kresd: Unified listen declarations

Deperecates the interfaces option which was used to generate a host:port list whereas the port was always hardcoded to 53. This unifies the listen configuration for plain and TLS sockets and allows to specify a port without an address for wildcard binds.
2024-11-16 23:03:40 +01:00 · 2019-12-16 23:06:27 +01:00 · 2019-12-16 23:06:27 +01:00 · f886a14dbd
commit f886a14dbd
parent b443abf914
2 changed files with 25 additions and 8 deletions
--- a/nixos/doc/manual/release-notes/rl-2003.xml
+++ b/nixos/doc/manual/release-notes/rl-2003.xml
@ -251,6 +251,14 @@
     in container config.
    </para>
   </listitem>
+   <listitem>
+    <para>
+     The <literal>kresd</literal> services deprecates the <literal>interfaces</literal> option
+     in favor of the <literal>listenPlain</literal> option which requires full
+     <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=">systemd.socket compatible</link>
+     declaration which always include a port.
+    </para>
+   </listitem>
  </itemizedlist>
 </section>

--- a/nixos/modules/services/networking/kresd.nix
+++ b/nixos/modules/services/networking/kresd.nix
@ -13,6 +13,17 @@ in
 {
  meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];

+  imports = [
+    (mkChangedOptionModule [ "services" "kresd" "interfaces" ] [ "services" "kresd" "listenPlain" ]
+      (config:
+        let value = getAttrFromPath [ "services" "kresd" "interfaces" ] config;
+        in map
+          (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") # Syntax depends on being IPv6 or IPv4.
+          value
+      )
+    )
+  ];
+
  ###### interface
  options.services.kresd = {
    enable = mkOption {
@ -39,11 +50,12 @@ in
        Directory for caches.  They are intended to survive reboots.
      '';
    };
-    interfaces = mkOption {
+    listenPlain = mkOption {
      type = with types; listOf str;
-      default = [ "::1" "127.0.0.1" ];
+      default = [ "[::1]:53" "127.0.0.1:53" ];
      description = ''
-        What addresses the server should listen on. (UDP+TCP 53)
+        What addresses and ports the server should listen on.
+        For detailed syntax see ListenStream in man systemd.socket.
      '';
    };
    listenTLS = mkOption {
@ -51,7 +63,7 @@ in
      default = [];
      example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ];
      description = ''
-        Addresses on which kresd should provide DNS over TLS (see RFC 7858).
+        Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858).
        For detailed syntax see ListenStream in man systemd.socket.
      '';
    };
@ -76,10 +88,7 @@ in
    systemd.sockets.kresd = rec {
      wantedBy = [ "sockets.target" ];
      before = wantedBy;
-      listenStreams = map
-        # Syntax depends on being IPv6 or IPv4.
-        (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53")
-        cfg.interfaces;
+      listenStreams = cfg.listenPlain;
      socketConfig = {
        ListenDatagram = listenStreams;
        FreeBind = true;