Merge pull request #162214 from ncfavier/redis-bind-localhost

author: Sandro <sandro.jaeckel@gmail.com> 2022-03-08 12:38:39 +0100
committer: GitHub <noreply@github.com> 2022-03-08 12:38:39 +0100
commit: 0ffade9012d2fd2574208cabdb7dc4030f30f33c (patch)
tree: 0ebb4f2a014261ae16253e67d09754e2a6a4a4d3 /nixos/modules
parent: 773ecf8ac8842e546b844c5aac4ad6b408cafa38 (diff)
parent: 6e4f5f9aeed9403a5f7a35d65f2dc816e34e754d (diff)
download: nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.gz
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.bz2
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.lz
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.xz
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.zst
nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.zip
1 files changed, 8 insertions, 5 deletions
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix
index e0269a962fd..a1bd73c9e37 100644
--- a/nixos/modules/services/databases/redis.nix
+++ b/nixos/modules/services/databases/redis.nix
@@ -81,7 +81,9 @@ in {
             user = mkOption {
               type = types.str;
               default = redisName name;
-              defaultText = "\"redis\" or \"redis-\${name}\" if name != \"\"";
+              defaultText = literalExpression ''
+                if name == "" then "redis" else "redis-''${name}"
+              '';
               description = "The username and groupname for redis-server.";
             };
 
@@ -105,8 +107,7 @@ in {
 
             bind = mkOption {
               type = with types; nullOr str;
-              default = if name == "" then "127.0.0.1" else null;
-              defaultText = literalExpression ''if name == "" then "127.0.0.1" else null'';
+              default = "127.0.0.1";
               description = ''
                 The IP interface to bind to.
                 <literal>null</literal> means "all interfaces".
@@ -117,7 +118,9 @@ in {
             unixSocket = mkOption {
               type = with types; nullOr path;
               default = "/run/${redisName name}/redis.sock";
-              defaultText = "\"/run/redis/redis.sock\" or \"/run/redis-\${name}/redis.sock\" if name != \"\"";
+              defaultText = literalExpression ''
+                if name == "" then "/run/redis/redis.sock" else "/run/redis-''${name}/redis.sock"
+              '';
               description = "The path to the socket to bind to.";
             };
 
@@ -370,7 +373,7 @@ in {
         ProtectKernelTunables = true;
         ProtectControlGroups = true;
         RestrictAddressFamilies =
-          optionals (conf.bind != null) ["AF_INET" "AF_INET6"] ++
+          optionals (conf.port != 0) ["AF_INET" "AF_INET6"] ++
           optional (conf.unixSocket != null) "AF_UNIX";
         RestrictNamespaces = true;
         LockPersonality = true;
author	Sandro <sandro.jaeckel@gmail.com>	2022-03-08 12:38:39 +0100
committer	GitHub <noreply@github.com>	2022-03-08 12:38:39 +0100
commit	0ffade9012d2fd2574208cabdb7dc4030f30f33c (patch)
tree	0ebb4f2a014261ae16253e67d09754e2a6a4a4d3 /nixos/modules
parent	773ecf8ac8842e546b844c5aac4ad6b408cafa38 (diff)
parent	6e4f5f9aeed9403a5f7a35d65f2dc816e34e754d (diff)
download	nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.gz nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.bz2 nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.lz nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.xz nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.tar.zst nixpkgs-0ffade9012d2fd2574208cabdb7dc4030f30f33c.zip