From aa6a8bd8dd878f2571559981bbe80ecf60e54497 Mon Sep 17 00:00:00 2001 From: gardspirito Date: Thu, 30 Jun 2022 16:20:59 +0300 Subject: nixos/neo4j: HTTP connector toggling --- nixos/modules/services/databases/neo4j.nix | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) (limited to 'nixos/modules/services/databases/neo4j.nix') diff --git a/nixos/modules/services/databases/neo4j.nix b/nixos/modules/services/databases/neo4j.nix index 2231d1a6f9d..833e6606d98 100644 --- a/nixos/modules/services/databases/neo4j.nix +++ b/nixos/modules/services/databases/neo4j.nix @@ -61,13 +61,6 @@ let dbms.connector.http.listen_address=${cfg.http.listenAddress} dbms.connector.http.advertised_address=${cfg.http.listenAddress} ''} - ${optionalString (!cfg.http.enable) '' - # It is not possible to disable the HTTP connector. To fully prevent - # clients from connecting to HTTP, block the HTTP port (7474 by default) - # via firewall. listen_address is set to the loopback interface to - # prevent remote clients from connecting. - dbms.connector.http.listen_address=127.0.0.1 - ''} # HTTPS Connector dbms.connector.https.enabled=${boolToString cfg.https.enable} @@ -340,13 +333,10 @@ in { enable = mkOption { type = types.bool; default = true; - description = lib.mdDoc '' - The HTTP connector is required for Neo4j, and cannot be disabled. - Setting this option to `false` will force the HTTP - connector's {option}`listenAddress` to the loopback - interface to prevent connection of remote clients. To prevent all - clients from connecting, block the HTTP port (7474 by default) by - firewall. + description = '' + Enable the HTTP connector for Neo4j. Setting this option to + false will stop Neo4j from listening for incoming + connections on the HTTPS port (7474 by default). ''; }; -- cgit 1.4.1