fix(flake): switch to github ref
Switch from a flake ref to a github ref as renovate cannot resolve flake refs, and they are slightly impure. This shows some issues with the previous patch to the bind module which we fix.
This commit is contained in:
parent
2ba6277778
commit
6a1feb2612
GPG key ID:
F016B9E770737A0B
2 changed files with 64 additions and 50 deletions
|
|
@ -24,10 +24,20 @@
|
||||||
"fileMatch": [
|
"fileMatch": [
|
||||||
"(^|/)flake\\.nix$"
|
"(^|/)flake\\.nix$"
|
||||||
],
|
],
|
||||||
"commitMessageTopic": "flake inputs",
|
"commitMessageTopic": "nixpkgs",
|
||||||
"commitMessageExtra": "to {{newValue}}",
|
"commitMessageExtra": "to {{newValue}}",
|
||||||
"enabled": true
|
"enabled": true
|
||||||
},
|
},
|
||||||
|
"lockFileMaintenance": {
|
||||||
|
"enabled": true,
|
||||||
|
"recreateWhen": "always",
|
||||||
|
"rebaseStalePrs": true,
|
||||||
|
"branchTopic": "lock-file-maintenance",
|
||||||
|
"commitMessageAction": "Lock file maintenance",
|
||||||
|
"schedule": [
|
||||||
|
"* 0-1 * * *"
|
||||||
|
]
|
||||||
|
},
|
||||||
"automergeSchedule": [
|
"automergeSchedule": [
|
||||||
"* 0-1 * * *"
|
"* 0-1 * * *"
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@
|
||||||
checks =
|
checks =
|
||||||
let
|
let
|
||||||
testDomain = "webnstest.example";
|
testDomain = "webnstest.example";
|
||||||
|
|
||||||
zoneFile = pkgs.writeText "${testDomain}.zoneinfo" ''
|
zoneFile = pkgs.writeText "${testDomain}.zoneinfo" ''
|
||||||
$ORIGIN .
|
$ORIGIN .
|
||||||
$TTL 60 ; 1 minute
|
$TTL 60 ; 1 minute
|
||||||
|
|
@ -26,7 +27,7 @@
|
||||||
nsupdate IN AAAA ::1
|
nsupdate IN AAAA ::1
|
||||||
'';
|
'';
|
||||||
|
|
||||||
webnsupdate-machine =
|
bindDynamicZone =
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
bindCfg = config.services.bind;
|
bindCfg = config.services.bind;
|
||||||
|
|
@ -34,57 +35,60 @@
|
||||||
dynamicZonesDir = "${bindData}/zones";
|
dynamicZonesDir = "${bindData}/zones";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ self.nixosModules.webnsupdate ];
|
services.bind.zones.${testDomain} = {
|
||||||
|
master = true;
|
||||||
config = {
|
file = "${dynamicZonesDir}/${testDomain}";
|
||||||
environment.systemPackages = [
|
extraConfig = ''
|
||||||
pkgs.dig
|
allow-update { key rndc-key; };
|
||||||
pkgs.curl
|
|
||||||
];
|
|
||||||
|
|
||||||
services = {
|
|
||||||
webnsupdate = {
|
|
||||||
enable = true;
|
|
||||||
bindIp = "127.0.0.1";
|
|
||||||
keyFile = "/etc/bind/rndc.key";
|
|
||||||
# test:test (user:password)
|
|
||||||
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
|
|
||||||
package = self'.packages.webnsupdate;
|
|
||||||
extraArgs = [
|
|
||||||
"-vvv" # debug messages
|
|
||||||
"--ip-source=ConnectInfo"
|
|
||||||
];
|
|
||||||
records = ''
|
|
||||||
test1.${testDomain}.
|
|
||||||
test2.${testDomain}.
|
|
||||||
test3.${testDomain}.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
bind = {
|
|
||||||
enable = true;
|
|
||||||
zones.${testDomain} = {
|
|
||||||
master = true;
|
|
||||||
file = "${dynamicZonesDir}/${testDomain}";
|
|
||||||
extraConfig = ''
|
|
||||||
allow-update { key rndc-key; };
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.bind.preStart = ''
|
|
||||||
# shellcheck disable=SC2211,SC1127
|
|
||||||
rm -f ${dynamicZonesDir}/* # reset dynamic zones
|
|
||||||
|
|
||||||
mkdir -m 0755 -p ${dynamicZonesDir}
|
|
||||||
chown named ${dynamicZonesDir}
|
|
||||||
|
|
||||||
# copy dynamic zone's file to the dynamic zones dir
|
|
||||||
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.bind.preStart = ''
|
||||||
|
# shellcheck disable=SC2211,SC1127
|
||||||
|
rm -f ${dynamicZonesDir}/* # reset dynamic zones
|
||||||
|
|
||||||
|
# create a dynamic zones dir
|
||||||
|
mkdir -m 0755 -p ${dynamicZonesDir}
|
||||||
|
# copy dynamic zone's file to the dynamic zones dir
|
||||||
|
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
webnsupdate-machine = {
|
||||||
|
imports = [
|
||||||
|
bindDynamicZone
|
||||||
|
self.nixosModules.webnsupdate
|
||||||
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.dig
|
||||||
|
pkgs.curl
|
||||||
|
];
|
||||||
|
|
||||||
|
services = {
|
||||||
|
bind.enable = true;
|
||||||
|
|
||||||
|
webnsupdate = {
|
||||||
|
enable = true;
|
||||||
|
bindIp = "127.0.0.1";
|
||||||
|
keyFile = "/etc/bind/rndc.key";
|
||||||
|
# test:test (user:password)
|
||||||
|
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
|
||||||
|
package = self'.packages.webnsupdate;
|
||||||
|
extraArgs = [
|
||||||
|
"-vvv" # debug messages
|
||||||
|
"--ip-source=ConnectInfo"
|
||||||
|
];
|
||||||
|
records = ''
|
||||||
|
test1.${testDomain}.
|
||||||
|
test2.${testDomain}.
|
||||||
|
test3.${testDomain}.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
module-test = pkgs.testers.runNixOSTest {
|
module-test = pkgs.testers.runNixOSTest {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue