nixos/rsyncd: fix ini format for global section (#385064)

According to the manpage the rsyncd.conf has a global section without a module header. Settings for listening port or bind address must be put there and will not work if defined in a global submodule (i.e. below a "[global]" header). This commit changes the ini format generator for the rsyncd service to allow a global section in the config file without a submodule header. Fixes #304293 Credits to @nydragon * remove retrocompat, add incompat release notes
2025-06-09 19:13:26 +03:00 · 2025-04-26 17:46:51 +02:00 · 2025-04-26 17:46:51 +02:00 · f46be21864
commit f46be21864
parent 1de5bf89ee
3 changed files with 28 additions and 19 deletions
--- a/nixos/doc/manual/release-notes/rl-2505.section.md
+++ b/nixos/doc/manual/release-notes/rl-2505.section.md
@ -443,6 +443,10 @@
 - `services.netbird.tunnels` was renamed to [`services.netbird.clients`](#opt-services.netbird.clients),
  hardened (using dedicated less-privileged users) and significantly extended.

+- `services.rsyncd.settings` now supports only two attributes `sections` and `globalSection`.
+  As a result, all sections previously defined under `services.rsyncd.settings` must now be put in `services.rsyncd.settings.sections`.
+  Global settings must now be placed in `services.rsyncd.settings.globalSection` instead of `services.rsyncd.settings.global`.
+
 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

 ## Other Notable Changes {#sec-release-25.05-notable-changes}
--- a/nixos/modules/services/network-filesystems/rsyncd.nix
+++ b/nixos/modules/services/network-filesystems/rsyncd.nix
@ -6,7 +6,7 @@
 }:
 let
  cfg = config.services.rsyncd;
-  settingsFormat = pkgs.formats.ini { };
+  settingsFormat = pkgs.formats.iniWithGlobalSection { };
  configFile = settingsFormat.generate "rsyncd.conf" cfg.settings;
 in
 {
@ -25,24 +25,27 @@ in
        inherit (settingsFormat) type;
        default = { };
        example = {
-          global = {
+          globalSection = {
            uid = "nobody";
            gid = "nobody";
            "use chroot" = true;
            "max connections" = 4;
+            address = "0.0.0.0";
          };
-          ftp = {
-            path = "/var/ftp/./pub";
-            comment = "whole ftp area";
-          };
-          cvs = {
-            path = "/data/cvs";
-            comment = "CVS repository (requires authentication)";
-            "auth users" = [
-              "tridge"
-              "susan"
-            ];
-            "secrets file" = "/etc/rsyncd.secrets";
+          sections = {
+            ftp = {
+              path = "/var/ftp/./pub";
+              comment = "whole ftp area";
+            };
+            cvs = {
+              path = "/data/cvs";
+              comment = "CVS repository (requires authentication)";
+              "auth users" = [
+                "tridge"
+                "susan"
+              ];
+              "secrets file" = "/etc/rsyncd.secrets";
+            };
          };
        };
        description = ''
@ -81,7 +84,7 @@ in

  config = lib.mkIf cfg.enable {

-    services.rsyncd.settings.global.port = toString cfg.port;
+    services.rsyncd.settings.globalSection.port = toString cfg.port;

    systemd =
      let
--- a/nixos/tests/rsyncd.nix
+++ b/nixos/tests/rsyncd.nix
@ -15,13 +15,15 @@ import ./make-test-python.nix (
              enable = true;
              inherit socketActivated;
              settings = {
-                global = {
+                globalSection = {
                  "reverse lookup" = false;
                  "forward lookup" = false;
                };
-                tmp = {
-                  path = "/nix/store";
-                  comment = "test module";
+                sections = {
+                  tmp = {
+                    path = "/nix/store";
+                    comment = "test module";
+                  };
                };
              };
            };