diff options
author | gardspirito <guardspirit@protonmail.com> | 2022-06-30 16:20:59 +0300 |
---|---|---|
committer | Jonathan Ringer <jonringer@users.noreply.github.com> | 2022-08-12 15:45:48 -0700 |
commit | aa6a8bd8dd878f2571559981bbe80ecf60e54497 (patch) | |
tree | 9c45cb50105905517133b30269590bfe24dc78b8 /nixos/modules/services/databases/neo4j.nix | |
parent | 8d6f4552cd5c6089475f8696c821f39fe3b2cda1 (diff) | |
download | nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar.gz nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar.bz2 nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar.lz nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar.xz nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.tar.zst nixpkgs-aa6a8bd8dd878f2571559981bbe80ecf60e54497.zip |
nixos/neo4j: HTTP connector toggling
Diffstat (limited to 'nixos/modules/services/databases/neo4j.nix')
-rw-r--r-- | nixos/modules/services/databases/neo4j.nix | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/nixos/modules/services/databases/neo4j.nix b/nixos/modules/services/databases/neo4j.nix index 2231d1a6f9d..833e6606d98 100644 --- a/nixos/modules/services/databases/neo4j.nix +++ b/nixos/modules/services/databases/neo4j.nix @@ -61,13 +61,6 @@ let dbms.connector.http.listen_address=${cfg.http.listenAddress} dbms.connector.http.advertised_address=${cfg.http.listenAddress} ''} - ${optionalString (!cfg.http.enable) '' - # It is not possible to disable the HTTP connector. To fully prevent - # clients from connecting to HTTP, block the HTTP port (7474 by default) - # via firewall. listen_address is set to the loopback interface to - # prevent remote clients from connecting. - dbms.connector.http.listen_address=127.0.0.1 - ''} # HTTPS Connector dbms.connector.https.enabled=${boolToString cfg.https.enable} @@ -340,13 +333,10 @@ in { enable = mkOption { type = types.bool; default = true; - description = lib.mdDoc '' - The HTTP connector is required for Neo4j, and cannot be disabled. - Setting this option to `false` will force the HTTP - connector's {option}`listenAddress` to the loopback - interface to prevent connection of remote clients. To prevent all - clients from connecting, block the HTTP port (7474 by default) by - firewall. + description = '' + Enable the HTTP connector for Neo4j. Setting this option to + <literal>false</literal> will stop Neo4j from listening for incoming + connections on the HTTPS port (7474 by default). ''; }; |