update-ci #3

Merged
jalil merged 3 commits from update-ci into main 2024-09-30 16:40:19 +02:00
4 changed files with 139 additions and 112 deletions
Showing only changes of commit 144d5c45c6 - Show all commits

View file

@ -1,7 +1,8 @@
{ {
lib, lib,
rustPlatform, rustPlatform,
}: let }:
let
readToml = path: builtins.fromTOML (builtins.readFile path); readToml = path: builtins.fromTOML (builtins.readFile path);
cargoToml = readToml ./Cargo.toml; cargoToml = readToml ./Cargo.toml;
pname = cargoToml.package.name; pname = cargoToml.package.name;
@ -11,32 +12,34 @@
name = "${pname}-source"; name = "${pname}-source";
# Adapted from <https://github.com/ipetkov/crane/blob/master/lib/filterCargoSources.nix> # Adapted from <https://github.com/ipetkov/crane/blob/master/lib/filterCargoSources.nix>
# no need to pull in crane for just this # no need to pull in crane for just this
filter = orig_path: type: let filter =
path = toString orig_path; orig_path: type:
base = baseNameOf path; let
parentDir = baseNameOf (dirOf path); path = toString orig_path;
matchesSuffix = lib.any (suffix: lib.hasSuffix suffix base) [ base = baseNameOf path;
# Rust sources parentDir = baseNameOf (dirOf path);
".rs" matchesSuffix = lib.any (suffix: lib.hasSuffix suffix base) [
# TOML files are often used to configure cargo based tools (e.g. .cargo/config.toml) # Rust sources
".toml" ".rs"
]; # TOML files are often used to configure cargo based tools (e.g. .cargo/config.toml)
isCargoLock = base == "Cargo.lock"; ".toml"
# .cargo/config.toml is captured above ];
isOldStyleCargoConfig = parentDir == ".cargo" && base == "config"; isCargoLock = base == "Cargo.lock";
in # .cargo/config.toml is captured above
isOldStyleCargoConfig = parentDir == ".cargo" && base == "config";
in
type == "directory" || matchesSuffix || isCargoLock || isOldStyleCargoConfig; type == "directory" || matchesSuffix || isCargoLock || isOldStyleCargoConfig;
}; };
in in
rustPlatform.buildRustPackage { rustPlatform.buildRustPackage {
inherit pname version src; inherit pname version src;
cargoLock.lockFile = ./Cargo.lock; cargoLock.lockFile = ./Cargo.lock;
useNextest = true; useNextest = true;
meta = { meta = {
inherit description; inherit description;
license = lib.licenses.mit; license = lib.licenses.mit;
homepage = "https://github.com/jalil-salame/webnsupdate"; homepage = "https://github.com/jalil-salame/webnsupdate";
mainProgram = "webnsupdate"; mainProgram = "webnsupdate";
}; };
} }

120
flake.nix
View file

@ -5,59 +5,75 @@
systems.url = "github:nix-systems/default"; systems.url = "github:nix-systems/default";
}; };
outputs = { outputs =
self, {
nixpkgs, self,
systems, nixpkgs,
}: let systems,
forEachSupportedSystem = nixpkgs.lib.genAttrs (import systems); }:
in { let
checks = forEachSupportedSystem (system: let forEachSupportedSystem = nixpkgs.lib.genAttrs (import systems);
pkgs = nixpkgs.legacyPackages.${system}; in
inherit (nixpkgs) lib; {
in { checks = forEachSupportedSystem (
fmtRust = pkgs.callPackage ./run-cmd.nix { system:
src = self; let
name = "fmt-rust"; pkgs = nixpkgs.legacyPackages.${system};
extraNativeBuildInputs = [pkgs.rustfmt]; inherit (nixpkgs) lib;
cmd = "${lib.getExe pkgs.cargo} fmt --all --check --verbose"; in
}; {
fmtNix = pkgs.callPackage ./run-cmd.nix { fmtRust = pkgs.callPackage ./run-cmd.nix {
src = self; src = self;
name = "fmt-nix"; name = "fmt-rust";
cmd = "${lib.getExe pkgs.alejandra} --check ."; extraNativeBuildInputs = [ pkgs.rustfmt ];
}; cmd = "${lib.getExe pkgs.cargo} fmt --all --check --verbose";
lintNix = pkgs.callPackage ./run-cmd.nix { };
src = self; fmtNix = pkgs.callPackage ./run-cmd.nix {
name = "lint-nix"; src = self;
cmd = "${lib.getExe pkgs.statix} check ."; name = "fmt-nix";
}; cmd = "${lib.getExe self.formatter.${system}} --check .";
}); };
formatter = forEachSupportedSystem (system: nixpkgs.legacyPackages.${system}.alejandra); lintNix = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "lint-nix";
cmd = "${lib.getExe pkgs.statix} check .";
};
}
);
formatter = forEachSupportedSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
packages = forEachSupportedSystem (system: let packages = forEachSupportedSystem (
webnsupdate = nixpkgs.legacyPackages.${system}.callPackage ./default.nix {}; system:
in { let
inherit webnsupdate; webnsupdate = nixpkgs.legacyPackages.${system}.callPackage ./default.nix { };
default = webnsupdate; in
}); {
inherit webnsupdate;
default = webnsupdate;
overlays.default = final: prev: { }
webnsupdate = final.callPackage ./default.nix {}; );
overlays.default = final: prev: {
webnsupdate = final.callPackage ./default.nix { };
};
nixosModules.default = ./module.nix;
devShells = forEachSupportedSystem (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
default = pkgs.mkShell {
packages = [
pkgs.cargo-insta
pkgs.cargo-udeps
pkgs.mold
];
};
}
);
}; };
nixosModules.default = ./module.nix;
devShells = forEachSupportedSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
default = pkgs.mkShell {
packages = [
pkgs.cargo-insta
pkgs.cargo-udeps
pkgs.mold
];
};
});
};
} }

View file

@ -3,13 +3,15 @@
pkgs, pkgs,
config, config,
... ...
}: let }:
let
cfg = config.services.webnsupdate; cfg = config.services.webnsupdate;
inherit (lib) mkOption mkEnableOption types; inherit (lib) mkOption mkEnableOption types;
in { in
{
options.services.webnsupdate = mkOption { options.services.webnsupdate = mkOption {
description = "An HTTP server for nsupdate."; description = "An HTTP server for nsupdate.";
default = {}; default = { };
type = types.submodule { type = types.submodule {
options = { options = {
enable = mkEnableOption "webnsupdate"; enable = mkEnableOption "webnsupdate";
@ -18,8 +20,8 @@ in {
Extra arguments to be passed to the webnsupdate server command. Extra arguments to be passed to the webnsupdate server command.
''; '';
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
example = ["--ip-source"]; example = [ "--ip-source" ];
}; };
bindIp = mkOption { bindIp = mkOption {
description = '' description = ''
@ -102,47 +104,53 @@ in {
}; };
}; };
config = let config =
recordsFile = let
if cfg.recordsFile != null recordsFile =
then cfg.recordsFile if cfg.recordsFile != null then cfg.recordsFile else pkgs.writeText "webnsrecords" cfg.records;
else pkgs.writeText "webnsrecords" cfg.records; args = lib.strings.escapeShellArgs (
args = lib.strings.escapeShellArgs ([ [
"--records" "--records"
recordsFile recordsFile
"--key-file" "--key-file"
cfg.keyFile cfg.keyFile
"--password-file" "--password-file"
cfg.passwordFile cfg.passwordFile
"--address" "--address"
cfg.bindIp cfg.bindIp
"--port" "--port"
(builtins.toString cfg.bindPort) (builtins.toString cfg.bindPort)
"--ttl" "--ttl"
(builtins.toString cfg.ttl) (builtins.toString cfg.ttl)
] ]
++ cfg.extraArgs); ++ cfg.extraArgs
cmd = "${lib.getExe pkgs.webnsupdate} ${args}"; );
in cmd = "${lib.getExe pkgs.webnsupdate} ${args}";
in
lib.mkIf cfg.enable { lib.mkIf cfg.enable {
# warnings = # warnings =
# lib.optional (!config.services.bind.enable) "`webnsupdate` is expected to be used alongside `bind`. This is an unsopported configuration."; # lib.optional (!config.services.bind.enable) "`webnsupdate` is expected to be used alongside `bind`. This is an unsopported configuration.";
assertions = [ assertions = [
{ {
assertion = (cfg.records != null || cfg.recordsFile != null) && !(cfg.records != null && cfg.recordsFile != null); assertion =
(cfg.records != null || cfg.recordsFile != null)
&& !(cfg.records != null && cfg.recordsFile != null);
message = "Exactly one of `services.webnsupdate.records` and `services.webnsupdate.recordsFile` must be set."; message = "Exactly one of `services.webnsupdate.records` and `services.webnsupdate.recordsFile` must be set.";
} }
]; ];
systemd.services.webnsupdate = { systemd.services.webnsupdate = {
description = "Web interface for nsupdate."; description = "Web interface for nsupdate.";
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
after = ["network.target" "bind.service"]; after = [
"network.target"
"bind.service"
];
preStart = "${cmd} verify"; preStart = "${cmd} verify";
path = [pkgs.dig]; path = [ pkgs.dig ];
startLimitIntervalSec = 60; startLimitIntervalSec = 60;
serviceConfig = { serviceConfig = {
ExecStart = [cmd]; ExecStart = [ cmd ];
Type = "exec"; Type = "exec";
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";

View file

@ -3,8 +3,8 @@
src, src,
name, name,
cmd, cmd,
extraBuildInputs ? [], extraBuildInputs ? [ ],
extraNativeBuildInputs ? [], extraNativeBuildInputs ? [ ],
}: }:
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "${name}-src"; name = "${name}-src";