commit 7623b1c0fdbbc1a6e22a9436cedd549b045d3c4f · pyrox.dev/nixpkgs

+8 -8

nixos/tests/unbound.nix

···

       106
       106
        
                     {

     

       107
       107
        
                       name = ".";

     

       108
       108
        
                       forward-addr = [

     

       109
       109
       -
                         (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv6.addresses).address

     

       110
       110
       -
                         (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv4.addresses).address

     

       109
       109
       +
                         (lib.head nodes.authoritative.networking.interfaces.eth1.ipv6.addresses).address

     

       110
       110
       +
                         (lib.head nodes.authoritative.networking.interfaces.eth1.ipv4.addresses).address

     

       111
       111
        
                       ];

     

       112
       112
        
                     }

     

       113
       113
        
                   ];

     
···

       168
       168
        
                 "unbound-extra1.conf".text = ''

     

       169
       169
        
                   forward-zone:

     

       170
       170
        
                   name: "example.local."

     

       171
       171
       -
                   forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}

     

       172
       172
       -
                   forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}

     

       171
       171
       +
                   forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}

     

       172
       172
       +
                   forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}

     

       173
       173
        
                 '';

     

       174
       174
        
                 "unbound-extra2.conf".text = ''

     

       175
       175
        
                   auth-zone:

     
···

       187
       187
        
             client = { lib, nodes, ... }: {

     

       188
       188
        
               imports = [ common ];

     

       189
       189
        
               networking.nameservers = [

     

       190
       190
       -
                 (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address

     

       191
       191
       -
                 (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address

     

       190
       190
       +
                 (lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address

     

       191
       191
       +
                 (lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address

     

       192
       192
        
               ];

     

       193
       193
        
               networking.interfaces.eth1.ipv4.addresses = [

     

       194
       194
        
                 { address = "192.168.0.10"; prefixLength = 24; }

     
···

       276
       276
        
             resolver.wait_for_unit("multi-user.target")

     

       277
       277
        
       

     

       278
       278
        
             with subtest("client should be able to query the resolver"):

     

       279
       279
       -
                 test(client, ["${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True)

     

       279
       279
       +
                 test(client, ["${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True)

     

       280
       280
        
       

     

       281
       281
        
             # discard the client we do not need anymore

     

       282
       282
        
             client.shutdown()

     
···

       298
       298
        
                 ).strip()

     

       299
       299
        
       

     

       300
       300
        
                 # Thank you black! Can't really break this line into a readable version.

     

       301
       301
       -
                 expected = "example.local. IN forward ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"

     

       301
       301
       +
                 expected = "example.local. IN forward ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"

     

       302
       302
        
                 assert out == expected, f"Expected `{expected}` but got `{out}` instead."

     

       303
       303
        
                 local_resolver.fail("sudo -u unauthorizeduser -- unbound-control list_forwards")

     

       304
       304

+6 -15

pkgs/tools/networking/unbound/default.nix

···

       47
       47
        
       , gnutls

     

       48
       48
        
       }:

     

       49
       49
        
       

     

       50
       50
       -
       stdenv.mkDerivation rec {

     

       50
       50
       +
       stdenv.mkDerivation (finalAttrs: {

     

       51
       51
        
         pname = "unbound";

     

       52
       52
       -
         version = "1.18.0";

     

       52
       52
       +
         version = "1.19.0";

     

       53
       53
        
       

     

       54
       54
        
         src = fetchurl {

     

       55
       55
       -
           url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz";

     

       56
       56
       -
           hash = "sha256-PalUkKhc/2Qg8m+uC4Skn1ES3xvxt/w0+HJPAggstxI=";

     

       55
       55
       +
           url = "https://nlnetlabs.nl/downloads/unbound/unbound-${finalAttrs.version}.tar.gz";

     

       56
       56
       +
           hash = "sha256-qXUyRohUxhwt5IykFw3oVP07yVyAQ7sM+w/iZgWWZiQ=";

     

       57
       57
        
         };

     

       58
       58
       -
       

     

       59
       59
       -
         patches = [

     

       60
       60
       -
           # Backport: fix libunbound with nettle.

     

       61
       61
       -
           (fetchpatch {

     

       62
       62
       -
             url = "https://github.com/NLnetLabs/unbound/commit/654a7eab62cbd1844d483cc4a0f2cf2fbcbaf00a.patch";

     

       63
       63
       -
             excludes = [ "doc/Changelog" ];

     

       64
       64
       -
             hash = "sha256-n3FCeZESFrrn6Wcf28Hb8WZs1eMHWjbsf2WCFOXU3lI=";

     

       65
       65
       -
           })

     

       66
       66
       -
         ];

     

       67
       58
        
       

     

       68
       59
        
         outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB

     

       69
       60
        
       

     
···

       157
       148
        
         + ''substituteInPlace "$lib/lib/libunbound.la" ''

     

       158
       149
        
         + lib.concatMapStrings

     

       159
       150
        
           (pkg: lib.optionalString (pkg ? dev) " --replace '-L${pkg.dev}/lib' '-L${pkg.out}/lib' --replace '-R${pkg.dev}/lib' '-R${pkg.out}/lib'")

     

       160
       160
       -
           (builtins.filter (p: p != null) buildInputs);

     

       151
       151
       +
           (builtins.filter (p: p != null) finalAttrs.buildInputs);

     

       161
       152
        
       

     

       162
       153
        
         passthru.tests = {

     

       163
       154
        
           inherit gnutls;

     
···

       172
       163
        
           maintainers = with maintainers; [ ajs124 ];

     

       173
       164
        
           platforms = platforms.unix;

     

       174
       165
        
         };

     

       175
       175
       -
       }

     

       166
       166
       +
       })