nixos/redis: store config in state directory
this is needed because certain redis features, like sentinel, require the config file to be persistent
This commit is contained in:
parent
168ad716e0
commit
bc4e9a890c
3 changed files with 27 additions and 10 deletions
|
@ -1189,6 +1189,13 @@ signald -d /var/lib/signald/db \
|
||||||
will be removed once the transition to CommonMark is complete.
|
will be removed once the transition to CommonMark is complete.
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
The redis module now persists each instance’s configuration
|
||||||
|
file in the state directory, in order to support some more
|
||||||
|
advanced use cases like sentinel.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
The udisks2 service, available at
|
The udisks2 service, available at
|
||||||
|
|
|
@ -362,6 +362,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
||||||
|
|
||||||
- The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete.
|
- The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete.
|
||||||
|
|
||||||
|
- The redis module now persists each instance's configuration file in the state directory, in order to support some more advanced use cases like sentinel.
|
||||||
|
|
||||||
- The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed.
|
- The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed.
|
||||||
This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it.
|
This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it.
|
||||||
|
|
||||||
|
|
|
@ -347,16 +347,24 @@ in {
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = "${cfg.package}/bin/redis-server /run/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}";
|
ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}";
|
||||||
ExecStartPre = [("+"+pkgs.writeShellScript "${redisName name}-credentials" (''
|
ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let
|
||||||
install -o '${conf.user}' -m 600 ${redisConfig conf.settings} /run/${redisName name}/redis.conf
|
redisConfVar = "/var/lib/${redisName name}/redis.conf";
|
||||||
'' + optionalString (conf.requirePassFile != null) ''
|
redisConfRun = "/run/${redisName name}/nixos.conf";
|
||||||
{
|
redisConfStore = redisConfig conf.settings;
|
||||||
printf requirePass' '
|
in ''
|
||||||
cat ${escapeShellArg conf.requirePassFile}
|
touch "${redisConfVar}" "${redisConfRun}"
|
||||||
} >>/run/${redisName name}/redis.conf
|
chown '${conf.user}' "${redisConfVar}" "${redisConfRun}"
|
||||||
'')
|
chmod 0600 "${redisConfVar}" "${redisConfRun}"
|
||||||
)];
|
if [ ! -s ${redisConfVar} ]; then
|
||||||
|
echo 'include "${redisConfRun}"' > "${redisConfVar}"
|
||||||
|
fi
|
||||||
|
echo 'include "${redisConfStore}"' > "${redisConfRun}"
|
||||||
|
${optionalString (conf.requirePassFile != null) ''
|
||||||
|
{echo -n "requirepass "
|
||||||
|
cat ${escapeShellArg conf.requirePassFile}} >> "${redisConfRun}"
|
||||||
|
''}
|
||||||
|
'');
|
||||||
Type = "notify";
|
Type = "notify";
|
||||||
# User and group
|
# User and group
|
||||||
User = conf.user;
|
User = conf.user;
|
||||||
|
|
Loading…
Reference in a new issue