diff options
author | Dustin Frisch <fooker@lab.sh> | 2019-12-16 23:06:27 +0100 |
---|---|---|
committer | Dustin Frisch <fooker@lab.sh> | 2019-12-17 12:44:24 +0100 |
commit | f886a14dbdba8b134c2d6f067faffbcaeebd645b (patch) | |
tree | 7a88e38c8c76edabf44852b2c4f26243c3bedde8 /nixos/modules/services/networking/kresd.nix | |
parent | b443abf91494fa416ac1af7c8a751a44349d6253 (diff) | |
download | nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar.gz nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar.bz2 nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar.lz nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar.xz nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.tar.zst nixpkgs-f886a14dbdba8b134c2d6f067faffbcaeebd645b.zip |
kresd: Unified listen declarations
Deperecates the interfaces option which was used to generate a host:port list whereas the port was always hardcoded to 53. This unifies the listen configuration for plain and TLS sockets and allows to specify a port without an address for wildcard binds.
Diffstat (limited to 'nixos/modules/services/networking/kresd.nix')
-rw-r--r-- | nixos/modules/services/networking/kresd.nix | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/nixos/modules/services/networking/kresd.nix b/nixos/modules/services/networking/kresd.nix index fc516c01230..574074944d5 100644 --- a/nixos/modules/services/networking/kresd.nix +++ b/nixos/modules/services/networking/kresd.nix @@ -13,6 +13,17 @@ in { meta.maintainers = [ maintainers.vcunat /* upstream developer */ ]; + imports = [ + (mkChangedOptionModule [ "services" "kresd" "interfaces" ] [ "services" "kresd" "listenPlain" ] + (config: + let value = getAttrFromPath [ "services" "kresd" "interfaces" ] config; + in map + (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") # Syntax depends on being IPv6 or IPv4. + value + ) + ) + ]; + ###### interface options.services.kresd = { enable = mkOption { @@ -39,11 +50,12 @@ in Directory for caches. They are intended to survive reboots. ''; }; - interfaces = mkOption { + listenPlain = mkOption { type = with types; listOf str; - default = [ "::1" "127.0.0.1" ]; + default = [ "[::1]:53" "127.0.0.1:53" ]; description = '' - What addresses the server should listen on. (UDP+TCP 53) + What addresses and ports the server should listen on. + For detailed syntax see ListenStream in man systemd.socket. ''; }; listenTLS = mkOption { @@ -51,7 +63,7 @@ in default = []; example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ]; description = '' - Addresses on which kresd should provide DNS over TLS (see RFC 7858). + Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858). For detailed syntax see ListenStream in man systemd.socket. ''; }; @@ -76,10 +88,7 @@ in systemd.sockets.kresd = rec { wantedBy = [ "sockets.target" ]; before = wantedBy; - listenStreams = map - # Syntax depends on being IPv6 or IPv4. - (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") - cfg.interfaces; + listenStreams = cfg.listenPlain; socketConfig = { ListenDatagram = listenStreams; FreeBind = true; |