search

LnL7 / nix-darwin

nix modules for darwin
MIT License
3.19k stars 456 forks source link

Add networking.hosts and .hostFiles from nixos #939

Open ibizaman opened 7 months ago

ibizaman commented 7 months ago

This code was taken nearly verbatim from https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/config/networking.nix

The few changes were related to making the default /etc/hosts match the Apple's stock one. This implied no 127.0.0.2 and forcing the IPV6 ::1 entry.

willemml commented 6 months ago

Possible duplicate of #807? (my PR is older and doesn't have tests though, so maybe this should be preferred)

ibizaman commented 6 months ago

Sorry @willemml I missed your PR. I didn’t intend to duplicate work.

secana commented 3 months ago

This PR seems fine but is blocked as a review is required. How can we help to get it merged?

niklasravnsborg commented 2 months ago

Oh this would be awesome :)

ibizaman commented 2 months ago

@Enzime rebasing is done. I tried to do the hash thing but I think I got it wrong.

I did cp /etc/hosts hosts, edited the file to remove the modifications I made, then sha256sum hosts and that's the hash I used. I suppose the hash is wrong though? Could someone provide me with the hash of a stock /etc/hosts file?

emilazy commented 2 months ago

It looks right to me:

emily@yuyuko ~> cat /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost
emily@yuyuko ~> shasum -a 256 /etc/hosts
c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da  /etc/hosts
emilazy commented 2 months ago

However the file in doc/ seems to be missing the trailing newline.

ibizaman commented 2 months ago

@emilazy good catch! Indeed:

Without the newline:

$ sha256sum doc/known-files/c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da
1b6fb3e08d41ae31b6bfe1f66fecf3ef53e302047993f6235570bc9391f291bb  doc/known-files/c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da

With:

$ sha256sum doc/known-files/c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da
c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da  doc/known-files/c7dd0e2ed261ce76d76f852596c5b54026b9a894fa481381ffd399b556c0e2da
Enzime commented 2 months ago

Looks like the tests are broken now

ibizaman commented 2 months ago

@Enzime indeed 😞 I have two questions related to the two failures I see.

How can I fix the /etc/hosts file exists issue? Does the error now come from me including a wrong /etc/hosts file? How can I print the /etc/hosts file from CI?

I looked and looked at the test output and can’t see the error printed out. How can I run the tests locally if I use flakes? I tried a few command line incantations but I can’t seem to make it right.

Enzime commented 1 week ago

The ability to run the tests through a flake interface will be added in #1140, until that's merged you can run your test locally with nix-build release.nix -A tests.networking-hosts

I've accessed the GitHub runner through tmate (I suspect only maintainers have access but I'm not sure, it's the last step in the install-against-stable and install-against-unstable jobs that runs if the job failed) and extracted the /etc/hosts file:

$ cat /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost
192.168.64.25 Mac-1730942908330.local Mac-1730942908330
192.168.64.25 Mac-1730942908330.local Mac-1730942908330
$ shasum -a 256 /etc/hosts
31ce667128143b67ac1e7c3b64fda0891d4ff011259c48e6c9bdbd704bc29118  /etc/hosts

I suspect that every GitHub Mac will have a different /etc/hosts so you'll most likely need to update these lines to generate a hash of /etc/hosts and set environment.etc.hosts.knownSha256Sums = [ ... ] like is already done with nix.conf: https://github.com/LnL7/nix-darwin/blob/98e7dba87238e4fa4eac609dc44f07dab40661c4/.github/workflows/test.yml#L143-L146

Enzime commented 1 week ago

Also if you could rebase this PR that would be great, let us know if you're still interested in working on this PR

emilazy commented 1 week ago

Probably simplest to just move the config files out of the way rather than hashing them.

Enzime commented 1 week ago

In the case of nix.conf I chose to hash it because of access-tokens and the changes get reflected immediately when I last tested but that should be fine for /etc/hosts