bgpwtf: add rsh tests, fix startup sequencing
Change-Id: Idba53905d3965db6f805221da3e48548d7a01811
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1340
Reviewed-by: implr <implr@hackerspace.pl>
diff --git a/bgpwtf/machines/modules/rsh-unbound.nix b/bgpwtf/machines/modules/rsh-unbound.nix
index f4ec13a..d011ee6 100644
--- a/bgpwtf/machines/modules/rsh-unbound.nix
+++ b/bgpwtf/machines/modules/rsh-unbound.nix
@@ -54,17 +54,27 @@
};
out = mkOption {
type = str;
+ default = "/var/lib/rsh.conf";
description = "Output file for generated unbound config.";
};
+ register = mkOption {
+ type = str;
+ description = "URL of blocklist register.";
+ default = "https://hazard.mf.gov.pl/api/Register";
+ };
};
- config.systemd.services.rsh = mkIf cfg.enable {
- wantedBy = [ "multi-user.target" ];
- serviceConfig = {
- Type = "simple";
- ExecStart = "${rshUnbound}/bin/rsh-unbound -output ${cfg.out} -register_endpoint https://hazard.mf.gov.pl/api/Register";
- Restart = "always";
- RestartSec = "60";
+ config = mkIf cfg.enable {
+ services.unbound.settings.server.include = [ cfg.out ];
+ systemd.services.rsh = {
+ wantedBy = [ "multi-user.target" "unbound.service" ];
+ serviceConfig = {
+ Type = "simple";
+ ExecStartPre = "${pkgs.coreutils}/bin/touch ${cfg.out}";
+ ExecStart = "${rshUnbound}/bin/rsh-unbound -output ${cfg.out} -register_endpoint ${cfg.register}";
+ Restart = "always";
+ RestartSec = "10";
+ };
};
};
}