Port the flags of nix-daemon to nix daemon (#8788)

The new `nix daemon` command didn't accept the same flags that `nix-daemon` did. * docs(daemon): clarify the daemon trust override flags * fix: change declaration order * docs: add examples of nix daemon usage * Apply suggestions from code review --------- Co-authored-by: Eelco Dolstra <edolstra@gmail.com> Co-authored-by: John Ericson <git@JohnEricson.me> Co-authored-by: tomberek <tomberek@users.noreply.github.com>
author: Bryan Honof <bryanhonof@gmail.com> 2023-08-28 15:43:34 +0200
committer: GitHub <noreply@github.com> 2023-08-28 13:43:34 +0000
commit: 736b9cede73692a1cf92a6c21c5259498a04c961 (patch)
tree: 71805ea35cb3be427aa194bb1d9b0a46491c1394 /src/nix/daemon.cc
parent: 50f40ac4c03bcb742cda29de04c40e1a29367acc (diff)
1 files changed, 40 insertions, 1 deletions
diff --git a/src/nix/daemon.cc b/src/nix/daemon.cc
index 1511f9e6e..af428018a 100644
--- a/src/nix/daemon.cc
+++ b/src/nix/daemon.cc
@@ -500,6 +500,45 @@ static RegisterLegacyCommand r_nix_daemon("nix-daemon", main_nix_daemon);
 
 struct CmdDaemon : StoreCommand
 {
+    bool stdio = false;
+    std::optional<TrustedFlag> isTrustedOpt = std::nullopt;
+
+    CmdDaemon()
+    {
+        addFlag({
+            .longName = "stdio",
+            .description = "Attach to standard I/O, instead of trying to bind to a UNIX socket.",
+            .handler = {&stdio, true},
+        });
+
+        addFlag({
+            .longName = "force-trusted",
+            .description = "Force the daemon to trust connecting clients.",
+            .handler = {[&]() {
+                isTrustedOpt = Trusted;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+
+        addFlag({
+            .longName = "force-untrusted",
+            .description = "Force the daemon to not trust connecting clients. The connection will be processed by the receiving daemon before forwarding commands.",
+            .handler = {[&]() {
+                isTrustedOpt = NotTrusted;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+
+        addFlag({
+            .longName = "default-trust",
+            .description = "Use Nix's default trust.",
+            .handler = {[&]() {
+                isTrustedOpt = std::nullopt;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+    }
+
     std::string description() override
     {
         return "daemon to perform store operations on behalf of non-root clients";
@@ -516,7 +555,7 @@ struct CmdDaemon : StoreCommand
 
     void run(ref<Store> store) override
     {
-        runDaemon(false, std::nullopt);
+        runDaemon(stdio, isTrustedOpt);
     }
 };
author	Bryan Honof <bryanhonof@gmail.com>	2023-08-28 15:43:34 +0200
committer	GitHub <noreply@github.com>	2023-08-28 13:43:34 +0000
commit	736b9cede73692a1cf92a6c21c5259498a04c961 (patch)
tree	71805ea35cb3be427aa194bb1d9b0a46491c1394 /src/nix/daemon.cc
parent	50f40ac4c03bcb742cda29de04c40e1a29367acc (diff)