diff --git a/.renovaterc.json b/.renovaterc.json index bdcce88..556cabc 100644 --- a/.renovaterc.json +++ b/.renovaterc.json @@ -24,10 +24,20 @@ "fileMatch": [ "(^|/)flake\\.nix$" ], - "commitMessageTopic": "flake inputs", + "commitMessageTopic": "nixpkgs", "commitMessageExtra": "to {{newValue}}", "enabled": true }, + "lockFileMaintenance": { + "enabled": true, + "recreateWhen": "always", + "rebaseStalePrs": true, + "branchTopic": "lock-file-maintenance", + "commitMessageAction": "Lock file maintenance", + "schedule": [ + "* 0-1 * * *" + ] + }, "automergeSchedule": [ "* 0-1 * * *" ] diff --git a/flake-modules/tests.nix b/flake-modules/tests.nix index 7ec61ab..4cdac8b 100644 --- a/flake-modules/tests.nix +++ b/flake-modules/tests.nix @@ -6,7 +6,7 @@ checks = let testDomain = "webnstest.example"; - dynamicZonesDir = "/var/lib/named/zones"; + zoneFile = pkgs.writeText "${testDomain}.zoneinfo" '' $ORIGIN . $TTL 60 ; 1 minute @@ -27,8 +27,38 @@ nsupdate IN AAAA ::1 ''; + bindDynamicZone = + { config, ... }: + let + bindCfg = config.services.bind; + bindData = bindCfg.directory; + dynamicZonesDir = "${bindData}/zones"; + in + { + services.bind.zones.${testDomain} = { + master = true; + file = "${dynamicZonesDir}/${testDomain}"; + extraConfig = '' + allow-update { key rndc-key; }; + ''; + }; + + systemd.services.bind.preStart = '' + # shellcheck disable=SC2211,SC1127 + rm -f ${dynamicZonesDir}/* # reset dynamic zones + + # create a dynamic zones dir + mkdir -m 0755 -p ${dynamicZonesDir} + # copy dynamic zone's file to the dynamic zones dir + cp ${zoneFile} ${dynamicZonesDir}/${testDomain} + ''; + }; + webnsupdate-machine = { - imports = [ self.nixosModules.webnsupdate ]; + imports = [ + bindDynamicZone + self.nixosModules.webnsupdate + ]; config = { environment.systemPackages = [ @@ -37,6 +67,8 @@ ]; services = { + bind.enable = true; + webnsupdate = { enable = true; bindIp = "127.0.0.1"; @@ -54,30 +86,7 @@ test3.${testDomain}. ''; }; - - bind = { - enable = true; - zones.${testDomain} = { - master = true; - file = "${dynamicZonesDir}/${testDomain}"; - extraConfig = '' - allow-update { key rndc-key; }; - ''; - }; - }; }; - - systemd.services.bind.preStart = '' - # shellcheck disable=SC2211,SC1127 - rm -f ${dynamicZonesDir}/* # reset dynamic zones - - ${pkgs.coreutils}/bin/mkdir -m 0755 -p ${dynamicZonesDir} - chown "named" ${dynamicZonesDir} - chown "named" /var/lib/named - - # copy dynamic zone's file to the dynamic zones dir - cp ${zoneFile} ${dynamicZonesDir}/${testDomain} - ''; }; }; in @@ -87,6 +96,7 @@ nodes.machine = webnsupdate-machine; testScript = '' machine.start(allow_reboot=True) + machine.wait_for_unit("bind.service") machine.wait_for_unit("webnsupdate.service") # ensure base DNS records area available diff --git a/flake.lock b/flake.lock index b4bb41d..5d0749c 100644 --- a/flake.lock +++ b/flake.lock @@ -37,17 +37,18 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734424634, - "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "NixOS", "ref": "nixos-unstable", - "type": "indirect" + "repo": "nixpkgs", + "type": "github" } }, "root": { diff --git a/flake.nix b/flake.nix index 3e7f04f..f93aaca 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; systems.url = "github:nix-systems/default"; treefmt-nix = { url = "github:numtide/treefmt-nix";