diff options
| author | Benjamin Lee <benjamin@computer.surgery> | 2023-10-01 17:35:27 -0700 |
|---|---|---|
| committer | Benjamin Lee <benjamin@computer.surgery> | 2024-04-07 13:45:19 -0700 |
| commit | 5207bb723ab36f402a5705f43d97eb49d342540a (patch) | |
| tree | baa7d8d69570b1d9ec0c4d07e8a278c1e2b62943 /nixos | |
| parent | 4959d7bcd8f41d05a29fed8cb86a0456a1cf557f (diff) | |
nixos/soju: add adminSocket.enable option
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2405.section.md | 2 | ||||
| -rw-r--r-- | nixos/modules/services/networking/soju.nix | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 858f1d2a61382..b42acbfebaa2d 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -485,6 +485,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`. +- `services.soju` now has the option `adminSocket.enable`. This option defaults to `true`, and creates a unix admin socket at `/run/soju/admin`. + - Gitea 1.21 upgrade has several breaking changes, including: - Custom themes and other assets that were previously stored in `custom/public/*` now belong in `custom/public/assets/*` - New instances of Gitea using MySQL now ignore the `[database].CHARSET` config option and always use the `utf8mb4` charset, existing instances should migrate via the `gitea doctor convert` CLI command. diff --git a/nixos/modules/services/networking/soju.nix b/nixos/modules/services/networking/soju.nix index 34798d15194d3..f3a7dc1eea019 100644 --- a/nixos/modules/services/networking/soju.nix +++ b/nixos/modules/services/networking/soju.nix @@ -5,7 +5,10 @@ with lib; let cfg = config.services.soju; stateDir = "/var/lib/soju"; - listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") cfg.listen; + runtimeDir = "/run/soju"; + listen = cfg.listen + ++ optional cfg.adminSocket.enable "unix+admin://${runtimeDir}/admin"; + listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") listen; tlsCfg = optionalString (cfg.tlsCertificate != null) "tls ${cfg.tlsCertificate} ${cfg.tlsCertificateKey}"; logCfg = optionalString cfg.enableMessageLogging @@ -68,6 +71,14 @@ in description = lib.mdDoc "Whether to enable message logging."; }; + adminSocket.enable = mkOption { + type = types.bool; + default = true; + description = lib.mdDoc '' + Listen for admin connections from sojuctl at /run/soju/admin. + ''; + }; + httpOrigins = mkOption { type = types.listOf types.str; default = []; @@ -119,6 +130,7 @@ in Restart = "always"; ExecStart = "${cfg.package}/bin/soju -config ${configFile}"; StateDirectory = "soju"; + RuntimeDirectory = "soju"; }; }; }; |