diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 9c5db2f8a586..817e3bdd139b 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -1189,6 +1189,13 @@ signald -d /var/lib/signald/db \ will be removed once the transition to CommonMark is complete. + + + The redis module now persists each instance’s configuration + file in the state directory, in order to support some more + advanced use cases like sentinel. + + The udisks2 service, available at diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 6da610157282..92a2e45d8d1d 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -362,6 +362,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete. +- The redis module now persists each instance's configuration file in the state directory, in order to support some more advanced use cases like sentinel. + - The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed. This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it. diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 1bcd0f0b20c6..1f143f9c66f6 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -347,16 +347,24 @@ in { after = [ "network.target" ]; serviceConfig = { - ExecStart = "${cfg.package}/bin/redis-server /run/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; - ExecStartPre = [("+"+pkgs.writeShellScript "${redisName name}-credentials" ('' - install -o '${conf.user}' -m 600 ${redisConfig conf.settings} /run/${redisName name}/redis.conf - '' + optionalString (conf.requirePassFile != null) '' - { - printf requirePass' ' - cat ${escapeShellArg conf.requirePassFile} - } >>/run/${redisName name}/redis.conf - '') - )]; + ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; + ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let + redisConfVar = "/var/lib/${redisName name}/redis.conf"; + redisConfRun = "/run/${redisName name}/nixos.conf"; + redisConfStore = redisConfig conf.settings; + in '' + touch "${redisConfVar}" "${redisConfRun}" + chown '${conf.user}' "${redisConfVar}" "${redisConfRun}" + chmod 0600 "${redisConfVar}" "${redisConfRun}" + if [ ! -s ${redisConfVar} ]; then + echo 'include "${redisConfRun}"' > "${redisConfVar}" + fi + echo 'include "${redisConfStore}"' > "${redisConfRun}" + ${optionalString (conf.requirePassFile != null) '' + {echo -n "requirepass " + cat ${escapeShellArg conf.requirePassFile}} >> "${redisConfRun}" + ''} + ''); Type = "notify"; # User and group User = conf.user;