JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nixos/dnsdist: use upstream systemd unit

Browse Source
This commit is contained in:
Aaron Andersen 2020-10-08 19:17:19 -04:00
parent 4d15ce5d15
commit f4ff303c3b
1 changed files with 8 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
nixos/modules/services/networking/dnsdist.nix
View File

@ -7,7 +7,7 @@ let
configFile = pkgs.writeText "dndist.conf" ''
setLocal('${cfg.listenAddress}:${toString cfg.listenPort}')
${cfg.extraConfig}
'';
'';
in {
options = {
services.dnsdist = {
@ -35,25 +35,18 @@ in {
};
};
config = mkIf config.services.dnsdist.enable {
config = mkIf cfg.enable {
systemd.packages = [ pkgs.dnsdist ];
systemd.services.dnsdist = {
description = "dnsdist load balancer";
wantedBy = [ "multi-user.target" ];
after = ["network.target"];
serviceConfig = {
Restart="on-failure";
RestartSec="1";
DynamicUser = true;
StartLimitInterval="0";
PrivateDevices=true;
AmbientCapabilities="CAP_NET_BIND_SERVICE";
CapabilityBoundingSet="CAP_NET_BIND_SERVICE";
ExecStart = "${pkgs.dnsdist}/bin/dnsdist --supervised --disable-syslog --config ${configFile}";
ProtectHome=true;
RestrictAddressFamilies="AF_UNIX AF_INET AF_INET6";
LimitNOFILE="16384";
TasksMax="8192";
# upstream overrides for better nixos compatibility
ExecStartPre = [ "" "${pkgs.dnsdist}/bin/dnsdist --check-config --config ${configFile}" ];
ExecStart = [ "" "${pkgs.dnsdist}/bin/dnsdist --supervised --disable-syslog --config ${configFile}" ];
};
};
};