Drift/PVV-DNS
1
0
Fork 1
Code Issues Pull Requests Actions Activity

Add nix flake checks #2

Merged
oysteikt merged 3 commits from add-nix-flake-check into main 2026-05-25 19:25:18 +02:00
Conversation 3 Commits 3 Files Changed 3
+66 -25
oysteikt commented 2026-05-25 09:13:45 +02:00
Owner
Copy Link
Copy Source

Makes it possible to quickly run nsd-checkconf and nsd-checkzone locally on the derivation outputs by running nix flake check.

Makes it possible to quickly run `nsd-checkconf` and `nsd-checkzone` locally on the derivation outputs by running `nix flake check`.
oysteikt added 2 commits 2026-05-25 09:13:45 +02:00
flake.nix: embed pkgs instantiation in forAllSystems 8acff15072
flake.nix: add checks, add checkPhases with nsd-check* tests f604e300ed
oysteikt requested review from felixalb 2026-05-25 09:13:45 +02:00
felixalb commented 2026-05-25 17:18:54 +02:00
Owner
Copy Link
Copy Source

I think the diff looks cool, and this is useful, but am I misunderstanding nix flake check or do the checks seem to pass when they shouldn't?

[felixalb@sisko:~/general/pvv/pvv-dns]$ git diff
diff --git a/nsd.conf.nix b/nsd.conf.nix
index 94005d6..7e73b67 100644
--- a/nsd.conf.nix
+++ b/nsd.conf.nix
@@ -17,7 +17,7 @@ stdenvNoCC.mkDerivation {
     # Generated by https://git.pvv.ntnu.no/felixalb/PVV-DNS
     # See man 5 nsd.conf

-    server:
+    server:⁽)%
         hide-version: yes
         verbosity: 1
         logfile: /var/log/nsd.log

[felixalb@sisko:~/general/pvv/pvv-dns]$ nix build
warning: Git tree '/home/felixalb/Documents/pvv/pvv-dns' is dirty

[felixalb@sisko:~/general/pvv/pvv-dns]$ nsd-checkconf result/etc/nsd/nsd.conf
result/etc/nsd/nsd.conf:4: at 'server:⁽)%': error: syntax error
read result/etc/nsd/nsd.conf failed: 1 errors in configuration file

[felixalb@sisko:~/general/pvv/pvv-dns]$ nix flake check
warning: Git tree '/home/felixalb/Documents/pvv/pvv-dns' is dirty
warning: The check omitted these incompatible systems: aarch64-darwin, aarch64-linux
Use '--all-systems' to check all.

[felixalb@sisko:~/general/pvv/pvv-dns]$ echo $?
0
I think the diff looks cool, and this is useful, but am I misunderstanding `nix flake check` or do the checks seem to pass when they shouldn't? ``` [felixalb@sisko:~/general/pvv/pvv-dns]$ git diff diff --git a/nsd.conf.nix b/nsd.conf.nix index 94005d6..7e73b67 100644 --- a/nsd.conf.nix +++ b/nsd.conf.nix @@ -17,7 +17,7 @@ stdenvNoCC.mkDerivation { # Generated by https://git.pvv.ntnu.no/felixalb/PVV-DNS # See man 5 nsd.conf - server: + server:⁽)% hide-version: yes verbosity: 1 logfile: /var/log/nsd.log [felixalb@sisko:~/general/pvv/pvv-dns]$ nix build warning: Git tree '/home/felixalb/Documents/pvv/pvv-dns' is dirty [felixalb@sisko:~/general/pvv/pvv-dns]$ nsd-checkconf result/etc/nsd/nsd.conf result/etc/nsd/nsd.conf:4: at 'server:⁽)%': error: syntax error read result/etc/nsd/nsd.conf failed: 1 errors in configuration file [felixalb@sisko:~/general/pvv/pvv-dns]$ nix flake check warning: Git tree '/home/felixalb/Documents/pvv/pvv-dns' is dirty warning: The check omitted these incompatible systems: aarch64-darwin, aarch64-linux Use '--all-systems' to check all. [felixalb@sisko:~/general/pvv/pvv-dns]$ echo $? 0 ```
oysteikt added 1 commit 2026-05-25 17:29:18 +02:00
nsd.conf.nix: use mkDerivation to get proper build logs
Build and test / build (pull_request) Successful in 47s
Details
Build and test / test (pull_request) Successful in 20s
Details
Build and test / deploy (pull_request) Has been skipped
Details
Build and test / build (push) Successful in 47s
Details
Build and test / test (push) Successful in 20s
Details
Build and test / deploy (push) Successful in 21s
Details
75457ae427
oysteikt force-pushed add-nix-flake-check from 9e525750ca to 75457ae427 2026-05-25 17:29:18 +02:00 Compare
oysteikt commented 2026-05-25 17:29:23 +02:00
Author
Owner
Copy Link
Copy Source

&& interacted differently with errexit than I had expected, new patch should fix it

`&&` interacted differently with errexit than I had expected, new patch should fix it
felixalb approved these changes 2026-05-25 19:19:57 +02:00
felixalb left a comment
Owner
Copy Link
Copy Source

Very cool, kanye! Looks like improvements all around.

Initially, I would want the zone checks to not pass silently if we broke the generating code to produce a zoneConfigs attrset with some or all of the zones missing (can't have broken zones if you don't have any zones), but the CI deploy job already explicitly checks all the expected zones, so this is fine, as long as we don't change the CI test job to just use the nix checks.

Very cool, kanye! Looks like improvements all around. Initially, I would want the zone checks to not pass silently if we broke the generating code to produce a `zoneConfigs` attrset with some or all of the zones missing (can't have broken zones if you don't have any zones), but the CI deploy job already explicitly checks all the expected zones, so this is fine, as long as we don't change the CI test job to just use the nix checks.
oysteikt merged commit 75457ae427 into main 2026-05-25 19:25:18 +02:00
oysteikt deleted branch add-nix-flake-check 2026-05-25 19:25:18 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
felixalb
Labels
Clear labels
art
The issue needs someone to be creative
 backup
big
No, not bug, **big** - this is gonna take a while
 blocked
This issue/PR depends on one or more other issues/PRs
 bug
Something is not working, and it's not the shield hero
 comprehensive first issue
Do this as your first issue, and learn a lot of things
 crash report
Report an oopsie
 disputed
kranglefanter
 documentation
Documentation changes required
 duplicate
This issue or pull request already exists
 enhancement
New feature
 good first issue
Get your hands dirty with a new project here
 logging
networking
TTM4100
 nixos
Requires changes to our nixos setup
 question
More information is needed
 salt
Requires changes to our salt setup
 security
Skommel
 servers n' hardware
Regards hardware, servers or VMs
 simple first issue
Done in nix no time
 wontfix
This won't be fixed
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adriangl (Adrian Gunnar Lauterer) albertba (Albert Bayazidi) alfhj (Alf Helge Jakobsen) bjornoka (Bjornar Orjansen Kaarevik) chrisfjo (Christian Fredrik Johnsen) chrivi (Christoffer Viken) danio (Daniel Lovbrotte Olsen) davidk (David Kaasen) dungby (Dung-Bai Yen) eirikwit (Eirik Witterso) felixalb (Felix Albrigtsen) frero (Fredrik Robertsen) jonmro (Jon Martinus Rodtang) jovre (Jo Vassbotn Remvik) karolds (Karoline Dyve Samuelsen) knuta (Knut Auvor Grythe) krisleri (Kristoffer Longva Eriksen) larshhan (Lars Halvor Hansen) olived (Oliver Didriksen-Kolstad) oysteikt (Oystein Kristoffer Tveit) pederbs (Peder Bergebakken Sundt) root (rot) torsteno (Torstein Nordgård-Hansen) vegardbm (Vegard Bieker Matthey) yorinad (Yorin Anne De Jong)
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Drift/PVV-DNS#2
Delete Branch "add-nix-flake-check"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?