diff options
author | Elis Hirwing <elis@hirwing.se> | 2019-01-28 14:43:17 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-28 14:43:17 +0100 |
commit | 3d6ed83d5bb023f6cdfdd095e63c10432841cf54 (patch) | |
tree | 19095313882c73ab053345c27a0ac8289a65694c /nixos | |
parent | 4f832c5ad8ef3bae9ccaa8bfa7af516b159f9cb5 (diff) | |
parent | ab5dcc7068bfaca3a7a2eaa8ad824a86c2595681 (diff) | |
download | nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar.gz nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar.bz2 nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar.lz nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar.xz nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.tar.zst nixpkgs-3d6ed83d5bb023f6cdfdd095e63c10432841cf54.zip |
Merge pull request #54726 from etu/nixos-sks-db-config
nixos/sks: Add option to configure database settings
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/security/sks.nix | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/nixos/modules/services/security/sks.nix b/nixos/modules/services/security/sks.nix index 9f0261038d5..8136a5c763a 100644 --- a/nixos/modules/services/security/sks.nix +++ b/nixos/modules/services/security/sks.nix @@ -5,6 +5,9 @@ with lib; let cfg = config.services.sks; sksPkg = cfg.package; + dbConfig = pkgs.writeText "DB_CONFIG" '' + ${cfg.extraDbConfig} + ''; in { meta.maintainers = with maintainers; [ primeos calbrecht jcumming ]; @@ -39,6 +42,20 @@ in { ''; }; + extraDbConfig = mkOption { + type = types.str; + default = ""; + description = '' + Set contents of the files "KDB/DB_CONFIG" and "PTree/DB_CONFIG" within + the ''${dataDir} directory. This is used to configure options for the + database for the sks key server. + + Documentation of available options are available in the file named + "sampleConfig/DB_CONFIG" in the following repository: + https://bitbucket.org/skskeyserver/sks-keyserver/src + ''; + }; + hkpAddress = mkOption { default = [ "127.0.0.1" "::1" ]; type = types.listOf types.str; @@ -99,6 +116,17 @@ in { ${lib.optionalString (cfg.webroot != null) "ln -sfT \"${cfg.webroot}\" web"} mkdir -p dump + # Check that both database configs are symlinks before overwriting them + if [ -e KDB/DB_CONFIG ] && [ ! -L KBD/DB_CONFIG ]; then + echo "KDB/DB_CONFIG exists but is not a symlink." >&2 + exit 1 + fi + if [ -e PTree/DB_CONFIG ] && [ ! -L PTree/DB_CONFIG ]; then + echo "PTree/DB_CONFIG exists but is not a symlink." >&2 + exit 1 + fi + ln -sf ${dbConfig} KDB/DB_CONFIG + ln -sf ${dbConfig} PTree/DB_CONFIG ${sksPkg}/bin/sks build dump/*.gpg -n 10 -cache 100 || true #*/ ${sksPkg}/bin/sks cleandb || true ${sksPkg}/bin/sks pbuild -cache 20 -ptree_cache 70 || true |