nixos/darkhttpd: change listening address default to ::1

We unconditionally pass --ipv6 to the binary. In older versions, setting both --addr 127.0.0.1 and --ipv6 resulted in listening on [::], a potential security issue. On the other hand, the binary started. With the current version however, --ipv6 implies an IPv6 address in --addr resulting in a crash with: "darkhttpd: malformed --addr argument" While this commit is technically a BC-break, it should be harmless as existing users either do not explicitly set the address and the server refuses the start (making this change rather a fix) or they set the address and are therefore unaffected.
NixOS · Nov 3, 2024 · abdadde · abdadde
1 parent 650fe87
commit abdadde
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/nixos/modules/services/web-servers/darkhttpd.nix b/nixos/modules/services/web-servers/darkhttpd.nix
@@ -27,7 +27,7 @@ in {
     };
 
     address = mkOption {
-      default = "127.0.0.1";
+      default = "::1";
       type = str;
       description = ''
         Address to listen on.