pyrox.dev / nixpkgs
lol
fork atom

nixos/rebuilderd: init

Pol Dellaiera 2c8bdd00 24987a55

+96
+2
nixos/doc/manual/release-notes/rl-2505.section.md
··· 171 171 172 172 - [Recyclarr](https://github.com/recyclarr/recyclarr) a TRaSH Guides synchronizer for Sonarr and Radarr. Available as [services.recyclarr](#opt-services.recyclarr.enable). 173 173 174 + - [Rebuilderd](https://github.com/kpcyrd/rebuilderd) an independent verification of binary packages - Reproducible Builds. Available as [services.rebuilderd](#opt-services.rebuilderd.enable). 175 + 174 176 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> 175 177 176 178 ## Backward Incompatibilities {#sec-release-25.05-incompatibilities}
+1
nixos/modules/module-list.nix
··· 868 868 ./services/misc/radicle.nix 869 869 ./services/misc/readarr.nix 870 870 ./services/misc/realmd.nix 871 + ./services/misc/rebuilderd.nix 871 872 ./services/misc/recyclarr.nix 872 873 ./services/misc/redlib.nix 873 874 ./services/misc/redmine.nix
+49
nixos/modules/services/misc/rebuilderd.nix
··· 1 + { 2 + config, 3 + pkgs, 4 + lib, 5 + ... 6 + }: 7 + 8 + let 9 + inherit (lib) mkEnableOption mkIf mkPackageOption; 10 + cfg = config.services.rebuilderd; 11 + 12 + format = pkgs.formats.toml { }; 13 + settings = lib.attrsets.filterAttrs (n: v: v != null) cfg.settings; 14 + configFile = format.generate "rebuilderd.conf" settings; 15 + in 16 + { 17 + options.services.rebuilderd = { 18 + enable = mkEnableOption "rebuilderd service for independent verification of binary packages"; 19 + package = mkPackageOption pkgs "rebuilderd" { }; 20 + settings = lib.mkOption { 21 + type = lib.types.submodule { 22 + freeformType = format.type; 23 + }; 24 + default = { }; 25 + description = '' 26 + Configuration for rebuilderd (rebuilderd.conf) 27 + ''; 28 + }; 29 + }; 30 + 31 + config = mkIf cfg.enable { 32 + systemd.services.rebuilderd = { 33 + description = "Independent verification of binary packages"; 34 + wantedBy = [ "multi-user.target" ]; 35 + environment = { 36 + REBUILDERD_COOKIE_PATH = "/var/lib/rebuilderd/auth-cookie"; 37 + }; 38 + after = [ 39 + "network.target" 40 + ]; 41 + serviceConfig = { 42 + ExecStart = "${cfg.package}/bin/rebuilderd --config ${configFile}"; 43 + DynamicUser = true; 44 + StateDirectory = "rebuilderd"; 45 + WorkingDirectory = "/var/lib/rebuilderd"; 46 + }; 47 + }; 48 + }; 49 + }
+1
nixos/tests/all-tests.nix
··· 953 953 readarr = handleTest ./readarr.nix {}; 954 954 realm = handleTest ./realm.nix {}; 955 955 readeck = runTest ./readeck.nix; 956 + rebuilderd = runTest ./rebuilderd.nix; 956 957 redis = handleTest ./redis.nix {}; 957 958 redlib = handleTest ./redlib.nix {}; 958 959 redmine = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./redmine.nix {};
+38
nixos/tests/rebuilderd.nix
··· 1 + { lib, ... }: 2 + 3 + { 4 + name = "rebuilderd"; 5 + 6 + nodes = { 7 + machine = 8 + { pkgs, ... }: 9 + { 10 + services.rebuilderd = { 11 + enable = true; 12 + }; 13 + }; 14 + 15 + machine_custom_config = 16 + { pkgs, ... }: 17 + { 18 + services.rebuilderd = { 19 + enable = true; 20 + settings = { 21 + http.bind_addr = "0.0.0.0:1234"; 22 + }; 23 + }; 24 + }; 25 + }; 26 + 27 + testScript = '' 28 + machine.start() 29 + machine.wait_for_unit("rebuilderd.service") 30 + machine.wait_for_open_port(8484) 31 + 32 + machine_custom_config.start() 33 + machine_custom_config.wait_for_unit("rebuilderd.service") 34 + machine_custom_config.wait_for_open_port(1234) 35 + ''; 36 + 37 + meta.maintainers = [ lib.maintainers.drupol ]; 38 + }
+5
pkgs/by-name/re/rebuilderd/package.nix
··· 15 15 darwin, 16 16 buildPackages, 17 17 versionCheckHook, 18 + nixosTests, 18 19 nix-update-script, 19 20 }: 20 21 ··· 108 109 ]; 109 110 versionCheckProgramArg = [ "--version" ]; 110 111 doInstallCheck = true; 112 + 113 + passthru.tests = { 114 + rebuilderd = nixosTests.rebuilderd; 115 + }; 111 116 112 117 passthru.updateScript = nix-update-script { }; 113 118