From f886a14dbdba8b134c2d6f067faffbcaeebd645b Mon Sep 17 00:00:00 2001
From: Dustin Frisch <fooker@lab.sh>
Date: Mon, 16 Dec 2019 23:06:27 +0100
Subject: [PATCH] kresd: Unified listen declarations

Deperecates the interfaces option which was used to generate a host:port
list whereas the port was always hardcoded to 53. This unifies the
listen configuration for plain and TLS sockets and allows to specify a
port without an address for wildcard binds.
---
 nixos/doc/manual/release-notes/rl-2003.xml  |  8 +++++++
 nixos/modules/services/networking/kresd.nix | 25 ++++++++++++++-------
 2 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml
index 2a38b2adbbb4..48f699085b0b 100644
--- a/nixos/doc/manual/release-notes/rl-2003.xml
+++ b/nixos/doc/manual/release-notes/rl-2003.xml
@@ -251,6 +251,14 @@
      in container config.
     </para>
    </listitem>
+   <listitem>
+    <para>
+     The <literal>kresd</literal> services deprecates the <literal>interfaces</literal> option
+     in favor of the <literal>listenPlain</literal> option which requires full
+     <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=">systemd.socket compatible</link>
+     declaration which always include a port.
+    </para>
+   </listitem>
   </itemizedlist>
  </section>
 
diff --git a/nixos/modules/services/networking/kresd.nix b/nixos/modules/services/networking/kresd.nix
index fc516c01230a..574074944d5e 100644
--- a/nixos/modules/services/networking/kresd.nix
+++ b/nixos/modules/services/networking/kresd.nix
@@ -13,6 +13,17 @@ in
 {
   meta.maintainers = [ maintainers.vcunat /* upstream developer */ ];
 
+  imports = [
+    (mkChangedOptionModule [ "services" "kresd" "interfaces" ] [ "services" "kresd" "listenPlain" ]
+      (config:
+        let value = getAttrFromPath [ "services" "kresd" "interfaces" ] config;
+        in map
+          (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53") # Syntax depends on being IPv6 or IPv4.
+          value
+      )
+    )
+  ];
+
   ###### interface
   options.services.kresd = {
     enable = mkOption {
@@ -39,11 +50,12 @@ in
         Directory for caches.  They are intended to survive reboots.
       '';
     };
-    interfaces = mkOption {
+    listenPlain = mkOption {
       type = with types; listOf str;
-      default = [ "::1" "127.0.0.1" ];
+      default = [ "[::1]:53" "127.0.0.1:53" ];
       description = ''
-        What addresses the server should listen on. (UDP+TCP 53)
+        What addresses and ports the server should listen on.
+        For detailed syntax see ListenStream in man systemd.socket.
       '';
     };
     listenTLS = mkOption {
@@ -51,7 +63,7 @@ in
       default = [];
       example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ];
       description = ''
-        Addresses on which kresd should provide DNS over TLS (see RFC 7858).
+        Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858).
         For detailed syntax see ListenStream in man systemd.socket.
       '';
     };
@@ -76,10 +88,7 @@ in
     systemd.sockets.kresd = rec {
       wantedBy = [ "sockets.target" ];
       before = wantedBy;
-      listenStreams = map
-        # Syntax depends on being IPv6 or IPv4.
-        (iface: if elem ":" (stringToCharacters iface) then "[${iface}]:53" else "${iface}:53")
-        cfg.interfaces;
+      listenStreams = cfg.listenPlain;
       socketConfig = {
         ListenDatagram = listenStreams;
         FreeBind = true;