Loading nixos/tests/unbound.nix +8 −8 Original line number Diff line number Diff line Loading @@ -106,8 +106,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "."; forward-addr = [ (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv4.addresses).address (lib.head nodes.authoritative.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.authoritative.networking.interfaces.eth1.ipv4.addresses).address ]; } ]; Loading Loading @@ -168,8 +168,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: "unbound-extra1.conf".text = '' forward-zone: name: "example.local." forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address} forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address} ''; "unbound-extra2.conf".text = '' auth-zone: Loading @@ -187,8 +187,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: client = { lib, nodes, ... }: { imports = [ common ]; networking.nameservers = [ (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address (lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address ]; networking.interfaces.eth1.ipv4.addresses = [ { address = "192.168.0.10"; prefixLength = 24; } Loading Loading @@ -276,7 +276,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: resolver.wait_for_unit("multi-user.target") with subtest("client should be able to query the resolver"): test(client, ["${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True) test(client, ["${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True) # discard the client we do not need anymore client.shutdown() Loading @@ -298,7 +298,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: ).strip() # Thank you black! Can't really break this line into a readable version. expected = "example.local. IN forward ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}" expected = "example.local. IN forward ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}" assert out == expected, f"Expected `{expected}` but got `{out}` instead." local_resolver.fail("sudo -u unauthorizeduser -- unbound-control list_forwards") Loading pkgs/tools/networking/unbound/default.nix +6 −15 Original line number Diff line number Diff line Loading @@ -47,24 +47,15 @@ , gnutls }: stdenv.mkDerivation rec { stdenv.mkDerivation (finalAttrs: { pname = "unbound"; version = "1.18.0"; version = "1.19.0"; src = fetchurl { url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; hash = "sha256-PalUkKhc/2Qg8m+uC4Skn1ES3xvxt/w0+HJPAggstxI="; url = "https://nlnetlabs.nl/downloads/unbound/unbound-${finalAttrs.version}.tar.gz"; hash = "sha256-qXUyRohUxhwt5IykFw3oVP07yVyAQ7sM+w/iZgWWZiQ="; }; patches = [ # Backport: fix libunbound with nettle. (fetchpatch { url = "https://github.com/NLnetLabs/unbound/commit/654a7eab62cbd1844d483cc4a0f2cf2fbcbaf00a.patch"; excludes = [ "doc/Changelog" ]; hash = "sha256-n3FCeZESFrrn6Wcf28Hb8WZs1eMHWjbsf2WCFOXU3lI="; }) ]; outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB nativeBuildInputs = [ makeWrapper pkg-config ] Loading Loading @@ -157,7 +148,7 @@ stdenv.mkDerivation rec { + ''substituteInPlace "$lib/lib/libunbound.la" '' + lib.concatMapStrings (pkg: lib.optionalString (pkg ? dev) " --replace '-L${pkg.dev}/lib' '-L${pkg.out}/lib' --replace '-R${pkg.dev}/lib' '-R${pkg.out}/lib'") (builtins.filter (p: p != null) buildInputs); (builtins.filter (p: p != null) finalAttrs.buildInputs); passthru.tests = { inherit gnutls; Loading @@ -172,4 +163,4 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ ajs124 ]; platforms = platforms.unix; }; } }) Loading
nixos/tests/unbound.nix +8 −8 Original line number Diff line number Diff line Loading @@ -106,8 +106,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "."; forward-addr = [ (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv4.addresses).address (lib.head nodes.authoritative.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.authoritative.networking.interfaces.eth1.ipv4.addresses).address ]; } ]; Loading Loading @@ -168,8 +168,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: "unbound-extra1.conf".text = '' forward-zone: name: "example.local." forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address} forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address} ''; "unbound-extra2.conf".text = '' auth-zone: Loading @@ -187,8 +187,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: client = { lib, nodes, ... }: { imports = [ common ]; networking.nameservers = [ (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address (lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address (lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address ]; networking.interfaces.eth1.ipv4.addresses = [ { address = "192.168.0.10"; prefixLength = 24; } Loading Loading @@ -276,7 +276,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: resolver.wait_for_unit("multi-user.target") with subtest("client should be able to query the resolver"): test(client, ["${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True) test(client, ["${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True) # discard the client we do not need anymore client.shutdown() Loading @@ -298,7 +298,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: ).strip() # Thank you black! Can't really break this line into a readable version. expected = "example.local. IN forward ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}" expected = "example.local. IN forward ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}" assert out == expected, f"Expected `{expected}` but got `{out}` instead." local_resolver.fail("sudo -u unauthorizeduser -- unbound-control list_forwards") Loading
pkgs/tools/networking/unbound/default.nix +6 −15 Original line number Diff line number Diff line Loading @@ -47,24 +47,15 @@ , gnutls }: stdenv.mkDerivation rec { stdenv.mkDerivation (finalAttrs: { pname = "unbound"; version = "1.18.0"; version = "1.19.0"; src = fetchurl { url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; hash = "sha256-PalUkKhc/2Qg8m+uC4Skn1ES3xvxt/w0+HJPAggstxI="; url = "https://nlnetlabs.nl/downloads/unbound/unbound-${finalAttrs.version}.tar.gz"; hash = "sha256-qXUyRohUxhwt5IykFw3oVP07yVyAQ7sM+w/iZgWWZiQ="; }; patches = [ # Backport: fix libunbound with nettle. (fetchpatch { url = "https://github.com/NLnetLabs/unbound/commit/654a7eab62cbd1844d483cc4a0f2cf2fbcbaf00a.patch"; excludes = [ "doc/Changelog" ]; hash = "sha256-n3FCeZESFrrn6Wcf28Hb8WZs1eMHWjbsf2WCFOXU3lI="; }) ]; outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB nativeBuildInputs = [ makeWrapper pkg-config ] Loading Loading @@ -157,7 +148,7 @@ stdenv.mkDerivation rec { + ''substituteInPlace "$lib/lib/libunbound.la" '' + lib.concatMapStrings (pkg: lib.optionalString (pkg ? dev) " --replace '-L${pkg.dev}/lib' '-L${pkg.out}/lib' --replace '-R${pkg.dev}/lib' '-R${pkg.out}/lib'") (builtins.filter (p: p != null) buildInputs); (builtins.filter (p: p != null) finalAttrs.buildInputs); passthru.tests = { inherit gnutls; Loading @@ -172,4 +163,4 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ ajs124 ]; platforms = platforms.unix; }; } })
