diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2023-07-09 23:32:07 +0200 |
---|---|---|
committer | Vladimír Čunát <v@cunat.cz> | 2023-09-23 10:04:02 +0200 |
commit | 8e93f353cc26904b4ba7c128536014aaf6df4a5c (patch) | |
tree | 086b6a2701c736d266a39e48a5e602fe53e97ae2 /nixos | |
parent | ce85980e77ab1abbd91f127bea24534c703e05bb (diff) | |
download | nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar.gz nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar.bz2 nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar.lz nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar.xz nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.tar.zst nixlib-8e93f353cc26904b4ba7c128536014aaf6df4a5c.zip |
nixosTests.knot: use settings format
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/tests/knot.nix | 140 |
1 files changed, 67 insertions, 73 deletions
diff --git a/nixos/tests/knot.nix b/nixos/tests/knot.nix index 2ecbf69194bb..44efd93b6fa9 100644 --- a/nixos/tests/knot.nix +++ b/nixos/tests/knot.nix @@ -60,44 +60,43 @@ in { services.knot.enable = true; services.knot.extraArgs = [ "-v" ]; services.knot.keyFiles = [ tsigFile ]; - services.knot.extraConfig = '' - server: - listen: 0.0.0.0@53 - listen: ::@53 - automatic-acl: true - - remote: - - id: secondary - address: 192.168.0.2@53 - key: xfr_key - - template: - - id: default - storage: ${knotZonesEnv} - notify: [secondary] - dnssec-signing: on - # Input-only zone files - # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 - # prevents modification of the zonefiles, since the zonefiles are immutable - zonefile-sync: -1 - zonefile-load: difference - journal-content: changes - # move databases below the state directory, because they need to be writable - journal-db: /var/lib/knot/journal - kasp-db: /var/lib/knot/kasp - timer-db: /var/lib/knot/timer - - zone: - - domain: example.com - file: example.com.zone - - - domain: sub.example.com - file: sub.example.com.zone - - log: - - target: syslog - any: info - ''; + services.knot.settings = { + server = { + listen = [ + "0.0.0.0@53" + "::@53" + ]; + automatic-acl = true; + }; + + acl.secondary_acl = { + address = "192.168.0.2"; + key = "xfr_key"; + action = "transfer"; + }; + + remote.secondary.address = "192.168.0.2@53"; + + template.default = { + storage = knotZonesEnv; + notify = [ "secondary" ]; + acl = [ "secondary_acl" ]; + dnssec-signing = true; + # Input-only zone files + # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-3 + # prevents modification of the zonefiles, since the zonefiles are immutable + zonefile-sync = -1; + zonefile-load = "difference"; + journal-content = "changes"; + }; + + zone = { + "example.com".file = "example.com.zone"; + "sub.example.com".file = "sub.example.com.zone"; + }; + + log.syslog.any = "info"; + }; }; secondary = { lib, ... }: { @@ -113,41 +112,36 @@ in { services.knot.enable = true; services.knot.keyFiles = [ tsigFile ]; services.knot.extraArgs = [ "-v" ]; - services.knot.extraConfig = '' - server: - listen: 0.0.0.0@53 - listen: ::@53 - automatic-acl: true - - remote: - - id: primary - address: 192.168.0.1@53 - key: xfr_key - - template: - - id: default - master: primary - # zonefileless setup - # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 - zonefile-sync: -1 - zonefile-load: none - journal-content: all - # move databases below the state directory, because they need to be writable - journal-db: /var/lib/knot/journal - kasp-db: /var/lib/knot/kasp - timer-db: /var/lib/knot/timer - - zone: - - domain: example.com - file: example.com.zone - - - domain: sub.example.com - file: sub.example.com.zone - - log: - - target: syslog - any: info - ''; + services.knot.settings = { + server = { + listen = [ + "0.0.0.0@53" + "::@53" + ]; + automatic-acl = true; + }; + + remote.primary = { + address = "192.168.0.1@53"; + key = "xfr_key"; + }; + + template.default = { + master = "primary"; + # zonefileless setup + # https://www.knot-dns.cz/docs/2.8/html/operation.html#example-2 + zonefile-sync = "-1"; + zonefile-load = "none"; + journal-content = "all"; + }; + + zone = { + "example.com".file = "example.com.zone"; + "sub.example.com".file = "sub.example.com.zone"; + }; + + log.syslog.any = "info"; + }; }; client = { lib, nodes, ... }: { imports = [ common ]; |