diff options
| author | Michael Weiss <dev.primeos@gmail.com> | 2018-09-08 13:32:53 +0200 |
|---|---|---|
| committer | Michael Weiss <dev.primeos@gmail.com> | 2018-09-08 13:44:11 +0200 |
| commit | 6764d41ecc7ef10745abc02d09e4211e12345fd9 (patch) | |
| tree | 74799672b19f8bf5db0dc25d90eda28474ff2816 /nixos/modules/services/security | |
| parent | a0d7b889110893c2a27178dd5d7ef327dd834d74 (diff) | |
| download | nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar.gz nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar.bz2 nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar.lz nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar.xz nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.tar.zst nixpkgs-6764d41ecc7ef10745abc02d09e4211e12345fd9.zip | |
nixos/sks: Update the descriptions and add meta.maintainers
TODO: Merge this module with https://github.com/NixOS/nixpkgs/pull/24516
Diffstat (limited to 'nixos/modules/services/security')
| -rw-r--r-- | nixos/modules/services/security/sks.nix | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/nixos/modules/services/security/sks.nix b/nixos/modules/services/security/sks.nix index acc2a128b15..5e4b1a71fdd 100644 --- a/nixos/modules/services/security/sks.nix +++ b/nixos/modules/services/security/sks.nix @@ -3,28 +3,26 @@ with lib; let - cfg = config.services.sks; - sksPkg = cfg.package; -in - -{ +in { + meta.maintainers = with maintainers; [ primeos calbrecht jcumming ]; options = { services.sks = { - enable = mkEnableOption "sks"; + enable = mkEnableOption '' + SKS (synchronizing key server for OpenPGP) and start the database + server. You need to create "''${dataDir}/dump/*.gpg" for the initial + import''; package = mkOption { default = pkgs.sks; defaultText = "pkgs.sks"; type = types.package; - description = " - Which sks derivation to use. - "; + description = "Which SKS derivation to use."; }; dataDir = mkOption { @@ -44,17 +42,16 @@ in hkpAddress = mkOption { default = [ "127.0.0.1" "::1" ]; type = types.listOf types.str; - description = " - Wich ip addresses the sks-keyserver is listening on. - "; + description = '' + Domain names, IPv4 and/or IPv6 addresses to listen on for HKP + requests. + ''; }; hkpPort = mkOption { default = 11371; - type = types.int; - description = " - Which port the sks-keyserver is listening on. - "; + type = types.ints.u16; + description = "HKP port to listen on."; }; }; }; @@ -76,19 +73,21 @@ in home = config.users.users.sks.home; user = config.users.users.sks.name; in { - sks-keyserver = { + "sks-db" = { + description = "SKS database server"; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' mkdir -p ${home}/dump - ${pkgs.sks}/bin/sks build ${home}/dump/*.gpg -n 10 -cache 100 || true #*/ - ${pkgs.sks}/bin/sks cleandb || true - ${pkgs.sks}/bin/sks pbuild -cache 20 -ptree_cache 70 || true + ${sksPkg}/bin/sks build ${home}/dump/*.gpg -n 10 -cache 100 || true #*/ + ${sksPkg}/bin/sks cleandb || true + ${sksPkg}/bin/sks pbuild -cache 20 -ptree_cache 70 || true ''; serviceConfig = { WorkingDirectory = home; User = user; Restart = "always"; - ExecStart = "${pkgs.sks}/bin/sks db -hkp_address ${hkpAddress} -hkp_port ${hkpPort}"; + ExecStart = "${sksPkg}/bin/sks db -hkp_address ${hkpAddress} -hkp_port ${hkpPort}"; }; }; }; |