From 2c7f9fc6326cc1f27de3d661cda2c8db1a00d00c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jalil=20David=20Salam=C3=A9=20Messina?= Date: Wed, 8 May 2024 21:37:19 +0200 Subject: [PATCH] [fix] module.nix: various issues --- default.nix | 1 + module.nix | 44 ++++++++++++++++++++++---------------------- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/default.nix b/default.nix index c46ff3a..4cd4398 100644 --- a/default.nix +++ b/default.nix @@ -20,5 +20,6 @@ in inherit description; license = lib.licenses.mit; homepage = "https://github.com/jalil-salame/webnsupdate"; + mainProgram = "webnsupdate"; }; } diff --git a/module.nix b/module.nix index 20a84ec..21aaa19 100644 --- a/module.nix +++ b/module.nix @@ -99,27 +99,25 @@ in { if cfg.recordsFile != null then cfg.recordsFile else pkgs.writeText "webnsrecords" cfg.records; - cmd = lib.concatStringsSep " " ([lib.getExe pkgs.websnupdate] - ++ lib.strings.escapeShellArgs [ - "--records" - recordsFile - "--key-file" - cfg.keyFile - "--password-file" - cfg.passwordFile - "--address" - cfg.bindIp - "--port" - (builtins.toString cfg.bindPort) - "--ttl" - (builtins.toString cfg.ttl) - ]); + args = lib.strings.escapeShellArgs [ + "--records" + recordsFile + "--key-file" + cfg.keyFile + "--password-file" + cfg.passwordFile + "--address" + cfg.bindIp + "--port" + (builtins.toString cfg.bindPort) + "--ttl" + (builtins.toString cfg.ttl) + ]; + cmd = "${lib.getExe pkgs.webnsupdate} ${args}"; in lib.mkIf cfg.enable { - warnings = [ - (lib.optional (!config.services.bind.enable) - "`webnsupdate` is expected to be used alongside `bind`. This is an unsopported configuration.") - ]; + # warnings = + # lib.optional (!config.services.bind.enable) "`webnsupdate` is expected to be used alongside `bind`. This is an unsopported configuration."; assertions = [ { assertion = (cfg.records != null || cfg.recordsFile != null) && !(cfg.records != null && cfg.recordsFile != null); @@ -134,14 +132,15 @@ in { preStart = "${cmd} verify"; startLimitIntervalSec = 60; serviceConfig = { - ExecStart = cmd; - Restart = "always"; + ExecStart = [cmd]; + Type = "exec"; + Restart = "on-failure"; RestartSec = "10s"; # User and group User = cfg.user; Group = cfg.group; # Runtime directory and mode - RuntimeDirectory = "websnupdate"; + RuntimeDirectory = "webnsupdate"; RuntimeDirectoryMode = "0750"; # Cache directory and mode CacheDirectory = "webnsupdate"; @@ -153,6 +152,7 @@ in { UMask = "0027"; # Security NoNewPrivileges = true; + ProtectHome = true; }; }; };