lib/default.nix: add address collision check
This commit is contained in:
parent
0284bbd675
commit
1460fa8131
|
@ -122,6 +122,14 @@ in {
|
|||
assertion = cfg.isInHq -> (config.users.users.root.password == null);
|
||||
message = "Root passwords not allowed in HQ";
|
||||
}
|
||||
{
|
||||
assertion = cfg.hq.enableBinaryCache -> cfg.mapHqHosts;
|
||||
message = "mapHqHosts must be enabled for enableBinaryCache";
|
||||
}
|
||||
{
|
||||
assertion = cfg.hq.enableMpdProxy -> cfg.mapHqHosts;
|
||||
message = "mapHqHosts must be enabled for enableMpdProxy";
|
||||
}
|
||||
{
|
||||
assertion = let
|
||||
check = hostName: hostName == config.networking.hostName;
|
||||
|
@ -131,14 +139,40 @@ in {
|
|||
toString ../host-registry.nix
|
||||
}";
|
||||
}
|
||||
{
|
||||
assertion = cfg.hq.enableBinaryCache -> cfg.mapHqHosts;
|
||||
message = "mapHqHosts must be enabled for enableBinaryCache";
|
||||
( # Check for hostRegistry address collisions
|
||||
let
|
||||
getAddrHosts = key:
|
||||
builtins.foldl' (result: host:
|
||||
if hostRegistry.hosts.${host} ? "${key}"
|
||||
then let
|
||||
addr = hostRegistry.hosts.${host}.${key};
|
||||
in if result ? "${addr}"
|
||||
then result // {
|
||||
"${addr}" = lib.unique (
|
||||
result.${addr} ++ [ host ]
|
||||
);
|
||||
}
|
||||
{
|
||||
assertion = cfg.hq.enableMpdProxy -> cfg.mapHqHosts;
|
||||
message = "mapHqHosts must be enabled for enableMpdProxy";
|
||||
else result // {
|
||||
"${addr}" = [ host ];
|
||||
}
|
||||
else result
|
||||
) {} (builtins.attrNames hostRegistry.hosts);
|
||||
dupHosts =
|
||||
builtins.concatMap (hosts:
|
||||
if builtins.length hosts == 1
|
||||
then []
|
||||
else hosts
|
||||
) (
|
||||
builtins.attrValues (
|
||||
getAddrHosts "ip4" // getAddrHosts "ip6"
|
||||
)
|
||||
);
|
||||
in {
|
||||
assertion = dupHosts == [];
|
||||
message = "Hosts have duplicate addresses: ${
|
||||
lib.concatStringsSep " " dupHosts
|
||||
}";
|
||||
})
|
||||
];
|
||||
|
||||
networking.defaultGateway = lib.mkIf (!config.networking.useNetworkd) (
|
||||
|
|
Loading…
Reference in New Issue