From d91dc1c52e951cb2f50cb644d0c7d6b8e3055cb3 Mon Sep 17 00:00:00 2001 From: Cottand Date: Fri, 10 Nov 2023 11:16:55 +0000 Subject: [PATCH 1/4] set up nix flake --- flake.lock | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 48 ++++++++++++++++++++++++++++++++++++++++ grimd_test.go | 1 + result | 1 + shell.nix | 4 ---- 5 files changed, 111 insertions(+), 4 deletions(-) create mode 100644 flake.lock create mode 100644 flake.nix create mode 120000 result delete mode 100644 shell.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..7bdd046 --- /dev/null +++ b/flake.lock @@ -0,0 +1,61 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1699099776, + "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..5e0cd97 --- /dev/null +++ b/flake.nix @@ -0,0 +1,48 @@ +{ + description = "Grimd, a fast dns proxy, built to black-hole internet advertisements and malware servers"; + + + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + inputs.flake-utils.url = "github:numtide/flake-utils"; + + outputs = { self, nixpkgs, flake-utils, ... }: + let + build = { system, vendorSha256 }: + let pkgs = import nixpkgs { inherit system; }; in pkgs.buildGo121Module { + inherit vendorSha256; + pname = "grimd"; + version = "0.0.1-test"; + src = ./.; + }; + in + (flake-utils.lib.eachDefaultSystem (system: + let pkgs = import nixpkgs { inherit system; }; in rec { + + ## Build & packaging + packages.grimd = build { + inherit system; + vendorSha256 = "sha256-5dIZzqaw88lKuh1JHJurRZCPgrNzDHK/53bXKNGQBvQ="; + }; + + defaultPackage = packages.grimd; + + + ## Dev environment + devShells = rec { + grimd = pkgs.mkShell { + packages = [ pkgs.fish pkgs.go_1_21 ]; + # Note that `shellHook` still uses bash syntax. This starts fish, then exists the bash shell when fish exits. + shellHook = '' + fish && exit + ''; + }; + default = grimd; + }; + + ## App + apps = rec { + grimd = flake-utils.lib.mkApp { drv = self.packages.${system}.grimd; }; + default = grimd; + }; + })); +} diff --git a/grimd_test.go b/grimd_test.go index 0c2c317..bfcd33a 100644 --- a/grimd_test.go +++ b/grimd_test.go @@ -245,6 +245,7 @@ func TestDohIntegration(t *testing.T) { // TestDohAsProxy checks that DoH works for non-custom records func TestDohAsProxy(t *testing.T) { + t.Skip("This test is impure in that it speaks to the internet - disabled by default for reproducibility") dohBind := "localhost:8181" integrationTest(func(c *Config) { c.DnsOverHttpServer.Bind = dohBind diff --git a/result b/result new file mode 120000 index 0000000..6a25f38 --- /dev/null +++ b/result @@ -0,0 +1 @@ +/nix/store/djjc3q0vidy58j56mxz99fani5nwjir4-grimd-0.0.1-test \ No newline at end of file diff --git a/shell.nix b/shell.nix deleted file mode 100644 index e9017fe..0000000 --- a/shell.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ pkgs ? import (builtins.fetchTarball "https://api.github.com/repos/nixos/nixpkgs/tarball/nixos-unstable") {} }: - pkgs.mkShell { - nativeBuildInputs = with pkgs; [ go_1_21 ]; -} From 8091080f1f564a71bc454ba2bf91fa9dc41f1ce5 Mon Sep 17 00:00:00 2001 From: Cottand Date: Fri, 10 Nov 2023 11:23:39 +0000 Subject: [PATCH 2/4] remove result from git --- .gitignore | 4 +++- result | 1 - 2 files changed, 3 insertions(+), 2 deletions(-) delete mode 120000 result diff --git a/.gitignore b/.gitignore index 91aa98d..edc949b 100644 --- a/.gitignore +++ b/.gitignore @@ -8,4 +8,6 @@ sources grimd grimd.log grimd.toml -.DS_Store \ No newline at end of file +.DS_Store + +result/ \ No newline at end of file diff --git a/result b/result deleted file mode 120000 index 6a25f38..0000000 --- a/result +++ /dev/null @@ -1 +0,0 @@ -/nix/store/djjc3q0vidy58j56mxz99fani5nwjir4-grimd-0.0.1-test \ No newline at end of file From 2a3fed4af854cf56d9e81bd19955d791dde2630a Mon Sep 17 00:00:00 2001 From: Cottand Date: Fri, 10 Nov 2023 11:36:57 +0000 Subject: [PATCH 3/4] add CI for nix on GHA --- .github/workflows/test-nix.yml | 23 +++++++++++++++++++++++ result | 1 + 2 files changed, 24 insertions(+) create mode 100644 .github/workflows/test-nix.yml create mode 120000 result diff --git a/.github/workflows/test-nix.yml b/.github/workflows/test-nix.yml new file mode 100644 index 0000000..8f00c62 --- /dev/null +++ b/.github/workflows/test-nix.yml @@ -0,0 +1,23 @@ +name: Test Nix Flake build + +on: + workflow_dispatch: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: cachix/install-nix-action@v22 + with: + nix_path: nixpkgs=channel:nixos-23.05 + github_access_token: ${{ secrets.GITHUB_TOKEN }} + + - run: nix build . --show-trace + + - run: nix flake check diff --git a/result b/result new file mode 120000 index 0000000..9001ad3 --- /dev/null +++ b/result @@ -0,0 +1 @@ +/nix/store/hj96qzznw0822na8m3h48xwk907v7jkp-grimd-0.0.1-test \ No newline at end of file From 1d1c956c2e38a5e71a734ea25ebccdbf30bc263f Mon Sep 17 00:00:00 2001 From: Cottand Date: Fri, 10 Nov 2023 12:12:32 +0000 Subject: [PATCH 4/4] simply flake, update README --- .gitignore | 2 +- README.md | 28 +++++++++------------------- flake.nix | 42 ++++++++++++++++++++---------------------- result | 1 - 4 files changed, 30 insertions(+), 43 deletions(-) delete mode 120000 result diff --git a/.gitignore b/.gitignore index edc949b..8694f09 100644 --- a/.gitignore +++ b/.gitignore @@ -10,4 +10,4 @@ grimd.log grimd.toml .DS_Store -result/ \ No newline at end of file +result \ No newline at end of file diff --git a/README.md b/README.md index cfda02e..3d3a49f 100644 --- a/README.md +++ b/README.md @@ -27,25 +27,15 @@ Forked from [looterz/grimd](https://github.com/looterz/grimd) go install github.com/cottand/grimd@latest ``` -You can also download one of the [releases](https://github.com/cottand/grimd/releases) -or [docker images](https://github.com/cottand/grimd/pkgs/container/grimd). Detailed guides and resources can be found on -the [wiki](https://github.com/cottand/grimd/wiki). +You can also +- download one of the binary [releases](https://github.com/cottand/grimd/releases) +- use the [Docker image](https://github.com/cottand/grimd/pkgs/container/grimd) + - `docker run -d -p 53:53/udp -p 53:53/tcp -p 8080:8080/tcp ghcr.io/cottand/grimd` +- use [Docker compose YML](https://raw.githubusercontent.com/cottand/grimd/master/docker-compose.yml) +- use the [Nix flake](https://github.com/Cottand/grimd/tree/master/flake.nix) + - `nix run github:cottand/grimd` -# Docker Installation - -To quickly get grimd up and running with docker, run - -``` -docker run -d -p 53:53/udp -p 53:53/tcp -p 8080:8080/tcp ghcr.io/cottand/grimd:latest -``` - -Alternatively, download -the [docker-compose.yml](https://raw.githubusercontent.com/cottand/grimd/master/docker-compose.yml) file and launch it -using docker-compose. - -``` -docker-compose up -d -``` +Detailed guides and resources can be found on the [wiki](https://github.com/cottand/grimd/wiki). # Configuration @@ -69,7 +59,7 @@ Usage of grimd: # Building -Requires golang 1.20 or higher, you build grimd like any other golang application, for example to build for linux x64 +Requires golang 1.21 or higher, you build grimd like any other golang application, for example to build for linux x64 ```shell env GOOS=linux GOARCH=amd64 go build -v github.com/cottand/grimd diff --git a/flake.nix b/flake.nix index 5e0cd97..f1e01f7 100644 --- a/flake.nix +++ b/flake.nix @@ -6,43 +6,41 @@ inputs.flake-utils.url = "github:numtide/flake-utils"; outputs = { self, nixpkgs, flake-utils, ... }: - let - build = { system, vendorSha256 }: - let pkgs = import nixpkgs { inherit system; }; in pkgs.buildGo121Module { - inherit vendorSha256; - pname = "grimd"; - version = "0.0.1-test"; - src = ./.; - }; - in (flake-utils.lib.eachDefaultSystem (system: - let pkgs = import nixpkgs { inherit system; }; in rec { - - ## Build & packaging - packages.grimd = build { - inherit system; - vendorSha256 = "sha256-5dIZzqaw88lKuh1JHJurRZCPgrNzDHK/53bXKNGQBvQ="; + let pkgs = import nixpkgs { inherit system; }; in { + + # Build & packaging + ## use with `nix build` + packages = rec { + grimd = pkgs.buildGo121Module { + inherit system; + vendorSha256 = "sha256-5dIZzqaw88lKuh1JHJurRZCPgrNzDHK/53bXKNGQBvQ="; + pname = "grimd"; + version = "0.0.1-test"; + src = ./.; + }; + default = grimd; }; - defaultPackage = packages.grimd; - - ## Dev environment + # Dev environment + ## use with `nix develop` devShells = rec { grimd = pkgs.mkShell { packages = [ pkgs.fish pkgs.go_1_21 ]; # Note that `shellHook` still uses bash syntax. This starts fish, then exists the bash shell when fish exits. - shellHook = '' - fish && exit - ''; + shellHook = "fish && exit"; }; default = grimd; }; - ## App + + # App + ## use with `nix run` apps = rec { grimd = flake-utils.lib.mkApp { drv = self.packages.${system}.grimd; }; default = grimd; }; + })); } diff --git a/result b/result deleted file mode 120000 index 9001ad3..0000000 --- a/result +++ /dev/null @@ -1 +0,0 @@ -/nix/store/hj96qzznw0822na8m3h48xwk907v7jkp-grimd-0.0.1-test \ No newline at end of file