Poll: thoughts and feelings on adding a DNSBL package to nixpkgs?

efx · January 29, 2024, 11:42am

I’m curious how folks feel about packaging StevenBlack’s hosts project: GitHub - StevenBlack/hosts: 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. (DNSBL = DNS block list)

I am building a DNS Sinkhole using NixOS and will rely on that project for the blocking portion of my unbound configuration.
I’m lazy and love upstream packages :).

Do chime in with your thoughts, opinions, feelings on good idea, bad idea, something else.

A good fit for nixpkgs
Not a good fit; let users manage the configuration independently

0 voters

shanesveller · January 29, 2024, 1:17pm

It sounds to me like a mildly poor fit for nixpkgs’ update cadence, and could be prototyped readily as a flake or external channel input to work out the syntax/DX and provide a more prompt update flow.

MinerSebas · January 29, 2024, 3:50pm

Nixpkgs already contains this as a Package

github.com

NixOS/nixpkgs/blob/56911ef3403a9318b7621ce745f5452fb9ef6867/pkgs/tools/networking/stevenblack-blocklist/default.nix

{ lib, fetchFromGitHub }:

let
  version = "3.13.10";
in
fetchFromGitHub {
  name = "stevenblack-blocklist-${version}";

  owner = "StevenBlack";
  repo = "hosts";
  rev = version;
  sha256 = "sha256-LTo0NV1DpHI05AvfmTKNz+/NdXaNoLxgpMhV/HqeT6g=";

  meta = with lib; {
    description = "Unified hosts file with base extensions";
    homepage = "https://github.com/StevenBlack/hosts";
    license = licenses.mit;
    maintainers = with maintainers; [ moni ];
  };
}

and Nixos Module

github.com

NixOS/nixpkgs/blob/56911ef3403a9318b7621ce745f5452fb9ef6867/nixos/modules/config/stevenblack.nix

{ config, lib, pkgs, ... }:

let
  inherit (lib) optionals mkOption mkEnableOption types mkIf elem concatStringsSep maintainers mdDoc;
  cfg = config.networking.stevenblack;

  # needs to be in a specific order
  activatedHosts = with cfg; [ ]
    ++ optionals (elem "fakenews" block) [ "fakenews" ]
    ++ optionals (elem "gambling" block) [ "gambling" ]
    ++ optionals (elem "porn" block) [ "porn" ]
    ++ optionals (elem "social" block) [ "social" ];

  hostsPath = "${pkgs.stevenblack-blocklist}/alternates/" + concatStringsSep "-" activatedHosts + "/hosts";
in
{
  options.networking.stevenblack = {
    enable = mkEnableOption (mdDoc "the stevenblack hosts file blocklist");

    block = mkOption {

This file has been truncated. show original

But even then, directly using the upstream flake.nix is probably better due to more frequent updates.

github.com

StevenBlack/hosts/blob/741cbae6d7b1b3db598453aeed2e52cbea7455f0/flake.nix

{
  description = "Unified hosts file with base extensions.";
  outputs = { self, nixpkgs, ... }@inputs:
    let
      forAllSystems = nixpkgs.lib.genAttrs nixpkgs.lib.platforms.unix;

      nixpkgsFor = forAllSystems (system: import nixpkgs {
        inherit system;
      });
    in
    {
      nixosModule = { config, ... }:
        with nixpkgs.lib;
        let
          cfg = config.networking.stevenBlackHosts;
          alternatesList = (if cfg.blockFakenews then [ "fakenews" ] else []) ++
                           (if cfg.blockGambling then [ "gambling" ] else []) ++
                           (if cfg.blockPorn then [ "porn" ] else []) ++
                           (if cfg.blockSocial then [ "social" ] else []);
          alternatesPath = "alternates/" + builtins.concatStringsSep "-" alternatesList + "/";

This file has been truncated. show original

efx · January 30, 2024, 11:49am

Great finds, thank you!
I had trouble finding that using search.nixos.org. FWIW, I tried searching string “stephenblack”: https://search.nixos.org/packages?channel=23.11&from=0&size=50&sort=relevance&type=packages&query=stephenblack

winter · January 30, 2024, 12:49pm

I don’t think Elasticsearch is smart enough to correct “stephen” to “steven” in the context of package names