pyrox.dev / nixpkgs
lol
fork atom

nixosTests.knot: use settings format

authored by

Martin Weinelt and committed by
Vladimír Čunát 8e93f353 ce85980e

+58 -64
+58 -64
nixos/tests/knot.nix
··· 60 60 services.knot.enable = true; 61 61 services.knot.extraArgs = [ "-v" ]; 62 62 services.knot.keyFiles = [ tsigFile ]; 63 - services.knot.extraConfig = '' 64 - server: 65 - listen: 0.0.0.0@53 66 - listen: ::@53 67 - automatic-acl: true 63 + services.knot.settings = { 64 + server = { 65 + listen = [ 66 + "0.0.0.0@53" 67 + "::@53" 68 + ]; 69 + automatic-acl = true; 70 + }; 68 71 69 - remote: 70 - - id: secondary 71 - address: 192.168.0.2@53 72 - key: xfr_key 72 + acl.secondary_acl = { 73 + address = "192.168.0.2"; 74 + key = "xfr_key"; 75 + action = "transfer"; 76 + }; 73 77 74 - template: 75 - - id: default 76 - storage: ${knotZonesEnv} 77 - notify: [secondary] 78 - dnssec-signing: on 79 - # Input-only zone files 80 - # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 81 - # prevents modification of the zonefiles, since the zonefiles are immutable 82 - zonefile-sync: -1 83 - zonefile-load: difference 84 - journal-content: changes 85 - # move databases below the state directory, because they need to be writable 86 - journal-db: /var/lib/knot/journal 87 - kasp-db: /var/lib/knot/kasp 88 - timer-db: /var/lib/knot/timer 78 + remote.secondary.address = "192.168.0.2@53"; 89 79 90 - zone: 91 - - domain: example.com 92 - file: example.com.zone 80 + template.default = { 81 + storage = knotZonesEnv; 82 + notify = [ "secondary" ]; 83 + acl = [ "secondary_acl" ]; 84 + dnssec-signing = true; 85 + # Input-only zone files 86 + # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 87 + # prevents modification of the zonefiles, since the zonefiles are immutable 88 + zonefile-sync = -1; 89 + zonefile-load = "difference"; 90 + journal-content = "changes"; 91 + }; 93 92 94 - - domain: sub.example.com 95 - file: sub.example.com.zone 93 + zone = { 94 + "example.com".file = "example.com.zone"; 95 + "sub.example.com".file = "sub.example.com.zone"; 96 + }; 96 97 97 - log: 98 - - target: syslog 99 - any: info 100 - ''; 98 + log.syslog.any = "info"; 99 + }; 101 100 }; 102 101 103 102 secondary = { lib, ... }: { ··· 113 112 services.knot.enable = true; 114 113 services.knot.keyFiles = [ tsigFile ]; 115 114 services.knot.extraArgs = [ "-v" ]; 116 - services.knot.extraConfig = '' 117 - server: 118 - listen: 0.0.0.0@53 119 - listen: ::@53 120 - automatic-acl: true 115 + services.knot.settings = { 116 + server = { 117 + listen = [ 118 + "0.0.0.0@53" 119 + "::@53" 120 + ]; 121 + automatic-acl = true; 122 + }; 121 123 122 - remote: 123 - - id: primary 124 - address: 192.168.0.1@53 125 - key: xfr_key 124 + remote.primary = { 125 + address = "192.168.0.1@53"; 126 + key = "xfr_key"; 127 + }; 126 128 127 - template: 128 - - id: default 129 - master: primary 130 - # zonefileless setup 131 - # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 132 - zonefile-sync: -1 133 - zonefile-load: none 134 - journal-content: all 135 - # move databases below the state directory, because they need to be writable 136 - journal-db: /var/lib/knot/journal 137 - kasp-db: /var/lib/knot/kasp 138 - timer-db: /var/lib/knot/timer 139 - 140 - zone: 141 - - domain: example.com 142 - file: example.com.zone 129 + template.default = { 130 + master = "primary"; 131 + # zonefileless setup 132 + # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 133 + zonefile-sync = "-1"; 134 + zonefile-load = "none"; 135 + journal-content = "all"; 136 + }; 143 137 144 - - domain: sub.example.com 145 - file: sub.example.com.zone 138 + zone = { 139 + "example.com".file = "example.com.zone"; 140 + "sub.example.com".file = "sub.example.com.zone"; 141 + }; 146 142 147 - log: 148 - - target: syslog 149 - any: info 150 - ''; 143 + log.syslog.any = "info"; 144 + }; 151 145 }; 152 146 client = { lib, nodes, ... }: { 153 147 imports = [ common ];