feat(renovate): enable lockFileMaintenance #36

Merged
jalil merged 2 commits from renovate-lockfile-maintenance into main 2024-12-29 18:50:30 +01:00
2 changed files with 64 additions and 50 deletions
Showing only changes of commit 6a1feb2612 - Show all commits

View file

@ -24,10 +24,20 @@
"fileMatch": [ "fileMatch": [
"(^|/)flake\\.nix$" "(^|/)flake\\.nix$"
], ],
"commitMessageTopic": "flake inputs", "commitMessageTopic": "nixpkgs",
"commitMessageExtra": "to {{newValue}}", "commitMessageExtra": "to {{newValue}}",
"enabled": true "enabled": true
}, },
"lockFileMaintenance": {
"enabled": true,
"recreateWhen": "always",
"rebaseStalePrs": true,
"branchTopic": "lock-file-maintenance",
"commitMessageAction": "Lock file maintenance",
"schedule": [
"* 0-1 * * *"
]
},
"automergeSchedule": [ "automergeSchedule": [
"* 0-1 * * *" "* 0-1 * * *"
] ]

View file

@ -6,6 +6,7 @@
checks = checks =
let let
testDomain = "webnstest.example"; testDomain = "webnstest.example";
zoneFile = pkgs.writeText "${testDomain}.zoneinfo" '' zoneFile = pkgs.writeText "${testDomain}.zoneinfo" ''
$ORIGIN . $ORIGIN .
$TTL 60 ; 1 minute $TTL 60 ; 1 minute
@ -26,7 +27,7 @@
nsupdate IN AAAA ::1 nsupdate IN AAAA ::1
''; '';
webnsupdate-machine = bindDynamicZone =
{ config, ... }: { config, ... }:
let let
bindCfg = config.services.bind; bindCfg = config.services.bind;
@ -34,57 +35,60 @@
dynamicZonesDir = "${bindData}/zones"; dynamicZonesDir = "${bindData}/zones";
in in
{ {
imports = [ self.nixosModules.webnsupdate ]; services.bind.zones.${testDomain} = {
master = true;
config = { file = "${dynamicZonesDir}/${testDomain}";
environment.systemPackages = [ extraConfig = ''
pkgs.dig allow-update { key rndc-key; };
pkgs.curl
];
services = {
webnsupdate = {
enable = true;
bindIp = "127.0.0.1";
keyFile = "/etc/bind/rndc.key";
# test:test (user:password)
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
package = self'.packages.webnsupdate;
extraArgs = [
"-vvv" # debug messages
"--ip-source=ConnectInfo"
];
records = ''
test1.${testDomain}.
test2.${testDomain}.
test3.${testDomain}.
'';
};
bind = {
enable = true;
zones.${testDomain} = {
master = true;
file = "${dynamicZonesDir}/${testDomain}";
extraConfig = ''
allow-update { key rndc-key; };
'';
};
};
};
systemd.services.bind.preStart = ''
# shellcheck disable=SC2211,SC1127
rm -f ${dynamicZonesDir}/* # reset dynamic zones
mkdir -m 0755 -p ${dynamicZonesDir}
chown named ${dynamicZonesDir}
# copy dynamic zone's file to the dynamic zones dir
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
''; '';
}; };
systemd.services.bind.preStart = ''
# shellcheck disable=SC2211,SC1127
rm -f ${dynamicZonesDir}/* # reset dynamic zones
# create a dynamic zones dir
mkdir -m 0755 -p ${dynamicZonesDir}
# copy dynamic zone's file to the dynamic zones dir
cp ${zoneFile} ${dynamicZonesDir}/${testDomain}
'';
}; };
webnsupdate-machine = {
imports = [
bindDynamicZone
self.nixosModules.webnsupdate
];
config = {
environment.systemPackages = [
pkgs.dig
pkgs.curl
];
services = {
bind.enable = true;
webnsupdate = {
enable = true;
bindIp = "127.0.0.1";
keyFile = "/etc/bind/rndc.key";
# test:test (user:password)
passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
package = self'.packages.webnsupdate;
extraArgs = [
"-vvv" # debug messages
"--ip-source=ConnectInfo"
];
records = ''
test1.${testDomain}.
test2.${testDomain}.
test3.${testDomain}.
'';
};
};
};
};
in in
{ {
module-test = pkgs.testers.runNixOSTest { module-test = pkgs.testers.runNixOSTest {