nixos/consul: allow ipv6-only
This commit is contained in:
parent
a31f1abfb5
commit
325a525467
|
@ -80,13 +80,21 @@ in
|
||||||
The name of the interface to pull the bind_addr from.
|
The name of the interface to pull the bind_addr from.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
forceAddrFamily = mkOption {
|
||||||
|
type = types.enum [ "any" "ipv4" "ipv6" ];
|
||||||
|
default = "any";
|
||||||
|
description = ''
|
||||||
|
Whether to bind ipv4/ipv6 or both kind of addresses.
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
forceIpv4 = mkOption {
|
forceIpv4 = mkOption {
|
||||||
type = types.bool;
|
type = types.nullOr types.bool;
|
||||||
default = false;
|
default = null;
|
||||||
description = ''
|
description = ''
|
||||||
|
Deprecated: Use consul.forceAddrFamily instead.
|
||||||
Whether we should force the interfaces to only pull ipv4 addresses.
|
Whether we should force the interfaces to only pull ipv4 addresses.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@ -175,6 +183,13 @@ in
|
||||||
systemPackages = [ cfg.package ];
|
systemPackages = [ cfg.package ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
warnings = lib.flatten [
|
||||||
|
(lib.optional (cfg.forceIpv4 != null) ''
|
||||||
|
The option consul.forceIpv4 is deprecated, please use
|
||||||
|
consul.forceAddrFamily instead.
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
|
||||||
systemd.services.consul = {
|
systemd.services.consul = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = [ "network.target" ] ++ systemdDevices;
|
after = [ "network.target" ] ++ systemdDevices;
|
||||||
|
@ -196,15 +211,21 @@ in
|
||||||
});
|
});
|
||||||
|
|
||||||
path = with pkgs; [ iproute2 gnugrep gawk consul ];
|
path = with pkgs; [ iproute2 gnugrep gawk consul ];
|
||||||
preStart = ''
|
preStart = let
|
||||||
|
family = if cfg.forceAddrFamily == "ipv6" then
|
||||||
|
"-6"
|
||||||
|
else if cfg.forceAddrFamily == "ipv4" then
|
||||||
|
"-4"
|
||||||
|
else
|
||||||
|
"";
|
||||||
|
in ''
|
||||||
mkdir -m 0700 -p ${dataDir}
|
mkdir -m 0700 -p ${dataDir}
|
||||||
chown -R consul ${dataDir}
|
chown -R consul ${dataDir}
|
||||||
|
|
||||||
# Determine interface addresses
|
# Determine interface addresses
|
||||||
getAddrOnce () {
|
getAddrOnce () {
|
||||||
ip addr show dev "$1" \
|
ip ${family} addr show dev "$1" scope global \
|
||||||
| grep 'inet${optionalString (cfg.forceIpv4) " "}.*scope global' \
|
| awk -F '[ /\t]*' '/inet/ {print $3}' | head -n 1
|
||||||
| awk -F '[ /\t]*' '{print $3}' | head -n 1
|
|
||||||
}
|
}
|
||||||
getAddr () {
|
getAddr () {
|
||||||
ADDR="$(getAddrOnce $1)"
|
ADDR="$(getAddrOnce $1)"
|
||||||
|
@ -234,6 +255,11 @@ in
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# deprecated
|
||||||
|
(mkIf (cfg.forceIpv4 != null && cfg.forceIpv4) {
|
||||||
|
services.consul.forceAddrFamily = "ipv4";
|
||||||
|
})
|
||||||
|
|
||||||
(mkIf (cfg.alerts.enable) {
|
(mkIf (cfg.alerts.enable) {
|
||||||
systemd.services.consul-alerts = {
|
systemd.services.consul-alerts = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
Loading…
Reference in a new issue