3
0
Fork 0
forked from mirrors/nixpkgs

kresd service: switch .listenDoH to new implementation

Beware: extraFeatures are not needed *for this* anymore,
but their removal may still cause a regression in some configs
(example: prefill module).
This commit is contained in:
Vladimír Čunát 2020-11-12 19:04:12 +01:00
parent 3087df3e8f
commit e61ef63e4e
No known key found for this signature in database
GPG key ID: E747DF1F9575A3AA

View file

@ -23,18 +23,14 @@ let
'';
configFile = pkgs.writeText "kresd.conf" (
optionalString (cfg.listenDoH != []) ''
modules.load('http')
''
""
+ concatMapStrings (mkListen "dns") cfg.listenPlain
+ concatMapStrings (mkListen "tls") cfg.listenTLS
+ concatMapStrings (mkListen "doh") cfg.listenDoH
+ concatMapStrings (mkListen "doh2") cfg.listenDoH
+ cfg.extraConfig
);
package = if cfg.listenDoH == []
then pkgs.knot-resolver # never force `extraFeatures = false`
else pkgs.knot-resolver.override { extraFeatures = true; };
package = pkgs.knot-resolver;
in {
meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];
@ -92,7 +88,7 @@ in {
default = [];
example = [ "198.51.100.1:443" "[2001:db8::1]:443" "443" ];
description = ''
Addresses and ports on which kresd should provide DNS over HTTPS (see RFC 8484).
Addresses and ports on which kresd should provide DNS over HTTPS/2 (see RFC 8484).
For detailed syntax see ListenStream in man systemd.socket.
'';
};