diff options
author | Simon Hauser <simon.hauser@helsinki-systems.de> | 2024-04-05 12:40:34 +0200 |
---|---|---|
committer | Simon Hauser <simon.hauser@helsinki-systems.de> | 2024-04-11 10:47:07 +0200 |
commit | b3642388fe18aefb168d9d6cb7365ce17ca3a6da (patch) | |
tree | 644734cb544d621ed0f60208db4654bbc5fd3b7d /nixos/modules | |
parent | 3541c7628de9414f999ced044c95a284584f4ec1 (diff) |
keydb: init at 6.3.4
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/databases/redis.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 2e644895a260..fe2d75fc53a9 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -338,7 +338,7 @@ in { after = [ "network.target" ]; serviceConfig = { - ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; + ExecStart = "${cfg.package}/bin/${cfg.package.serverBin or "redis-server"} /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let redisConfVar = "/var/lib/${redisName name}/redis.conf"; redisConfRun = "/run/${redisName name}/nixos.conf"; @@ -391,7 +391,8 @@ in { RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; LockPersonality = true; - MemoryDenyWriteExecute = true; + # we need to disable MemoryDenyWriteExecute for keydb + MemoryDenyWriteExecute = cfg.package.pname != "keydb"; RestrictRealtime = true; RestrictSUIDSGID = true; PrivateMounts = true; |