fix(flake): switch to github ref
Switch from a flake ref to a github ref as renovate cannot resolve flake refs, and they are slightly impure. This shows some issues with the previous patch to the bind module which we fix.
This commit is contained in:
parent
2ba6277778
commit
308eff1409
GPG key ID:
F016B9E770737A0B
2 changed files with 63 additions and 47 deletions
|
|
@ -24,10 +24,20 @@
|
||||||
"fileMatch": [
|
"fileMatch": [
|
||||||
"(^|/)flake\\.nix$"
|
"(^|/)flake\\.nix$"
|
||||||
],
|
],
|
||||||
"commitMessageTopic": "flake inputs",
|
"commitMessageTopic": "nixpkgs",
|
||||||
"commitMessageExtra": "to {{newValue}}",
|
"commitMessageExtra": "to {{newValue}}",
|
||||||
"enabled": true
|
"enabled": true
|
||||||
},
|
},
|
||||||
|
"lockFileMaintenance": {
|
||||||
|
"enabled": true,
|
||||||
|
"recreateWhen": "always",
|
||||||
|
"rebaseStalePrs": true,
|
||||||
|
"branchTopic": "lock-file-maintenance",
|
||||||
|
"commitMessageAction": "Lock file maintenance",
|
||||||
|
"schedule": [
|
||||||
|
"* 0-1 * * *"
|
||||||
|
]
|
||||||
|
},
|
||||||
"automergeSchedule": [
|
"automergeSchedule": [
|
||||||
"* 0-1 * * *"
|
"* 0-1 * * *"
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@
|
||||||
checks =
|
checks =
|
||||||
let
|
let
|
||||||
testDomain = "webnstest.example";
|
testDomain = "webnstest.example";
|
||||||
|
|
||||||
zoneFile = pkgs.writeText "${testDomain}.zoneinfo" ''
|
zoneFile = pkgs.writeText "${testDomain}.zoneinfo" ''
|
||||||
$ORIGIN .
|
$ORIGIN .
|
||||||
$TTL 60 ; 1 minute
|
$TTL 60 ; 1 minute
|
||||||
|
|
@ -26,7 +27,7 @@
|
||||||
nsupdate IN AAAA ::1
|
nsupdate IN AAAA ::1
|
||||||
'';
|
'';
|
||||||
|
|
||||||
webnsupdate-machine =
|
bindDynamicZone =
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
bindCfg = config.services.bind;
|
bindCfg = config.services.bind;
|
||||||
|
|
@ -34,57 +35,62 @@
|
||||||
dynamicZonesDir = "${bindData}/zones";
|
dynamicZonesDir = "${bindData}/zones";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ self.nixosModules.webnsupdate ];
|
bind = {
|
||||||
|
zones.${testDomain} = {
|
||||||
config = {
|
master = true;
|
||||||
environment.systemPackages = [
|
file = "${dynamicZonesDir}/${testDomain}";
|
||||||
pkgs.dig
|
extraConfig = ''
|
||||||
pkgs.curl
|
allow-update { key rndc-key; };
|
||||||
];
|
'';
|
||||||
|
|
||||||
services = {
|
|
||||||
webnsupdate = {
|
|
||||||
enable = true;
|
|
||||||
bindIp = "127.0.0.1";
|
|
||||||
keyFile = "/etc/bind/rndc.key";
|
|
||||||
# test:test (user:password)
|
|
||||||
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
|
|
||||||
package = self'.packages.webnsupdate;
|
|
||||||
extraArgs = [
|
|
||||||
"-vvv" # debug messages
|
|
||||||
"--ip-source=ConnectInfo"
|
|
||||||
];
|
|
||||||
records = ''
|
|
||||||
test1.${testDomain}.
|
|
||||||
test2.${testDomain}.
|
|
||||||
test3.${testDomain}.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
bind = {
|
|
||||||
enable = true;
|
|
||||||
zones.${testDomain} = {
|
|
||||||
master = true;
|
|
||||||
file = "${dynamicZonesDir}/${testDomain}";
|
|
||||||
extraConfig = ''
|
|
||||||
allow-update { key rndc-key; };
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services.bind.preStart = ''
|
systemd.services.bind.preStart = ''
|
||||||
# shellcheck disable=SC2211,SC1127
|
# shellcheck disable=SC2211,SC1127
|
||||||
rm -f ${dynamicZonesDir}/* # reset dynamic zones
|
rm -f ${dynamicZonesDir}/* # reset dynamic zones
|
||||||
|
|
||||||
mkdir -m 0755 -p ${dynamicZonesDir}
|
# create a dynamic zones dir
|
||||||
chown named ${dynamicZonesDir}
|
mkdir -m 0755 -p ${dynamicZonesDir}
|
||||||
|
# copy dynamic zone's file to the dynamic zones dir
|
||||||
|
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
# copy dynamic zone's file to the dynamic zones dir
|
webnsupdate-machine = {
|
||||||
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
|
imports = [
|
||||||
'';
|
bindDynamicZone
|
||||||
|
self.nixosModules.webnsupdate
|
||||||
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.dig
|
||||||
|
pkgs.curl
|
||||||
|
];
|
||||||
|
|
||||||
|
services = {
|
||||||
|
bind.enable = true;
|
||||||
|
|
||||||
|
webnsupdate = {
|
||||||
|
enable = true;
|
||||||
|
bindIp = "127.0.0.1";
|
||||||
|
keyFile = "/etc/bind/rndc.key";
|
||||||
|
# test:test (user:password)
|
||||||
|
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
|
||||||
|
package = self'.packages.webnsupdate;
|
||||||
|
extraArgs = [
|
||||||
|
"-vvv" # debug messages
|
||||||
|
"--ip-source=ConnectInfo"
|
||||||
|
];
|
||||||
|
records = ''
|
||||||
|
test1.${testDomain}.
|
||||||
|
test2.${testDomain}.
|
||||||
|
test3.${testDomain}.
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
module-test = pkgs.testers.runNixOSTest {
|
module-test = pkgs.testers.runNixOSTest {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue