diff options
author | Aleksana <me@aleksana.moe> | 2024-04-12 16:33:36 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-12 16:33:36 +0800 |
commit | 2a057805aeb604167a2814d80227fe45c5912a96 (patch) | |
tree | 07fd6d65f6acef0d7e0a2e6a92a282f57898176a /nixos/modules/services | |
parent | 94356ab1dc8dc528597705c1abed6131db8f0eaf (diff) | |
parent | b3642388fe18aefb168d9d6cb7365ce17ca3a6da (diff) |
Merge pull request #301804 from helsinki-systems/init/keydb
keydb: init at 6.3.4
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/databases/redis.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 2e644895a260..fe2d75fc53a9 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -338,7 +338,7 @@ in { after = [ "network.target" ]; serviceConfig = { - ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; + ExecStart = "${cfg.package}/bin/${cfg.package.serverBin or "redis-server"} /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let redisConfVar = "/var/lib/${redisName name}/redis.conf"; redisConfRun = "/run/${redisName name}/nixos.conf"; @@ -391,7 +391,8 @@ in { RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; LockPersonality = true; - MemoryDenyWriteExecute = true; + # we need to disable MemoryDenyWriteExecute for keydb + MemoryDenyWriteExecute = cfg.package.pname != "keydb"; RestrictRealtime = true; RestrictSUIDSGID = true; PrivateMounts = true; |