Port the flags of nix-daemon to nix daemon (#8788)
The new `nix daemon` command didn't accept the same flags that `nix-daemon` did. * docs(daemon): clarify the daemon trust override flags * fix: change declaration order * docs: add examples of nix daemon usage * Apply suggestions from code review --------- Co-authored-by: Eelco Dolstra <edolstra@gmail.com> Co-authored-by: John Ericson <git@JohnEricson.me> Co-authored-by: tomberek <tomberek@users.noreply.github.com>
This commit is contained in:
parent
50f40ac4c0
commit
736b9cede7
|
@ -500,6 +500,45 @@ static RegisterLegacyCommand r_nix_daemon("nix-daemon", main_nix_daemon);
|
|||
|
||||
struct CmdDaemon : StoreCommand
|
||||
{
|
||||
bool stdio = false;
|
||||
std::optional<TrustedFlag> isTrustedOpt = std::nullopt;
|
||||
|
||||
CmdDaemon()
|
||||
{
|
||||
addFlag({
|
||||
.longName = "stdio",
|
||||
.description = "Attach to standard I/O, instead of trying to bind to a UNIX socket.",
|
||||
.handler = {&stdio, true},
|
||||
});
|
||||
|
||||
addFlag({
|
||||
.longName = "force-trusted",
|
||||
.description = "Force the daemon to trust connecting clients.",
|
||||
.handler = {[&]() {
|
||||
isTrustedOpt = Trusted;
|
||||
}},
|
||||
.experimentalFeature = Xp::DaemonTrustOverride,
|
||||
});
|
||||
|
||||
addFlag({
|
||||
.longName = "force-untrusted",
|
||||
.description = "Force the daemon to not trust connecting clients. The connection will be processed by the receiving daemon before forwarding commands.",
|
||||
.handler = {[&]() {
|
||||
isTrustedOpt = NotTrusted;
|
||||
}},
|
||||
.experimentalFeature = Xp::DaemonTrustOverride,
|
||||
});
|
||||
|
||||
addFlag({
|
||||
.longName = "default-trust",
|
||||
.description = "Use Nix's default trust.",
|
||||
.handler = {[&]() {
|
||||
isTrustedOpt = std::nullopt;
|
||||
}},
|
||||
.experimentalFeature = Xp::DaemonTrustOverride,
|
||||
});
|
||||
}
|
||||
|
||||
std::string description() override
|
||||
{
|
||||
return "daemon to perform store operations on behalf of non-root clients";
|
||||
|
@ -516,7 +555,7 @@ struct CmdDaemon : StoreCommand
|
|||
|
||||
void run(ref<Store> store) override
|
||||
{
|
||||
runDaemon(false, std::nullopt);
|
||||
runDaemon(stdio, isTrustedOpt);
|
||||
}
|
||||
};
|
||||
|
||||
|
|
|
@ -1,20 +1,44 @@
|
|||
R""(
|
||||
|
||||
# Example
|
||||
# Examples
|
||||
|
||||
* Run the daemon in the foreground:
|
||||
* Run the daemon:
|
||||
|
||||
```console
|
||||
# nix daemon
|
||||
```
|
||||
|
||||
* Run the daemon and listen on standard I/O instead of binding to a UNIX socket:
|
||||
|
||||
```console
|
||||
# nix daemon --stdio
|
||||
```
|
||||
|
||||
* Run the daemon and force all connections to be trusted:
|
||||
|
||||
```console
|
||||
# nix daemon --force-trusted
|
||||
```
|
||||
|
||||
* Run the daemon and force all connections to be untrusted:
|
||||
|
||||
```console
|
||||
# nix daemon --force-untrusted
|
||||
```
|
||||
|
||||
* Run the daemon, listen on standard I/O, and force all connections to use Nix's default trust:
|
||||
|
||||
```console
|
||||
# nix daemon --stdio --default-trust
|
||||
```
|
||||
|
||||
# Description
|
||||
|
||||
This command runs the Nix daemon, which is a required component in
|
||||
multi-user Nix installations. It runs build tasks and other
|
||||
operations on the Nix store on behalf of non-root users. Usually you
|
||||
don't run the daemon directly; instead it's managed by a service
|
||||
management framework such as `systemd`.
|
||||
management framework such as `systemd` on Linux, or `launchctl` on Darwin.
|
||||
|
||||
Note that this daemon does not fork into the background.
|
||||
|
||||
|
|
Loading…
Reference in a new issue