Merge pull request #100892 from aanderse/pdns-recursor
nixos/pdns-recursor: use upstream systemd unit
This commit is contained in:
commit
5265d49a36
@ -93,6 +93,12 @@
|
||||
<literal>kicad/default.nix</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The socket for the <literal>pdns-recursor</literal> module was moved from <literal>/var/lib/pdns-recursor</literal>
|
||||
to <literal>/run/pdns-recursor</literal> to match upstream.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -297,7 +297,7 @@ in
|
||||
headphones = 266;
|
||||
couchpotato = 267;
|
||||
gogs = 268;
|
||||
pdns-recursor = 269;
|
||||
#pdns-recursor = 269; # dynamically allocated as of 2020-20-18
|
||||
#kresd = 270; # switched to "knot-resolver" with dynamic ID
|
||||
rpc = 271;
|
||||
geoip = 272;
|
||||
|
@ -3,9 +3,6 @@
|
||||
with lib;
|
||||
|
||||
let
|
||||
dataDir = "/var/lib/pdns-recursor";
|
||||
username = "pdns-recursor";
|
||||
|
||||
cfg = config.services.pdns-recursor;
|
||||
|
||||
oneOrMore = type: with types; either type (listOf type);
|
||||
@ -21,7 +18,7 @@ let
|
||||
else if builtins.isList val then (concatMapStringsSep "," serialize val)
|
||||
else "";
|
||||
|
||||
configFile = pkgs.writeText "recursor.conf"
|
||||
configDir = pkgs.writeTextDir "recursor.conf"
|
||||
(concatStringsSep "\n"
|
||||
(flip mapAttrsToList cfg.settings
|
||||
(name: val: "${name}=${serialize val}")));
|
||||
@ -173,45 +170,30 @@ in {
|
||||
serve-rfc1918 = cfg.serveRFC1918;
|
||||
lua-config-file = pkgs.writeText "recursor.lua" cfg.luaConfig;
|
||||
|
||||
daemon = false;
|
||||
write-pid = false;
|
||||
log-timestamp = false;
|
||||
disable-syslog = true;
|
||||
};
|
||||
|
||||
users.users.${username} = {
|
||||
home = dataDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.pdns-recursor;
|
||||
systemd.packages = [ pkgs.pdns-recursor ];
|
||||
|
||||
systemd.services.pdns-recursor = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = [ "" "${pkgs.pdns-recursor}/bin/pdns_recursor --config-dir=${configDir}" ];
|
||||
};
|
||||
};
|
||||
|
||||
users.users.pdns-recursor = {
|
||||
isSystemUser = true;
|
||||
group = "pdns-recursor";
|
||||
description = "PowerDNS Recursor daemon user";
|
||||
};
|
||||
|
||||
systemd.services.pdns-recursor = {
|
||||
unitConfig.Documentation = "man:pdns_recursor(1) man:rec_control(1)";
|
||||
description = "PowerDNS recursive server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
users.groups.pdns-recursor = {};
|
||||
|
||||
serviceConfig = {
|
||||
User = username;
|
||||
Restart ="on-failure";
|
||||
RestartSec = "5";
|
||||
PrivateTmp = true;
|
||||
PrivateDevices = true;
|
||||
AmbientCapabilities = "cap_net_bind_service";
|
||||
ExecStart = ''${pkgs.pdns-recursor}/bin/pdns_recursor \
|
||||
--config-dir=${dataDir} \
|
||||
--socket-dir=${dataDir}
|
||||
'';
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
# Link configuration file into recursor home directory
|
||||
configPath=${dataDir}/recursor.conf
|
||||
if [ "$(realpath $configPath)" != "${configFile}" ]; then
|
||||
rm -f $configPath
|
||||
ln -s ${configFile} $configPath
|
||||
fi
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
imports = [
|
||||
|
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
configureFlags = [
|
||||
"--enable-reproducible"
|
||||
"--with-systemd"
|
||||
"--enable-systemd"
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
Loading…
Reference in New Issue
Block a user