[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#35329: [PATCH] gnu: knot-service: Add includes field in configuratio
|
From: |
Julien Lepiller |
|
Subject: |
bug#35329: [PATCH] gnu: knot-service: Add includes field in configuration. |
|
Date: |
Thu, 25 Apr 2019 21:46:08 +0200 |
Le Wed, 24 Apr 2019 14:34:15 +0200,
Ludovic Courtès <address@hidden> a écrit :
> Julien Lepiller <address@hidden> skribis:
>
> > * gnu/services/dns.scm (knot-configuration): Add includes field.
> > (verify-knot-configuration): Check includes content.
> > (knot-config-file): Serialize includes.
> > * doc/guix.texi (DNS Services): Document it.
>
> [...]
>
> > address@hidden @code{includes} (default: @code{'()})
> > +A list of strings or file-like objects denoting other files that
> > must be +included at the top of the configuration file. This is
> > especially useful
> ^
> I’d make a new paragraph here.
>
> > +for including key configuration from outside the store, since keys
> > should +not be readable by every user. It can also be used to add
> > configuration +not supported by this interface.
>
> What about:
>
> @cindex secrets, Knot service
> This can be used to manage secrets out-of-band. For example, secret
> keys may be stored in an out-of-band file not managed by Guix, and
> thus not visible in @file{/gnu/store}---e.g., you could store secret
> key configuration in @file{/etc/knot/secrets.conf} and add this file
> to the @code{includes} list.
>
> It can also be used […]
>
> LGTM!
>
> Thanks,
> LUdo’.
Push as 92eb600f8a94afa36142f8f145efaa485b632433, thanks!