From 6b66e2fc9cd0f27771e12ef87cea6c40938c0840 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <v@cunat.cz>
Date: Sun, 1 Oct 2023 10:49:07 +0200
Subject: [PATCH] nixos/knot: compatibility with 23.05 config

- run conf-check iff keyFiles == [] (like in 23.05; this was my bug)
- support extraConfig + keyFiles

- but warning will still be shown if extraConfig is used,
  and it might be slightly confusing
---
 .../doc/manual/release-notes/rl-2311.section.md  |  2 +-
 nixos/modules/services/networking/knot.nix       | 16 ++++++++++------
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md
index 2ab28b898d7f..a0f1d12a006a 100644
--- a/nixos/doc/manual/release-notes/rl-2311.section.md
+++ b/nixos/doc/manual/release-notes/rl-2311.section.md
@@ -109,7 +109,7 @@
 
 - `pass` now does not contain `password-store.el`.  Users should get `password-store.el` from Emacs lisp package set `emacs.pkgs.password-store`.
 
-- `services.knot` now supports `.settings` from RFC42.  The change is not 100% compatible with the previous `.extraConfig`.
+- `services.knot` now supports `.settings` from RFC42.  The previous `.extraConfig` still works the same, but it displays a warning now.
 
 - `mu` now does not install `mu4e` files by default.  Users should get `mu4e` from Emacs lisp package set `emacs.pkgs.mu4e`.
 
diff --git a/nixos/modules/services/networking/knot.nix b/nixos/modules/services/networking/knot.nix
index d98c0ce25bf4..4f6ac945cf97 100644
--- a/nixos/modules/services/networking/knot.nix
+++ b/nixos/modules/services/networking/knot.nix
@@ -103,11 +103,15 @@ let
   in result;
 
   configFile = if cfg.settingsFile != null then
-    assert cfg.settings == {} && cfg.keyFiles == [];
+    # Note: with extraConfig, the 23.05 compat code did include keyFiles from settingsFile.
+    assert cfg.settings == {} && (cfg.keyFiles == [] || cfg.extraConfig != null);
     cfg.settingsFile
-  else pkgs.writeTextFile {
+  else
+    mkConfigFile yamlConfig;
+
+  mkConfigFile = configString: pkgs.writeTextFile {
     name = "knot.conf";
-    text = (concatMapStringsSep "\n" (file: "include: ${file}") cfg.keyFiles) + "\n" + yamlConfig;
+    text = (concatMapStringsSep "\n" (file: "include: ${file}") cfg.keyFiles) + "\n" + configString;
     # TODO: maybe we could do some checks even when private keys complicate this?
     checkPhase = lib.optionalString (cfg.keyFiles == []) ''
       ${cfg.package}/bin/knotc --config=$out conf-check
@@ -174,7 +178,7 @@ in {
         description = lib.mdDoc ''
           As alternative to ``settings``, you can provide whole configuration
           directly in the almost-YAML format of Knot DNS.
-          You might want to utilize ``writeTextFile`` for this.
+          You might want to utilize ``pkgs.writeText "knot.conf" "longConfigString"`` for this.
         '';
       };
 
@@ -189,9 +193,9 @@ in {
     };
   };
   imports = [
-    # Compatibility with NixOS 23.05.  At least partial, as it fails assert if used with keyFiles.
+    # Compatibility with NixOS 23.05.
     (mkChangedOptionModule [ "services" "knot" "extraConfig" ] [ "services" "knot" "settingsFile" ]
-      (config: pkgs.writeText "knot.conf" config.services.knot.extraConfig)
+      (config: mkConfigFile config.services.knot.extraConfig)
     )
   ];