diff options
author | tv <tv@krebsco.de> | 2021-12-29 16:52:23 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2021-12-29 17:17:45 +0100 |
commit | 2280c39d3e37769c8eb2159f6e934211eb82b778 (patch) | |
tree | bdd6d675132f5436a08e37297b6726d76ae5b938 /krebs | |
parent | 2f15fd1d680c3353a4a78c8aaeb5d20db147b6a8 (diff) |
krebs.systemd: don't offer to reload services
Because new credentials won't be available after reloading, only after
restarting.
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/systemd.nix | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix index 294f80a3c..194e8b24a 100644 --- a/krebs/3modules/systemd.nix +++ b/krebs/3modules/systemd.nix @@ -5,18 +5,18 @@ default = {}; type = lib.types.attrsOf (lib.types.submodule { options = { - ifCredentialsChange = lib.mkOption { - default = "restart"; + restartIfCredentialsChange = lib.mkOption { + # Enabling this by default only makes sense here as the user already + # bothered to write down krebs.systemd.services.* = {}. If this + # functionality gets upstreamed to systemd.services, restarting + # should be disabled by default. + default = true; description = '' - Whether to reload or restart the service whenever any its - credentials change. Only credentials with an absolute path in - LoadCredential= are supported. + Whether to restart the service whenever any of its credentials + change. Only credentials with an absolute path in LoadCredential= + are supported. ''; - type = lib.types.enum [ - "reload" - "restart" - null - ]; + type = lib.types.bool; }; }; }); @@ -40,7 +40,7 @@ lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" { serviceConfig = { Type = "oneshot"; - ExecStart = "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange} ${lib.shell.escape serviceName}"; + ExecStart = "${pkgs.systemd}/bin/systemctl restart ${lib.shell.escape serviceName}"; }; } ) config.krebs.systemd.services; |