summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-12-29 16:52:23 +0100
committertv <tv@krebsco.de>2021-12-29 17:17:45 +0100
commit2280c39d3e37769c8eb2159f6e934211eb82b778 (patch)
treebdd6d675132f5436a08e37297b6726d76ae5b938 /krebs
parent2f15fd1d680c3353a4a78c8aaeb5d20db147b6a8 (diff)
krebs.systemd: don't offer to reload services
Because new credentials won't be available after reloading, only after restarting.
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/systemd.nix22
1 files changed, 11 insertions, 11 deletions
diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix
index 294f80a3c..194e8b24a 100644
--- a/krebs/3modules/systemd.nix
+++ b/krebs/3modules/systemd.nix
@@ -5,18 +5,18 @@
default = {};
type = lib.types.attrsOf (lib.types.submodule {
options = {
- ifCredentialsChange = lib.mkOption {
- default = "restart";
+ restartIfCredentialsChange = lib.mkOption {
+ # Enabling this by default only makes sense here as the user already
+ # bothered to write down krebs.systemd.services.* = {}. If this
+ # functionality gets upstreamed to systemd.services, restarting
+ # should be disabled by default.
+ default = true;
description = ''
- Whether to reload or restart the service whenever any its
- credentials change. Only credentials with an absolute path in
- LoadCredential= are supported.
+ Whether to restart the service whenever any of its credentials
+ change. Only credentials with an absolute path in LoadCredential=
+ are supported.
'';
- type = lib.types.enum [
- "reload"
- "restart"
- null
- ];
+ type = lib.types.bool;
};
};
});
@@ -40,7 +40,7 @@
lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
serviceConfig = {
Type = "oneshot";
- ExecStart = "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange} ${lib.shell.escape serviceName}";
+ ExecStart = "${pkgs.systemd}/bin/systemctl restart ${lib.shell.escape serviceName}";
};
}
) config.krebs.systemd.services;