trust-dns: migrate module to nixpkgs repo

hosts/by-name/servo/services/trust-dns.nix

@@ -1,16 +1,16 @@
 { config, lib, pkgs, ... }:
 
 {
-  sane.services.trust-dns.enable = true;
+  services.trust-dns.enable = true;
 
-  sane.services.trust-dns.settings.listen_addrs_ipv4 = [
+  services.trust-dns.settings.listen_addrs_ipv4 = [
     # specify each address explicitly, instead of using "*".
     # this ensures responses are sent from the address at which the request was received.
     config.sane.hosts.by-name."servo".lan-ip
     "10.0.1.5"
   ];
-  sane.services.trust-dns.quiet = true;
-  # sane.services.trust-dns.debug = true;
+  services.trust-dns.quiet = true;
+  # services.trust-dns.debug = true;
 
   sane.ports.ports."53" = {
     protocol = [ "udp" "tcp" ];
@@ -61,13 +61,13 @@
 
   # we need trust-dns to load our zone by relative path instead of /nix/store path
   # because we generate it at runtime.
-  sane.services.trust-dns.settings.zones = [
+  services.trust-dns.settings.zones = [
     {
       zone = "uninsane.org";
     }
   ];
 
-  sane.services.trust-dns.package =
+  services.trust-dns.package =
     let
       sed = "${pkgs.gnused}/bin/sed";
       zone-dir = "/var/lib/trust-dns";

modules/services/default.nix

@@ -5,6 +5,7 @@
     ./kiwix-serve.nix
     ./mautrix-signal.nix
     ./nixserve.nix
-    ./trust-dns.nix
+    # XXX: partially lifted into nixpkgs repo: remove once upstreamed
+    # ./trust-dns.nix
   ];
 }

nixpatches/list.nix

@@ -226,6 +226,12 @@ in [
     hash = "sha256-njSTwVvUkmzmJcN2oGkv7VZA92lr4HS8cDPVpKRE+0w=";
   })
 
+  (fetchpatch' {
+    title = "nixos/trust-dns: init";
+    saneCommit = "4c801fa25278faceb1ccb0273bc58111bfb3d42e";
+    hash = "sha256-CHbEos/rPmy5WmE4xuZhYL6IqjXZui2iuMQWzmmlE0E=";
+  })
+
   # (fetchpatch' {
   #   # N.B.: compiles, but runtime error on launch suggestive of some module not being shipped
   #   title = "matrix-appservice-irc: 0.38.0 -> 1.0.0";