From 86d8b31e00b267f0ed67798e966c16ef06faf9ba Mon Sep 17 00:00:00 2001 From: Izorkin Date: Wed, 24 Mar 2021 13:13:47 +0300 Subject: [PATCH] nixos/redis: add option unixSocketPerm --- nixos/modules/services/databases/redis.nix | 10 ++++++++-- nixos/tests/redis.nix | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 117e6366225..b5921a6dead 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -88,6 +88,13 @@ in example = "/run/redis/redis.sock"; }; + unixSocketPerm = mkOption { + type = types.int; + default = 750; + description = "Change permissions for the socket"; + example = 700; + }; + logLevel = mkOption { type = types.str; default = "notice"; # debug, verbose, notice, warning @@ -204,7 +211,6 @@ in ''; example = literalExample '' { - unixsocketperm = "700"; loadmodule = [ "/path/to/my_module.so" "/path/to/other_module.so" ]; } ''; @@ -256,7 +262,7 @@ in slowlog-max-len = cfg.slowLogMaxLen; } (mkIf (cfg.bind != null) { bind = cfg.bind; }) - (mkIf (cfg.unixSocket != null) { unixsocket = cfg.unixSocket; }) + (mkIf (cfg.unixSocket != null) { unixsocket = cfg.unixSocket; unixsocketperm = "${toString cfg.unixSocketPerm}"; }) (mkIf (cfg.slaveOf != null) { slaveof = "${cfg.slaveOf.ip} ${cfg.slaveOf.port}"; }) (mkIf (cfg.masterAuth != null) { masterauth = cfg.masterAuth; }) (mkIf (cfg.requirePass != null) { requirepass = cfg.requirePass; }) diff --git a/nixos/tests/redis.nix b/nixos/tests/redis.nix index ca171561435..79a7847414a 100644 --- a/nixos/tests/redis.nix +++ b/nixos/tests/redis.nix @@ -17,7 +17,7 @@ in services.redis.unixSocket = redisSocket; # Allow access to the unix socket for the "redis" group. - services.redis.settings.unixsocketperm = "770"; + services.redis.unixSocketPerm = 770; users.users."member" = { createHome = false;