From 2ba6277778c2402922e98f785f05681fe4a993f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jalil=20David=20Salam=C3=A9=20Messina?= Date: Sun, 29 Dec 2024 17:41:25 +0100 Subject: [PATCH] feat(renovate): enable lockFileMaintenance This allows it to update the flake.lock and Cargo.lock files. --- flake-modules/tests.nix | 100 +++++++++++++++++++++------------------- flake.lock | 11 +++-- flake.nix | 2 +- 3 files changed, 60 insertions(+), 53 deletions(-) diff --git a/flake-modules/tests.nix b/flake-modules/tests.nix index 7ec61ab..c214710 100644 --- a/flake-modules/tests.nix +++ b/flake-modules/tests.nix @@ -6,7 +6,6 @@ checks = let testDomain = "webnstest.example"; - dynamicZonesDir = "/var/lib/named/zones"; zoneFile = pkgs.writeText "${testDomain}.zoneinfo" '' $ORIGIN . $TTL 60 ; 1 minute @@ -27,59 +26,65 @@ nsupdate IN AAAA ::1 ''; - webnsupdate-machine = { - imports = [ self.nixosModules.webnsupdate ]; + webnsupdate-machine = + { config, ... }: + let + bindCfg = config.services.bind; + bindData = bindCfg.directory; + dynamicZonesDir = "${bindData}/zones"; + in + { + imports = [ self.nixosModules.webnsupdate ]; - config = { - environment.systemPackages = [ - pkgs.dig - pkgs.curl - ]; + config = { + environment.systemPackages = [ + pkgs.dig + pkgs.curl + ]; - services = { - webnsupdate = { - enable = true; - bindIp = "127.0.0.1"; - keyFile = "/etc/bind/rndc.key"; - # test:test (user:password) - passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA"; - package = self'.packages.webnsupdate; - extraArgs = [ - "-vvv" # debug messages - "--ip-source=ConnectInfo" - ]; - records = '' - test1.${testDomain}. - test2.${testDomain}. - test3.${testDomain}. - ''; - }; - - bind = { - enable = true; - zones.${testDomain} = { - master = true; - file = "${dynamicZonesDir}/${testDomain}"; - extraConfig = '' - allow-update { key rndc-key; }; + services = { + webnsupdate = { + enable = true; + bindIp = "127.0.0.1"; + keyFile = "/etc/bind/rndc.key"; + # test:test (user:password) + passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA"; + package = self'.packages.webnsupdate; + extraArgs = [ + "-vvv" # debug messages + "--ip-source=ConnectInfo" + ]; + records = '' + test1.${testDomain}. + test2.${testDomain}. + test3.${testDomain}. ''; }; + + bind = { + enable = true; + zones.${testDomain} = { + master = true; + file = "${dynamicZonesDir}/${testDomain}"; + extraConfig = '' + allow-update { key rndc-key; }; + ''; + }; + }; }; + + systemd.services.bind.preStart = '' + # shellcheck disable=SC2211,SC1127 + rm -f ${dynamicZonesDir}/* # reset dynamic zones + + mkdir -m 0755 -p ${dynamicZonesDir} + chown named ${dynamicZonesDir} + + # copy dynamic zone's file to the dynamic zones dir + cp ${zoneFile} ${dynamicZonesDir}/${testDomain} + ''; }; - - systemd.services.bind.preStart = '' - # shellcheck disable=SC2211,SC1127 - rm -f ${dynamicZonesDir}/* # reset dynamic zones - - ${pkgs.coreutils}/bin/mkdir -m 0755 -p ${dynamicZonesDir} - chown "named" ${dynamicZonesDir} - chown "named" /var/lib/named - - # copy dynamic zone's file to the dynamic zones dir - cp ${zoneFile} ${dynamicZonesDir}/${testDomain} - ''; }; - }; in { module-test = pkgs.testers.runNixOSTest { @@ -87,6 +92,7 @@ nodes.machine = webnsupdate-machine; testScript = '' machine.start(allow_reboot=True) + machine.wait_for_unit("bind.service") machine.wait_for_unit("webnsupdate.service") # ensure base DNS records area available diff --git a/flake.lock b/flake.lock index b4bb41d..5d0749c 100644 --- a/flake.lock +++ b/flake.lock @@ -37,17 +37,18 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734424634, - "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "NixOS", "ref": "nixos-unstable", - "type": "indirect" + "repo": "nixpkgs", + "type": "github" } }, "root": { diff --git a/flake.nix b/flake.nix index 3e7f04f..f93aaca 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; systems.url = "github:nix-systems/default"; treefmt-nix = { url = "github:numtide/treefmt-nix";