diff options
Diffstat (limited to 'nixos/modules/services/databases/redis.nix')
-rw-r--r-- | nixos/modules/services/databases/redis.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 2e644895a260..fe2d75fc53a9 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -338,7 +338,7 @@ in { after = [ "network.target" ]; serviceConfig = { - ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; + ExecStart = "${cfg.package}/bin/${cfg.package.serverBin or "redis-server"} /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}"; ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let redisConfVar = "/var/lib/${redisName name}/redis.conf"; redisConfRun = "/run/${redisName name}/nixos.conf"; @@ -391,7 +391,8 @@ in { RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; LockPersonality = true; - MemoryDenyWriteExecute = true; + # we need to disable MemoryDenyWriteExecute for keydb + MemoryDenyWriteExecute = cfg.package.pname != "keydb"; RestrictRealtime = true; RestrictSUIDSGID = true; PrivateMounts = true; |