From e38bf4250689f0ce57ab24b61759fecf08195b65 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Thu, 13 Jul 2023 09:57:11 +0000
Subject: [PATCH] trust-dns: migrate module to nixpkgs repo

---
 hosts/by-name/servo/services/trust-dns.nix | 12 ++++++------
 modules/services/default.nix               |  3 ++-
 nixpatches/list.nix                        |  6 ++++++
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/hosts/by-name/servo/services/trust-dns.nix b/hosts/by-name/servo/services/trust-dns.nix
index 6bd8b605..fcb4b98f 100644
--- a/hosts/by-name/servo/services/trust-dns.nix
+++ b/hosts/by-name/servo/services/trust-dns.nix
@@ -1,16 +1,16 @@
 { config, lib, pkgs, ... }:
 
 {
-  sane.services.trust-dns.enable = true;
+  services.trust-dns.enable = true;
 
-  sane.services.trust-dns.settings.listen_addrs_ipv4 = [
+  services.trust-dns.settings.listen_addrs_ipv4 = [
     # specify each address explicitly, instead of using "*".
     # this ensures responses are sent from the address at which the request was received.
     config.sane.hosts.by-name."servo".lan-ip
     "10.0.1.5"
   ];
-  sane.services.trust-dns.quiet = true;
-  # sane.services.trust-dns.debug = true;
+  services.trust-dns.quiet = true;
+  # services.trust-dns.debug = true;
 
   sane.ports.ports."53" = {
     protocol = [ "udp" "tcp" ];
@@ -61,13 +61,13 @@
 
   # we need trust-dns to load our zone by relative path instead of /nix/store path
   # because we generate it at runtime.
-  sane.services.trust-dns.settings.zones = [
+  services.trust-dns.settings.zones = [
     {
       zone = "uninsane.org";
     }
   ];
 
-  sane.services.trust-dns.package =
+  services.trust-dns.package =
     let
       sed = "${pkgs.gnused}/bin/sed";
       zone-dir = "/var/lib/trust-dns";
diff --git a/modules/services/default.nix b/modules/services/default.nix
index e5e7805e..24c3df6c 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -5,6 +5,7 @@
     ./kiwix-serve.nix
     ./mautrix-signal.nix
     ./nixserve.nix
-    ./trust-dns.nix
+    # XXX: partially lifted into nixpkgs repo: remove once upstreamed
+    # ./trust-dns.nix
   ];
 }
diff --git a/nixpatches/list.nix b/nixpatches/list.nix
index ab6284e4..9b62c844 100644
--- a/nixpatches/list.nix
+++ b/nixpatches/list.nix
@@ -226,6 +226,12 @@ in [
     hash = "sha256-njSTwVvUkmzmJcN2oGkv7VZA92lr4HS8cDPVpKRE+0w=";
   })
 
+  (fetchpatch' {
+    title = "nixos/trust-dns: init";
+    saneCommit = "4c801fa25278faceb1ccb0273bc58111bfb3d42e";
+    hash = "sha256-CHbEos/rPmy5WmE4xuZhYL6IqjXZui2iuMQWzmmlE0E=";
+  })
+
   # (fetchpatch' {
   #   # N.B.: compiles, but runtime error on launch suggestive of some module not being shipped
   #   title = "matrix-appservice-irc: 0.38.0 -> 1.0.0";