Merge #75803: kresd service: unify listen declarations

This commit is contained in:
Vladimír Čunát 2019-12-27 15:55:38 +01:00
commit c3d4998e41
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
2 changed files with 25 additions and 8 deletions

View File

@ -264,6 +264,14 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
in container config.
</para>
</listitem>
<listitem>
<para>
The <literal>kresd</literal> services deprecates the <literal>interfaces</literal> option
in favor of the <literal>listenPlain</literal> option which requires full
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=">systemd.socket compatible</link>
declaration which always include a port.
</para>
</listitem>
<listitem>
<para>
Virtual console options have been reorganized and can be found under

View File

@ -13,6 +13,17 @@ in
{
meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];
imports = [
(mkChangedOptionModule [ "services" "kresd" "interfaces" ] [ "services" "kresd" "listenPlain" ]
(config:
let value = getAttrFromPath [ "services" "kresd" "interfaces" ] config;
in map
(iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") # Syntax depends on being IPv6 or IPv4.
value
)
)
];
###### interface
options.services.kresd = {
enable = mkOption {
@ -39,11 +50,12 @@ in
Directory for caches. They are intended to survive reboots.
'';
};
interfaces = mkOption {
listenPlain = mkOption {
type = with types; listOf str;
default = [ "::1" "127.0.0.1" ];
default = [ "[::1]:53" "127.0.0.1:53" ];
description = ''
What addresses the server should listen on. (UDP+TCP 53)
What addresses and ports the server should listen on.
For detailed syntax see ListenStream in man systemd.socket.
'';
};
listenTLS = mkOption {
@ -51,7 +63,7 @@ in
default = [];
example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ];
description = ''
Addresses on which kresd should provide DNS over TLS (see RFC 7858).
Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858).
For detailed syntax see ListenStream in man systemd.socket.
'';
};
@ -76,10 +88,7 @@ in
systemd.sockets.kresd = rec {
wantedBy = [ "sockets.target" ];
before = wantedBy;
listenStreams = map
# Syntax depends on being IPv6 or IPv4.
(iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53")
cfg.interfaces;
listenStreams = cfg.listenPlain;
socketConfig = {
ListenDatagram = listenStreams;
FreeBind = true;