c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

lib/default.nix: add address collision check

This commit is contained in:
Astro 2021-10-27 17:52:35 +02:00
parent 0284bbd675
commit 1460fa8131
1 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
lib/default.nix
View File

@ -122,6 +122,14 @@ in {
assertion = cfg.isInHq -> (config.users.users.root.password == null);
message = "Root passwords not allowed in HQ";
}
{
assertion = cfg.hq.enableBinaryCache -> cfg.mapHqHosts;
message = "mapHqHosts must be enabled for enableBinaryCache";
}
{
assertion = cfg.hq.enableMpdProxy -> cfg.mapHqHosts;
message = "mapHqHosts must be enabled for enableMpdProxy";
}
{
assertion = let
check = hostName: hostName == config.networking.hostName;
@ -131,14 +139,40 @@ in {
toString ../host-registry.nix
}";
}
{
assertion = cfg.hq.enableBinaryCache -> cfg.mapHqHosts;
message = "mapHqHosts must be enabled for enableBinaryCache";
}
{
assertion = cfg.hq.enableMpdProxy -> cfg.mapHqHosts;
message = "mapHqHosts must be enabled for enableMpdProxy";
}
( # Check for hostRegistry address collisions
let
getAddrHosts = key:
builtins.foldl' (result: host:
if hostRegistry.hosts.${host} ? "${key}"
then let
addr = hostRegistry.hosts.${host}.${key};
in if result ? "${addr}"
then result // {
"${addr}" = lib.unique (
result.${addr} ++ [ host ]
);
}
else result // {
"${addr}" = [ host ];
}
else result
) {} (builtins.attrNames hostRegistry.hosts);
dupHosts =
builtins.concatMap (hosts:
if builtins.length hosts == 1
then []
else hosts
) (
builtins.attrValues (
getAddrHosts "ip4" // getAddrHosts "ip6"
)
);
in {
assertion = dupHosts == [];
message = "Hosts have duplicate addresses: ${
lib.concatStringsSep " " dupHosts
}";
})
];
networking.defaultGateway = lib.mkIf (!config.networking.useNetworkd) (