From 736b9cede73692a1cf92a6c21c5259498a04c961 Mon Sep 17 00:00:00 2001
From: Bryan Honof <bryanhonof@gmail.com>
Date: Mon, 28 Aug 2023 15:43:34 +0200
Subject: Port the flags of nix-daemon to nix daemon (#8788)

The new `nix daemon` command didn't accept the same flags that `nix-daemon` did.

* docs(daemon): clarify the daemon trust override flags
* fix: change declaration order
* docs: add examples of nix daemon usage
* Apply suggestions from code review

---------

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
Co-authored-by: John Ericson <git@JohnEricson.me>
Co-authored-by: tomberek <tomberek@users.noreply.github.com>
---
 src/nix/daemon.cc | 41 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 40 insertions(+), 1 deletion(-)

(limited to 'src/nix/daemon.cc')

diff --git a/src/nix/daemon.cc b/src/nix/daemon.cc
index 1511f9e6e..af428018a 100644
--- a/src/nix/daemon.cc
+++ b/src/nix/daemon.cc
@@ -500,6 +500,45 @@ static RegisterLegacyCommand r_nix_daemon("nix-daemon", main_nix_daemon);
 
 struct CmdDaemon : StoreCommand
 {
+    bool stdio = false;
+    std::optional<TrustedFlag> isTrustedOpt = std::nullopt;
+
+    CmdDaemon()
+    {
+        addFlag({
+            .longName = "stdio",
+            .description = "Attach to standard I/O, instead of trying to bind to a UNIX socket.",
+            .handler = {&stdio, true},
+        });
+
+        addFlag({
+            .longName = "force-trusted",
+            .description = "Force the daemon to trust connecting clients.",
+            .handler = {[&]() {
+                isTrustedOpt = Trusted;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+
+        addFlag({
+            .longName = "force-untrusted",
+            .description = "Force the daemon to not trust connecting clients. The connection will be processed by the receiving daemon before forwarding commands.",
+            .handler = {[&]() {
+                isTrustedOpt = NotTrusted;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+
+        addFlag({
+            .longName = "default-trust",
+            .description = "Use Nix's default trust.",
+            .handler = {[&]() {
+                isTrustedOpt = std::nullopt;
+            }},
+            .experimentalFeature = Xp::DaemonTrustOverride,
+        });
+    }
+
     std::string description() override
     {
         return "daemon to perform store operations on behalf of non-root clients";
@@ -516,7 +555,7 @@ struct CmdDaemon : StoreCommand
 
     void run(ref<Store> store) override
     {
-        runDaemon(false, std::nullopt);
+        runDaemon(stdio, isTrustedOpt);
     }
 };
 
-- 
cgit v1.2.3