Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

krebs.systemd: allow reload if credentials change

Browse Source
This commit is contained in:
tv 2021-12-23 20:16:34 +01:00
parent 1cf495d6eb
commit d4521eb339
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
krebs/3modules/systemd.nix
View File

@ -5,6 +5,19 @@
default = {}; default = {};
type = lib.types.attrsOf (lib.types.submodule { type = lib.types.attrsOf (lib.types.submodule {
options = { options = {
ifCredentialsChange = lib.mkOption {
default = "restart";
description = ''
Whether to reload or restart the service whenever any its
credentials change. Only credentials with an absolute path in
LoadCredential= are supported.
'';
type = lib.types.enum [
"reload"
"restart"
null
];
};
serviceConfig.LoadCredential = lib.mkOption { serviceConfig.LoadCredential = lib.mkOption {
apply = lib.toList; apply = lib.toList;
type = type =
@ -33,7 +46,7 @@
}; };
} }
++ ++
map (path: let lib.optionals (cfg.ifCredentialsChange != null) (map (path: let
triggerName = "trigger-${lib.systemd.encodeName path}"; triggerName = "trigger-${lib.systemd.encodeName path}";
in { in {
paths.${triggerName} = { paths.${triggerName} = {
@ -44,11 +57,11 @@
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
ExecStart = lib.singleton (toString [ ExecStart = lib.singleton (toString [
"${pkgs.systemd}/bin/systemctl restart" "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange}"
(lib.shell.escape serviceName) (lib.shell.escape serviceName)
]); ]);
}; };
}; };
}) paths }) paths)
) config.krebs.systemd.services)); ) config.krebs.systemd.services));
} }