diff options
author | Joachim F <joachifm@users.noreply.github.com> | 2018-01-13 12:02:45 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-13 12:02:45 +0000 |
commit | ed250d809359a21cbc13255c3ee3861ce695bce1 (patch) | |
tree | 5bb1aba8f6450139427d2534388e71bde7449f9f /nixos | |
parent | 5f8bb3fc2326d665d99155ece55d5d4df2cfbfa1 (diff) | |
parent | 66b07e41e633bb6df1f1a57aa46856e7248da0da (diff) |
Merge pull request #27131 from richardlarocque/mosquitto_pw
mosquitto: Explicitly configure password file
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/networking/mosquitto.nix | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/mosquitto.nix b/nixos/modules/services/networking/mosquitto.nix index 81915b5a2ef82..273ca797b98d4 100644 --- a/nixos/modules/services/networking/mosquitto.nix +++ b/nixos/modules/services/networking/mosquitto.nix @@ -12,6 +12,10 @@ let keyfile ${cfg.ssl.keyfile} ''; + passwordConf = optionalString cfg.checkPasswords '' + password_file ${cfg.dataDir}/passwd + ''; + mosquittoConf = pkgs.writeText "mosquitto.conf" '' pid_file /run/mosquitto/pid acl_file ${aclFile} @@ -19,6 +23,7 @@ let allow_anonymous ${boolToString cfg.allowAnonymous} bind_address ${cfg.host} port ${toString cfg.port} + ${passwordConf} ${listenerConf} ${cfg.extraConf} ''; @@ -153,6 +158,15 @@ in ''; }; + checkPasswords = mkOption { + default = false; + example = true; + type = types.bool; + description = '' + Refuse connection when clients provide incorrect passwords. + ''; + }; + extraConf = mkOption { default = ""; type = types.lines; |