3
0
Fork 0
forked from mirrors/nixpkgs

redis service: add firewall and VM overcommit options

- Add vm.over_commit setting for background saving
- Add openFirewall setting

Closes #10193
This commit is contained in:
Ben Smith 2015-10-02 23:22:27 -07:00 committed by Joachim Fasting
parent 3e0943d5ba
commit 3a1beb6347
No known key found for this signature in database
GPG key ID: 4330820E1E04DCF4

View file

@ -68,6 +68,22 @@ in
description = "The port for Redis to listen to.";
};
vmOverCommit = mkOption {
type = types.bool;
default = false;
description = ''
Set vm.overcommit_memory to 1 (Suggested for Background Saving: http://redis.io/topics/faq)
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
bind = mkOption {
type = with types; nullOr str;
default = null; # All interfaces
@ -193,6 +209,14 @@ in
config = mkIf config.services.redis.enable {
boot.kernel.sysctl = mkIf cfg.vmOverCommit {
"vm.overcommit_memory" = "1";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
users.extraUsers.redis =
{ name = cfg.user;
uid = config.ids.uids.redis;