From bc4e9a890c5421e7a760da15ec474098735985ff Mon Sep 17 00:00:00 2001 From: ajs124 Date: Wed, 9 Nov 2022 02:35:39 +0100 Subject: nixos/redis: store config in state directory this is needed because certain redis features, like sentinel, require the config file to be persistent --- .../from_md/release-notes/rl-2211.section.xml | 7 ++++++ nixos/doc/manual/release-notes/rl-2211.section.md | 2 ++ nixos/modules/services/databases/redis.nix | 28 ++++++++++++++-------- 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 9c5db2f8a58..817e3bdd139 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -1189,6 +1189,13 @@ signald -d /var/lib/signald/db \ will be removed once the transition to CommonMark is complete. + + + The redis module now persists each instance’s configuration + file in the state directory, in order to support some more + advanced use cases like sentinel. + + The udisks2 service, available at diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 6da61015728..92a2e45d8d1 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -362,6 +362,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete. +- The redis module now persists each instance's configuration file in the state directory, in order to support some more advanced use cases like sentinel. + - The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed. This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it. diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 1bcd0f0b20c..1f143f9c66f 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -347,16 +347,24 @@ in { after = [ "network.target" ]; serviceConfig = { - ExecStart = "${cfg.package}/bin/redis-server /run/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; - ExecStartPre = [("+"+pkgs.writeShellScript "${redisName name}-credentials" ('' - install -o '${conf.user}' -m 600 ${redisConfig conf.settings} /run/${redisName name}/redis.conf - '' + optionalString (conf.requirePassFile != null) '' - { - printf requirePass' ' - cat ${escapeShellArg conf.requirePassFile} - } >>/run/${redisName name}/redis.conf - '') - )]; + ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; + ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let + redisConfVar = "/var/lib/${redisName name}/redis.conf"; + redisConfRun = "/run/${redisName name}/nixos.conf"; + redisConfStore = redisConfig conf.settings; + in '' + touch "${redisConfVar}" "${redisConfRun}" + chown '${conf.user}' "${redisConfVar}" "${redisConfRun}" + chmod 0600 "${redisConfVar}" "${redisConfRun}" + if [ ! -s ${redisConfVar} ]; then + echo 'include "${redisConfRun}"' > "${redisConfVar}" + fi + echo 'include "${redisConfStore}"' > "${redisConfRun}" + ${optionalString (conf.requirePassFile != null) '' + {echo -n "requirepass " + cat ${escapeShellArg conf.requirePassFile}} >> "${redisConfRun}" + ''} + ''); Type = "notify"; # User and group User = conf.user; -- cgit 1.4.1