public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

redis service: add firewall and VM overcommit options

Browse Source 
- Add vm.over_commit setting for background saving
- Add openFirewall setting

Closes #10193
This commit is contained in:
Ben Smith 2015-10-02 23:22:27 -07:00 committed by Joachim Fasting
parent 3e0943d5ba
commit 3a1beb6347
No known key found for this signature in database
GPG Key ID: 4330820E1E04DCF4
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
nixos/modules/services/databases/redis.nix
View File

@ -68,6 +68,22 @@ in
description = "The port for Redis to listen to."; description = "The port for Redis to listen to.";
}; };
vmOverCommit = mkOption {
type = types.bool;
default = false;
description = ''
Set vm.overcommit_memory to 1 (Suggested for Background Saving: http://redis.io/topics/faq)
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
bind = mkOption { bind = mkOption {
type = with types; nullOr str; type = with types; nullOr str;
default = null; # All interfaces default = null; # All interfaces
@ -193,6 +209,14 @@ in
config = mkIf config.services.redis.enable { config = mkIf config.services.redis.enable {
boot.kernel.sysctl = mkIf cfg.vmOverCommit {
"vm.overcommit_memory" = "1";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
users.extraUsers.redis = users.extraUsers.redis =
{ name = cfg.user; { name = cfg.user;
uid = config.ids.uids.redis; uid = config.ids.uids.redis;