nixos/dex: Restart on referenced file changes (#343738) (4b7712c3) · Commits · nix / nixpkgs

nixos/doc/manual/release-notes/rl-2505.section.md

+2 −0

Original line number	Diff line number	Diff line
		@@ -22,6 +22,8 @@

		- The default Elixir version has been updated to 1.18.

		- `services.dex` now restarts upon changes to the `.environmentFile` or entries in `.settings.staticClients[].secretFile` when the entry is a `path` type.

		- `nixos-rebuild-ng`, a full rewrite of `nixos-rebuild` in Python, is available for testing. You can enable it by setting [system.rebuild.enableNg](options.html#opt-system.rebuild.enableNg) in your configuration (this will replace the old `nixos-rebuild`), or by adding `nixos-rebuild-ng` to your `environment.systemPackages` (in this case, it will live side-by-side with `nixos-rebuild` as `nixos-rebuild-ng`). It is expected that the next major version of NixOS (25.11) will enable `system.rebuild.enableNg` by default.
		- A `nixos-rebuild build-image` sub-command has been added.

+12 −1

Original line number	Diff line number	Diff line
		@@ -12,7 +12,12 @@ let
		fixClient =
		client:
		if client ? secretFile then
		((builtins.removeAttrs client [ "secretFile" ]) // { secret = client.secretFile; })
		(
		(builtins.removeAttrs client [ "secretFile" ])
		// {
		secret = client.secretFile;
		}
		)
		else
		client;
		filteredSettings = mapAttrs (
		@@ -32,6 +37,11 @@ let
		'') secretFiles
		)
		);

		restartTriggers =
		[ ]
		++ (optionals (cfg.environmentFile != null) [ cfg.environmentFile ])
		++ (filter (file: builtins.typeOf file == "path") secretFiles);
		in
		{
		options.services.dex = {
		@@ -90,6 +100,7 @@ in
		"networking.target"
		] ++ (optional (cfg.settings.storage.type == "postgres") "postgresql.service");
		path = with pkgs; [ replace-secret ];
		restartTriggers = restartTriggers;
		serviceConfig =
		{
		ExecStart = "${pkgs.dex-oidc}/bin/dex serve /run/dex/config.yaml";