Build Dnsmasq with nix-snapshotter
This commit is contained in:
parent
782b2e1c45
commit
ab3a068066
9 changed files with 165 additions and 58 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
|||
.direnv
|
||||
.pre-commit-config.yaml
|
||||
result
|
||||
|
|
108
flake.lock
108
flake.lock
|
@ -27,7 +27,7 @@
|
|||
},
|
||||
"deploy-rs": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"utils": "utils"
|
||||
},
|
||||
|
@ -144,11 +144,11 @@
|
|||
"flake-compat_3": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"lastModified": 1733328505,
|
||||
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -174,6 +174,22 @@
|
|||
}
|
||||
},
|
||||
"flake-compat_5": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_6": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
|
@ -189,7 +205,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_6": {
|
||||
"flake-compat_7": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
|
@ -206,6 +222,27 @@
|
|||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"nix-snapshotter",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1733312601,
|
||||
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts_2": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"servers",
|
||||
|
@ -353,7 +390,7 @@
|
|||
},
|
||||
"git-hooks_2": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_4",
|
||||
"flake-compat": "flake-compat_5",
|
||||
"gitignore": "gitignore_2",
|
||||
"nixpkgs": [
|
||||
"servers",
|
||||
|
@ -418,6 +455,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"globset": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"nix-snapshotter",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729844927,
|
||||
"narHash": "sha256-nBkQx23jgpGPk3aU2KcqJCoYvzjsKEjWBePmc2z8N3k=",
|
||||
"owner": "pdtpartners",
|
||||
"repo": "globset",
|
||||
"rev": "eb9d9e64b7ab0a64c34ba4a5a990b66506401c35",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pdtpartners",
|
||||
"repo": "globset",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"haumea": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -465,7 +523,7 @@
|
|||
},
|
||||
"kubenix_2": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_5",
|
||||
"flake-compat": "flake-compat_6",
|
||||
"nixpkgs": [
|
||||
"servers",
|
||||
"nixpkgs-unstable"
|
||||
|
@ -542,8 +600,31 @@
|
|||
},
|
||||
"nix-snapshotter": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_6",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-parts": "flake-parts",
|
||||
"globset": "globset",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1734289443,
|
||||
"narHash": "sha256-oU3AGvzByR7622kntPUPIHfAreOIktAsJav2ATHuc18=",
|
||||
"owner": "pdtpartners",
|
||||
"repo": "nix-snapshotter",
|
||||
"rev": "387e220d369dfa0ad093035515e8757f83144be8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pdtpartners",
|
||||
"repo": "nix-snapshotter",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-snapshotter_2": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_7",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"nixpkgs": [
|
||||
"servers",
|
||||
"nixpkgs-unstable"
|
||||
|
@ -595,16 +676,16 @@
|
|||
"treefmt-nix": "treefmt-nix_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1734470616,
|
||||
"narHash": "sha256-8pQ2ar2NVU3ehf1o9DHcn3rlsl440eOWcEv7bQfiOec=",
|
||||
"lastModified": 1734627884,
|
||||
"narHash": "sha256-C1Ih6EgmEmr2D3W0wfeR4/uTwqeyhtnPaWoT8baFmhw=",
|
||||
"owner": "pizzapim",
|
||||
"repo": "NixNG",
|
||||
"rev": "fd29c877186dbb06d5593d734952baec199a5261",
|
||||
"rev": "069d0fe8096fd2306e388e90d936cd3741896b80",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pizzapim",
|
||||
"ref": "radicale",
|
||||
"ref": "specialargs",
|
||||
"repo": "NixNG",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -838,6 +919,7 @@
|
|||
"flake-utils": "flake-utils_2",
|
||||
"git-hooks": "git-hooks",
|
||||
"kubenix": "kubenix",
|
||||
"nix-snapshotter": "nix-snapshotter",
|
||||
"nixhelm": "nixhelm",
|
||||
"nixng": "nixng",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
|
@ -853,7 +935,7 @@
|
|||
"flake-utils": "flake-utils_6",
|
||||
"git-hooks": "git-hooks_2",
|
||||
"kubenix": "kubenix_2",
|
||||
"nix-snapshotter": "nix-snapshotter",
|
||||
"nix-snapshotter": "nix-snapshotter_2",
|
||||
"nixng": "nixng_2",
|
||||
"nixos-facter-modules": "nixos-facter-modules",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
|
|
|
@ -41,7 +41,12 @@
|
|||
};
|
||||
|
||||
nixng = {
|
||||
url = "github:pizzapim/NixNG/radicale";
|
||||
url = "github:pizzapim/NixNG/specialargs";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
nix-snapshotter = {
|
||||
url = "github:pdtpartners/nix-snapshotter";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
@ -53,5 +58,6 @@
|
|||
./globals.nix
|
||||
./formatter.nix
|
||||
./shell.nix
|
||||
./nixng-configurations
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
{
|
||||
globals,
|
||||
nixpkgs,
|
||||
nglib,
|
||||
...
|
||||
}:
|
||||
nglib.makeSystem {
|
||||
inherit nixpkgs;
|
||||
system = "x86_64-linux";
|
||||
name = "nixng-dnsmasq";
|
||||
|
||||
config = {...}: {
|
||||
dinit.enable = true;
|
||||
init.services.dnsmasq.shutdownOnExit = true;
|
||||
|
||||
services.dnsmasq = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
address = [
|
||||
"/kms.kun.is/${globals.kmsIPv4}"
|
||||
"/ssh.git.kun.is/${globals.gitIPv4}"
|
||||
];
|
||||
|
||||
alias = "${globals.routerPublicIPv4},${globals.traefikIPv4}";
|
||||
expand-hosts = true;
|
||||
local = "/dmz/";
|
||||
log-queries = true;
|
||||
no-hosts = true;
|
||||
no-resolv = true;
|
||||
port = 53;
|
||||
|
||||
server = [
|
||||
"192.168.30.1"
|
||||
"/kun.is/${globals.bind9IPv4}"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -21,8 +21,8 @@ flake-utils.lib.eachDefaultSystem
|
|||
inherit (self) globals;
|
||||
|
||||
utils = import ./utils.nix {
|
||||
inherit pkgs;
|
||||
inherit (inputs) nixpkgs nixng;
|
||||
inherit pkgs self;
|
||||
inherit (inputs) nixpkgs nixng nix-snapshotter;
|
||||
inherit (self) globals;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{
|
||||
self,
|
||||
utils,
|
||||
globals,
|
||||
config,
|
||||
|
@ -17,7 +16,7 @@
|
|||
metadata.labels.app = "dnsmasq";
|
||||
|
||||
spec.containers.dnsmasq = {
|
||||
image = utils.nixSnapshotterRef (utils.mkNixNGImage "dnsmasq" "${self}/images/dnsmasq.nix");
|
||||
image = utils.mkNixNGImage2 "dnsmasq";
|
||||
imagePullPolicy = "Always";
|
||||
|
||||
ports.dns = {
|
||||
|
|
21
nixng-configurations/default.nix
Normal file
21
nixng-configurations/default.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
self,
|
||||
flake-utils,
|
||||
nixng,
|
||||
nixpkgs,
|
||||
...
|
||||
}:
|
||||
flake-utils.lib.eachDefaultSystem (system: let
|
||||
images = {
|
||||
dnsmasq = ./dnsmasq.nix;
|
||||
};
|
||||
in {
|
||||
nixngConfigurations = builtins.mapAttrs (name: configFile:
|
||||
nixng.nglib.makeSystem {
|
||||
inherit nixpkgs system;
|
||||
name = "nixng-${name}";
|
||||
specialArgs = {inherit (self) globals;};
|
||||
config = import configFile;
|
||||
})
|
||||
images;
|
||||
})
|
28
nixng-configurations/dnsmasq.nix
Normal file
28
nixng-configurations/dnsmasq.nix
Normal file
|
@ -0,0 +1,28 @@
|
|||
{globals, ...}: {
|
||||
dinit.enable = true;
|
||||
init.services.dnsmasq.shutdownOnExit = true;
|
||||
|
||||
services.dnsmasq = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
address = [
|
||||
"/kms.kun.is/${globals.kmsIPv4}"
|
||||
"/ssh.git.kun.is/${globals.gitIPv4}"
|
||||
];
|
||||
|
||||
alias = "${globals.routerPublicIPv4},${globals.traefikIPv4}";
|
||||
expand-hosts = true;
|
||||
local = "/dmz/";
|
||||
log-queries = true;
|
||||
no-hosts = true;
|
||||
no-resolv = true;
|
||||
port = 53;
|
||||
|
||||
server = [
|
||||
"192.168.30.1"
|
||||
"/kun.is/${globals.bind9IPv4}"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
10
utils.nix
10
utils.nix
|
@ -1,8 +1,10 @@
|
|||
{
|
||||
self,
|
||||
pkgs,
|
||||
nixpkgs,
|
||||
nixng,
|
||||
globals,
|
||||
nix-snapshotter,
|
||||
...
|
||||
}: {
|
||||
mkNixNGImage = name: file: let
|
||||
|
@ -27,4 +29,12 @@
|
|||
};
|
||||
|
||||
nixSnapshotterRef = imagePath: "nix:0${imagePath}";
|
||||
|
||||
mkNixNGImage2 = name:
|
||||
(nix-snapshotter.packages.${pkgs.stdenv.system}.nix-snapshotter.buildImage {
|
||||
inherit name;
|
||||
resolvedByNix = true;
|
||||
config.entrypoint = ["${self.nixngConfigurations.${pkgs.stdenv.system}.${name}.config.system.build.toplevel}/init"];
|
||||
})
|
||||
.image;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue