Skip to content

nixos/headscale: remove much-loosened-up server_url check#374374

Merged
misuzu merged 1 commit intoNixOS:masterfrom
motiejus:headscale-no-suffix-check
Jan 17, 2025
Merged

nixos/headscale: remove much-loosened-up server_url check#374374
misuzu merged 1 commit intoNixOS:masterfrom
motiejus:headscale-no-suffix-check

Conversation

@motiejus
Copy link
Contributor

@motiejus motiejus commented Jan 16, 2025
edited
Loading

server_url check has been loosened upstream and backported to NixOS2. The new, much looser check, is not practical to be implemented in Nix (you are welcome to give it a try; I've implemented the original one).

Since the surface area is much smaller now (and the scenario much less common), I think we can remove this assertion altogether.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 [reaction] to [pull requests you find important].

@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Jan 16, 2025
@motiejus motiejus mentioned this pull request Jan 16, 2025
Merged
13 tasks
@misuzu

This comment was marked as resolved.

Sign in to view
@motiejus
nixos/headscale: remove much-loosened-up server_url check
de0a499 
server_url check [has been loosened upstream][1] and backported to
NixOS[2]. The new, much looser check, is not practical to be implemented
in Nix (you are welcome to give it a try; I've implemented the original
one).

Since the surface area is much smaller now (and the scenario much less
common), I think we can remove this assertion altogether.

[1]: juanfont/headscale#2248
[2]: NixOS#358255
@motiejus motiejus force-pushed the headscale-no-suffix-check branch from 40b3c31 to de0a499 Compare January 17, 2025 06:04
@motiejus motiejus changed the title [headscale] remove much-loosened-up server_url check nixos/headscale: remove much-loosened-up server_url check Jan 17, 2025
@motiejus
Copy link
Contributor Author

motiejus commented Jan 17, 2025

Please follow the commit conventions https://github.com/NixOS/nixpkgs/blob/master/nixos/README.md#commit-conventions

Good call, thanks for the reminder. Updated!

@github-actions github-actions bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Jan 17, 2025
motiejus added a commit to motiejus/config that referenced this pull request Jan 17, 2025
@motiejus
Revert "headscale: revert base_domain to jakst."
25b1263 
This reverts commit b44d970.

NixOS/nixpkgs#374374
@misuzu misuzu merged commit ece71c6 into NixOS:master Jan 17, 2025
39 of 41 checks passed
@motiejus motiejus deleted the headscale-no-suffix-check branch January 17, 2025 19:22
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Jan 17, 2025

Successfully created backport PR for release-24.11:

@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Jan 17, 2025
Merged
1 task
@dotlambda
Copy link
Member

dotlambda commented Jan 17, 2025

It would have been nice to ping me, since I originally added the assertion.

The new, much looser check, is not practical to be implemented in Nix

I think it wouldn't be hard at all. Should I try to? I remember it being very frustrated when headscale stopped working due to this check and I couldn't reach my server anymore but I guess the check has been in place long enough that nobody uses an unsupported configuration anymore.

@motiejus
Copy link
Contributor Author

motiejus commented Jan 17, 2025

Sorry. It didn't occur to me toask, I would definitely do next time. :(

I "asked for changes" in the backporting patch, so we can at least stop the train somewhat? Hopefully that will stop landing.

In my opinion, I think the new, less restrictive config is much less common to be an issue, so is there still value?

@mtoohey31 mtoohey31 mentioned this pull request Jan 26, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@misuzu misuzu misuzu approved these changes

Assignees

No one assigned

Labels

6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@motiejus @misuzu @dotlambda