf914
commit
f886a14dbd
@ -251,6 +251,14 @@
|
||||
in container config.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>kresd</literal> services deprecates the <literal>interfaces</literal> option
|
||||
in favor of the <literal>listenPlain</literal> option which requires full
|
||||
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=">systemd.socket compatible</link>
|
||||
declaration which always include a port.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -13,6 +13,17 @@ in
|
||||
{
|
||||
meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];
|
||||
|
||||
imports = [
|
||||
(mkChangedOptionModule [ "services" "kresd" "interfaces" ] [ "services" "kresd" "listenPlain" ]
|
||||
(config:
|
||||
let value = getAttrFromPath [ "services" "kresd" "interfaces" ] config;
|
||||
in map
|
||||
(iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") # Syntax depends on being IPv6 or IPv4.
|
||||
value
|
||||
)
|
||||
)
|
||||
];
|
||||
|
||||
###### interface
|
||||
options.services.kresd = {
|
||||
enable = mkOption {
|
||||
@ -39,11 +50,12 @@ in
|
||||
Directory for caches. They are intended to survive reboots.
|
||||
'';
|
||||
};
|
||||
interfaces = mkOption {
|
||||
listenPlain = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [ "::1" "127.0.0.1" ];
|
||||
default = [ "[::1]:53" "127.0.0.1:53" ];
|
||||
description = ''
|
||||
What addresses the server should listen on. (UDP+TCP 53)
|
||||
What addresses and ports the server should listen on.
|
||||
For detailed syntax see ListenStream in man systemd.socket.
|
||||
'';
|
||||
};
|
||||
listenTLS = mkOption {
|
||||
@ -51,7 +63,7 @@ in
|
||||
default = [];
|
||||
example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ];
|
||||
description = ''
|
||||
Addresses on which kresd should provide DNS over TLS (see RFC 7858).
|
||||
Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858).
|
||||
For detailed syntax see ListenStream in man systemd.socket.
|
||||
'';
|
||||
};
|
||||
@ -76,10 +88,7 @@ in
|
||||
systemd.sockets.kresd = rec {
|
||||
wantedBy = [ "sockets.target" ];
|
||||
before = wantedBy;
|
||||
listenStreams = map
|
||||
# Syntax depends on being IPv6 or IPv4.
|
||||
(iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53")
|
||||
cfg.interfaces;
|
||||
listenStreams = cfg.listenPlain;
|
||||
socketConfig = {
|
||||
ListenDatagram = listenStreams;
|
||||
FreeBind = true;
|
||||
|
Loading…
Reference in New Issue
Block a user