summary refs log tree commit diff
path: root/nixos/modules
diff options
context:
space:
mode:
authorDavid Tulig <david.tulig@gmail.com>2017-06-10 04:19:07 -0600
committerFranz Pletz <fpletz@fnordicwalking.de>2017-06-10 12:19:07 +0200
commitbb6cf349ffd5c15e364d551bcabec20c9e675bdc (patch)
treec55a72514ea904f5212792fdfb7dd5468b8f16d3 /nixos/modules
parent333dc53433b2dadad6a05b04a9314c460a06d7d5 (diff)
downloadnixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar.gz
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar.bz2
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar.lz
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar.xz
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.tar.zst
nixlib-bb6cf349ffd5c15e364d551bcabec20c9e675bdc.zip
bind service: add listen-on options (#26430)
This adds configuration options for the bind package so that the
interfaces that bind listens on can be configured rather than just
hardcoded as any. The default values preserve the old behavior to be
backwards compatible.
Diffstat (limited to 'nixos/modules')
-rw-r--r--nixos/modules/services/networking/bind.nix20
1 files changed, 18 insertions, 2 deletions
diff --git a/nixos/modules/services/networking/bind.nix b/nixos/modules/services/networking/bind.nix
index 0272b6ceff20..ca375c935e83 100644
--- a/nixos/modules/services/networking/bind.nix
+++ b/nixos/modules/services/networking/bind.nix
@@ -14,8 +14,8 @@ let
       acl badnetworks { ${concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks} };
 
       options {
-        listen-on {any;};
-        listen-on-v6 {any;};
+        listen-on { ${concatMapStrings (entry: " ${entry}; ") cfg.listenOn} };
+        listen-on-v6 { ${concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6} };
         allow-query { cachenetworks; };
         blackhole { badnetworks; };
         forward first;
@@ -96,6 +96,22 @@ in
         ";
       };
 
+      listenOn = mkOption {
+        default = ["any"];
+        type = types.listOf types.str;
+        description = "
+          Interfaces to listen on.
+        ";
+      };
+
+      listenOnIpv6 = mkOption {
+        default = ["any"];
+        type = types.listOf types.str;
+        description = "
+          Ipv6 interfaces to listen on.
+        ";
+      };
+
       zones = mkOption {
         default = [];
         description = "
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 11:11:14 +0000