update-ci #3

Merged
jalil merged 3 commits from update-ci into main 2024-09-30 16:40:19 +02:00
4 changed files with 139 additions and 112 deletions
Showing only changes of commit 144d5c45c6 - Show all commits

View file

@ -1,7 +1,8 @@
{
lib,
rustPlatform,
}: let
}:
let
readToml = path: builtins.fromTOML (builtins.readFile path);
cargoToml = readToml ./Cargo.toml;
pname = cargoToml.package.name;
@ -11,32 +12,34 @@
name = "${pname}-source";
# Adapted from <https://github.com/ipetkov/crane/blob/master/lib/filterCargoSources.nix>
# no need to pull in crane for just this
filter = orig_path: type: let
path = toString orig_path;
base = baseNameOf path;
parentDir = baseNameOf (dirOf path);
matchesSuffix = lib.any (suffix: lib.hasSuffix suffix base) [
# Rust sources
".rs"
# TOML files are often used to configure cargo based tools (e.g. .cargo/config.toml)
".toml"
];
isCargoLock = base == "Cargo.lock";
# .cargo/config.toml is captured above
isOldStyleCargoConfig = parentDir == ".cargo" && base == "config";
in
filter =
orig_path: type:
let
path = toString orig_path;
base = baseNameOf path;
parentDir = baseNameOf (dirOf path);
matchesSuffix = lib.any (suffix: lib.hasSuffix suffix base) [
# Rust sources
".rs"
# TOML files are often used to configure cargo based tools (e.g. .cargo/config.toml)
".toml"
];
isCargoLock = base == "Cargo.lock";
# .cargo/config.toml is captured above
isOldStyleCargoConfig = parentDir == ".cargo" && base == "config";
in
type == "directory" || matchesSuffix || isCargoLock || isOldStyleCargoConfig;
};
in
rustPlatform.buildRustPackage {
inherit pname version src;
cargoLock.lockFile = ./Cargo.lock;
useNextest = true;
rustPlatform.buildRustPackage {
inherit pname version src;
cargoLock.lockFile = ./Cargo.lock;
useNextest = true;
meta = {
inherit description;
license = lib.licenses.mit;
homepage = "https://github.com/jalil-salame/webnsupdate";
mainProgram = "webnsupdate";
};
}
meta = {
inherit description;
license = lib.licenses.mit;
homepage = "https://github.com/jalil-salame/webnsupdate";
mainProgram = "webnsupdate";
};
}

120
flake.nix
View file

@ -5,59 +5,75 @@
systems.url = "github:nix-systems/default";
};
outputs = {
self,
nixpkgs,
systems,
}: let
forEachSupportedSystem = nixpkgs.lib.genAttrs (import systems);
in {
checks = forEachSupportedSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
inherit (nixpkgs) lib;
in {
fmtRust = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "fmt-rust";
extraNativeBuildInputs = [pkgs.rustfmt];
cmd = "${lib.getExe pkgs.cargo} fmt --all --check --verbose";
};
fmtNix = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "fmt-nix";
cmd = "${lib.getExe pkgs.alejandra} --check .";
};
lintNix = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "lint-nix";
cmd = "${lib.getExe pkgs.statix} check .";
};
});
formatter = forEachSupportedSystem (system: nixpkgs.legacyPackages.${system}.alejandra);
outputs =
{
self,
nixpkgs,
systems,
}:
let
forEachSupportedSystem = nixpkgs.lib.genAttrs (import systems);
in
{
checks = forEachSupportedSystem (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
inherit (nixpkgs) lib;
in
{
fmtRust = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "fmt-rust";
extraNativeBuildInputs = [ pkgs.rustfmt ];
cmd = "${lib.getExe pkgs.cargo} fmt --all --check --verbose";
};
fmtNix = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "fmt-nix";
cmd = "${lib.getExe self.formatter.${system}} --check .";
};
lintNix = pkgs.callPackage ./run-cmd.nix {
src = self;
name = "lint-nix";
cmd = "${lib.getExe pkgs.statix} check .";
};
}
);
formatter = forEachSupportedSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
packages = forEachSupportedSystem (system: let
webnsupdate = nixpkgs.legacyPackages.${system}.callPackage ./default.nix {};
in {
inherit webnsupdate;
default = webnsupdate;
});
packages = forEachSupportedSystem (
system:
let
webnsupdate = nixpkgs.legacyPackages.${system}.callPackage ./default.nix { };
in
{
inherit webnsupdate;
default = webnsupdate;
overlays.default = final: prev: {
webnsupdate = final.callPackage ./default.nix {};
}
);
overlays.default = final: prev: {
webnsupdate = final.callPackage ./default.nix { };
};
nixosModules.default = ./module.nix;
devShells = forEachSupportedSystem (
system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
default = pkgs.mkShell {
packages = [
pkgs.cargo-insta
pkgs.cargo-udeps
pkgs.mold
];
};
}
);
};
nixosModules.default = ./module.nix;
devShells = forEachSupportedSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
default = pkgs.mkShell {
packages = [
pkgs.cargo-insta
pkgs.cargo-udeps
pkgs.mold
];
};
});
};
}

View file

@ -3,13 +3,15 @@
pkgs,
config,
...
}: let
}:
let
cfg = config.services.webnsupdate;
inherit (lib) mkOption mkEnableOption types;
in {
in
{
options.services.webnsupdate = mkOption {
description = "An HTTP server for nsupdate.";
default = {};
default = { };
type = types.submodule {
options = {
enable = mkEnableOption "webnsupdate";
@ -18,8 +20,8 @@ in {
Extra arguments to be passed to the webnsupdate server command.
'';
type = types.listOf types.str;
default = [];
example = ["--ip-source"];
default = [ ];
example = [ "--ip-source" ];
};
bindIp = mkOption {
description = ''
@ -102,47 +104,53 @@ in {
};
};
config = let
recordsFile =
if cfg.recordsFile != null
then cfg.recordsFile
else pkgs.writeText "webnsrecords" cfg.records;
args = lib.strings.escapeShellArgs ([
"--records"
recordsFile
"--key-file"
cfg.keyFile
"--password-file"
cfg.passwordFile
"--address"
cfg.bindIp
"--port"
(builtins.toString cfg.bindPort)
"--ttl"
(builtins.toString cfg.ttl)
]
++ cfg.extraArgs);
cmd = "${lib.getExe pkgs.webnsupdate} ${args}";
in
config =
let
recordsFile =
if cfg.recordsFile != null then cfg.recordsFile else pkgs.writeText "webnsrecords" cfg.records;
args = lib.strings.escapeShellArgs (
[
"--records"
recordsFile
"--key-file"
cfg.keyFile
"--password-file"
cfg.passwordFile
"--address"
cfg.bindIp
"--port"
(builtins.toString cfg.bindPort)
"--ttl"
(builtins.toString cfg.ttl)
]
++ cfg.extraArgs
);
cmd = "${lib.getExe pkgs.webnsupdate} ${args}";
in
lib.mkIf cfg.enable {
# warnings =
# lib.optional (!config.services.bind.enable) "`webnsupdate` is expected to be used alongside `bind`. This is an unsopported configuration.";
assertions = [
{
assertion = (cfg.records != null || cfg.recordsFile != null) && !(cfg.records != null && cfg.recordsFile != null);
assertion =
(cfg.records != null || cfg.recordsFile != null)
&& !(cfg.records != null && cfg.recordsFile != null);
message = "Exactly one of `services.webnsupdate.records` and `services.webnsupdate.recordsFile` must be set.";
}
];
systemd.services.webnsupdate = {
description = "Web interface for nsupdate.";
wantedBy = ["multi-user.target"];
after = ["network.target" "bind.service"];
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"bind.service"
];
preStart = "${cmd} verify";
path = [pkgs.dig];
path = [ pkgs.dig ];
startLimitIntervalSec = 60;
serviceConfig = {
ExecStart = [cmd];
ExecStart = [ cmd ];
Type = "exec";
Restart = "on-failure";
RestartSec = "10s";

View file

@ -3,8 +3,8 @@
src,
name,
cmd,
extraBuildInputs ? [],
extraNativeBuildInputs ? [],
extraBuildInputs ? [ ],
extraNativeBuildInputs ? [ ],
}:
stdenvNoCC.mkDerivation {
name = "${name}-src";