3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

553 commits

Author SHA1 Message Date
Thomas Tuegel 0fdaae8be4
nixos/tests/sddm-kde5: don't run tests through krunner
(cherry picked from commit 1f510dc7cd)
2016-09-09 10:12:31 -05:00
Rodney Lorrimar 5537503dec nixos/tests/pump.io: Fix systemd unit config
Ref #18209

(cherry picked from commit 3fd603c02f)
2016-09-08 17:06:49 +01:00
Eric Sagnes f39f829441 nixos: unbreak influxdb test (due to new API)
Data from the documentation example[1] was used.

[1] https://docs.influxdata.com/influxdb/v1.0/guides/writing_data/

[Bjørn: change commit message.]
2016-09-08 15:01:10 +02:00
aszlig 75efdc6502
nixos/tests/blivet: Fix btrfs-related tests
The loopback-based tests use a storage size of 102400 blocks (one block
is 1024 bytes), which doesn't seem to fit for btrfs volumes in recent
btrfs versions. I'm setting this to 409600 (400 MB) now so that it
should be enough for later versions in case they need even more space
for subvolumes.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-07 16:32:12 +02:00
aszlig fb46df8a9a
nixos: Fix ordering of firewall.service
Follow-up to the following commits:

  abdc5961c3cdf9f5893ea1e91ba08ff5089f53a4: Fix starting the firewall
  e090701e2d09aec3e8866ab9a8e53c37973ffeb4: Order before sysinit

Solely use sysinit.target here instead of multi-user.target because we
want to make sure that the iptables rules are applied *before* any
socket units are started.

The reason I've dropped the wantedBy on multi-user.target is that
sysinit.target is already a part of the dependency chain of
multi-user.target.

To make sure that this holds true, I've added a small test case to
ensure that during switch of the configuration the firewall.service is
considered as well.

Tested using the firewall NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra
2016-09-07 15:11:24 +02:00
Benjamin Staffin 58869cf310 prometheus service: add
This is based on @benleys work: https://github.com/NixOS/nixpkgs/pull/8216
I updated changed the user and group ids.
2016-09-04 20:03:32 +01:00
Jaka Hudoklin c083ab99b2 Merge pull request #17969 from offlinehacker/pkgs/etcd/update-3.0.6
Update etcd, improve nixos module, fix nixos tests
2016-09-04 16:31:50 +02:00
Jörg Thalheim 94dd66882f ferm: fix race condition in integration test (#18288)
curl sent the request faster then nginx bound the port in some cases
2016-09-04 14:34:06 +02:00
Joachim F 78b4b632ae Merge pull request #18085 from Mic92/ferm
ferm: add integration test
2016-09-03 17:27:38 +02:00
Joachim F 3db5311be9 Merge pull request #18207 from tavyc/quagga-module
quagga service: init
2016-09-03 16:23:23 +02:00
Graham Christensen ff5fd1ec40 etcd-cluster: split up openssl commands 2016-09-03 13:59:28 +02:00
Vladimír Čunát 02217bf697 Merge #17838: postgresql: Fix use with extensions 2016-09-02 20:09:40 +02:00
Octavian Cerna eb14130934 quagga test: Add test for the quagga service. 2016-09-02 14:00:32 +03:00
Lancelot SIX 5b8072fff6
postgresql: Fix use with extensions
Fixes #15512 and #16032

With the multi output, postgresql cannot find at runtime what is its
basedir when looking for libdir and pkglibdir. This commit fixes that.
2016-09-02 11:51:21 +02:00
Данило Глинський (Danylo Hlynskyi) 78cd9f8ebc virtualbox: add headless build (without Qt dependency) (#18026) 2016-09-01 20:54:58 +02:00
Jörg Thalheim 2ed6529444
ferm: add integration test 2016-08-29 15:34:30 +02:00
Jaka Hudoklin 0630233afa etcd module: add test for simple one node etcd service 2016-08-25 14:42:22 +02:00
Jaka Hudoklin 8256c07fc0 etcd module: add support for ssl, better defaults, fix tests 2016-08-24 20:12:24 +02:00
obadz 0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Eelco Dolstra 3fe93d2f75 Fix virtualbox test evaluation 2016-08-23 13:05:14 +02:00
Tuomas Tynkkynen 74a3a2cd7e treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
Robin Gloster 33e1c78ae3 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-16 07:54:01 +00:00
obadz 1759825b34 nixos/tests/ecryptfs: placate some commands causing many builds failure
These commands shouldn't have to be here in the first place as ecryptfs
homes should be automatically unmounted during logoff.
2016-08-16 02:47:08 +01:00
Robin Gloster bea8972d96 nixos.tests.boot-stage1: disable pic for kernel module 2016-08-13 09:49:24 +00:00
Graham Christensen 5d2980aa8e
gocd-agent / gocd-server: Reduce test memory requirements so Hydra builds 2016-08-10 16:21:35 -04:00
Graham Christensen d969f3fa51
gocd-agent: 16.7.0 startup fixes + test improvements
- Agent now takes a full URL to the Go.CD server
 - Instruct the agent to attempt restart every 30s upon failure
 - Test's Accept header did not match the server's expectation
 - Replace the tests' complex Awk matches with calls to `jq`
2016-08-10 15:47:29 -04:00
Shawn Warren 8750b4892e bump gocd-agent version to 16.6.0-3590 (#17311)
Update gocd-agent package version to 16.6.0-3590 including new sha.  Modify heapSize
and maxMemory mkOption to accurately reflect their intended purpose of configuring
initial java heap sizes.
2016-08-10 17:10:13 +02:00
Frederik Rietdijk 8955dc5e7e Merge pull request #17464 from cransom/cassandra
Cassandra
2016-08-10 11:42:57 +02:00
obadz 74b3ad148d nixos/tests/installer.nix: add libxml2 & libxslt to prevent download attempts 2016-08-09 17:01:42 +01:00
Casey Ransom 9ecc587e3b cassandra service: init
The module will configure a Cassandra server with common options being
tweakable. Included is also a test which will spin up 3 nodes and
verify that the cluster can be formed, broken, and repaired.
2016-08-02 20:58:35 -04:00
Arnold Krille 07de11f165 containers: add myself to the maintainers of the tests
Seems like the right thing to do.
2016-07-28 23:06:41 +02:00
Arnold Krille 9045a8e24c declarative containers: additional veths
With these changes, a container can have more then one veth-pair. This allows for example to have LAN and DMZ as bridges on the host and add dedicated containers for proxies, ipv4-firewall and ipv6-firewall. Or to have a bridge for normal WAN, one bridge for administration and one bridge for customer-internal communication. So that web-server containers can be reached from outside per http, from the management via ssh and can talk to their database via the customer network.

The scripts to set up the containers are now rendered several times instead of just one template. The scripts now contain per-container code to configure the extra veth interfaces. The default template without support for extra-veths is still rendered for the imperative containers.

Also a test is there to see if extra veths can be placed into host-bridges or can be reached via routing.
2016-07-28 23:06:41 +02:00
Luca Bruno 5c738ec37e gnome3: drop 3.18 2016-07-25 22:49:12 +02:00
Joachim Fasting 88138d43fa
grsecurity test: add note explaining what the tcc -run test accomplishes 2016-07-24 12:54:07 +02:00
Joachim Fasting 8c8d6b4053
grsecurity test: verify that the grsec device node is created 2016-07-24 12:54:07 +02:00
ben smith c38e6a2a60 mysql: fix replication tests (#17174)
Eliminate race condition in replication test
Remove replication configuration from standalone test
Improve mysql command syntax consistency
2016-07-23 00:37:05 +02:00
Shawn Warren 9886c80daa Add gocd agent and server service packages (#16273)
GoCD is an open source continuous delivery server specializing in advanced workflow
modeling and visualization.  Update maintainers list to include swarren83.  Update
module list to include gocd agent and server module.  Update packages list to include
gocd agent and server package.  Update version, revision and checksum for GoCD
release 16.5.0.
2016-07-23 00:29:18 +02:00
cransom 4a9b640f37 smokeping: init at 2.6.11 (#17090)
Includes a module for service setup and a test
to verify functionality of both service and pkg.
2016-07-21 01:07:59 +02:00
Nikolay Amiantov 9cc70b419c nixos/tests: add hibernation test 2016-07-19 05:20:02 +03:00
obadz 08fe395074 nixos/tests/installer.nix: add curl on host machine
add curl so that rather than seeing the test attempt to download
curl's tarball, we see what it's trying to download.
2016-07-17 21:17:55 +01:00
Nikolay Amiantov f4ea97ae90 Revert "nixos/tests/installer: Fix matching LUKS prompt"
This reverts commit ec072cbc4c.

See also 193ab8be67
2016-07-17 22:44:54 +03:00
aszlig ec072cbc4c
nixos/tests/installer: Fix matching LUKS prompt
The LUKS passphrase prompt has changed from "Enter passphrase" to "Enter
LUKS Passphrase" in c69c76ca7e, so the OCR
detection of the test fails indefinitely.

Unfortunately, this doesn't fix the test because we have a real problem
here:

Enter LUKS Passphrase:
killall: cryptsetup: no process killed
Enter LUKS Passphrase:

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
2016-07-17 11:20:25 +02:00
obadz d781bf94c1 ecryptfs: test bug from #16766 2016-07-13 02:00:22 +02:00
obadz ab6fc29719 ecryptfs: add nixos/tests/ecryptfs.nix 2016-07-13 01:48:41 +02:00
Luca Bruno 5a245c24b0 gnome3: make 3.20 the default 2016-07-10 16:17:37 +02:00
Damien Cassou fff2d6f395 Add test for emacs module 2016-07-01 11:37:57 +02:00
Joachim Fasting 09cf92ccee
nixos: flesh out the grsecurity test suite
I've failed to figure out what why `paxtest blackhat` hangs the vm, and
have resigned to running individual `paxtest` programs.  This provides
limited coverage, but at least verifies that some important features are
in fact working.

Ideas for future work includes a subtest for basic desktop
functionality.
2016-06-14 03:38:18 +02:00
Damien Cassou da62589d8e gnome3_20: Add GNOME 3.20 package set 2016-06-06 20:33:58 +02:00
Joel Moberg 20826c2a5d nixos kde5: improve test
IceWM is not part of KDE 5 and is now no longer part of the test. KDE 5
applications: Dolphin, System Monitor, and System Settings are started
in this test.
2016-06-01 17:09:51 +02:00
Eelco Dolstra 9f0e137338 Rename boot.loader.gummiboot.enable -> boot.loader.systemd-boot.enable 2016-06-01 12:55:52 +02:00
Eelco Dolstra f222689aba Use systemd-boot instead of gummiboot
Gummiboot is part of systemd now so we may as well use it.
2016-05-31 17:02:47 +02:00
aszlig 3b8a2a793c
nixos/tests/vbox: Fix invocation of dbus
VBoxService needs dbus in order to work properly, which failed to start
up so far, because it was searching in /run/current-system/sw for its
configuration files.

We now no longer run with the --system flag but specify the
configuration file directly instead.

This fixes at least the "simple-gui" test and probably the others as
well, which I haven't tested yet.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 16:48:32 +02:00
aszlig 3fd3911105
nixos/tests/vbox: Replace waitForWindow with xprop
We can't use waitForWindow here because it runs xwininfo as user root,
who in turn is not authorized to connect to the X server running as
alice.

So instead, we use xprop from user alice which should fix waiting for
the VirtualBox manager window.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 16:48:32 +02:00
aszlig ecd3cbb9e7
nixos/tests/vbox: Start X server with user "alice"
The VirtualBox tests so far ran the X server as root instead of user
"alice" and it did work, because we had access control turned off by
default.

Fortunately, it was changed in 1541fa351b.

As a side effect, it caused all the VirtualBox tests to fail because
they now can't connect to the X server, which is a good thing because
it's a bug of the VirtualBox tests.

So to fix it, let's just start the X server as user alice.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 15:05:23 +02:00
obadz e78a99c35b nixos/tests/installer.nix: nixos-generate-config detects LUKS since a7baec7
Fixes nix-build '<nixos/release.nix>' -A tests.installer.luksroot.x86_64-linux
2016-05-26 04:02:36 +01:00
Eelco Dolstra 845c9b50bf boot.initrd.luks.devices: Change into an attribute set
This allows setting options for the same LUKS device in different
modules. For example, the auto-generated hardware-configuration.nix
can contain

  boot.initrd.luks.devices.crypted.device = "/dev/disk/...";

while configuration.nix can add

  boot.initrd.luks.devices.crypted.allowDiscards = true;

Also updated the examples/docs to use /disk/disk/by-uuid instead of
/dev/sda, since we shouldn't promote the use of the latter.
2016-05-25 18:04:21 +02:00
Eelco Dolstra fe875b4100 nixos/tests/boot.nix: Remove empty module 2016-05-25 11:39:17 +02:00
Eelco Dolstra 3e7b510281 nixos.tests.swraid: Drop mdadm -W
This command is racy because it will return a non-zero exit code if
the array is already clean. This caused numerous random failures. It
should be unnecessary anyway. (Maybe in the past we needed this
because of #15226.)

http://hydra.nixos.org/job/nixos/release-16.03/nixos.tests.installer.swraid.i686-linux
2016-05-24 17:20:22 +02:00
Domen Kožar b49bf121b8 rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
aszlig 64ca91cac9
nixos/tests/boot-stage1: Add myself to maintainers
As @edolstra pointed out that the kernel module might be painful to
maintain. I strongly disagree because it's only a small module and it's
good to have such a canary in the tests no matter how the bootup process
looks like, so I'm going the masochistic route and try to maintain it.

If it *really* becomes too much maintenance burden, we can still drop or
disable kcanary.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-06 21:32:21 +02:00
aszlig 4f796c28d5
nixos/tests: Add a test for boot stage 1
We already have a small regression test for #15226 within the swraid
installer test. Unfortunately, we only check there whether the md
kthread got signalled but not whether other rampaging processes are
still alive that *should* have been killed.

So in order to do this we provide multiple canary processes which are
checked after the system has booted up:

 * canary1: It's a simple forking daemon which just sleeps until it's
            going to be killed. Of course we expect this process to not
            be alive anymore after boot up.
 * canary2: Similar to canary1, but tries to mimick a kthread to make
            sure that it's going to be properly killed at the end of
            stage 1.
 * canary3: Like canary2, but this time using a @ in front of its
            command name to actually prevent it from being killed.
 * kcanary: This one is a real kthread and it runs until killed, which
            shouldn't be the case.

Tested with and without 67223ee and everything works as expected, at
least on my machine.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-06 16:56:43 +02:00
aszlig dc6d003011
nixos/tests/installer/swraid: Check for safemode
This is a regression test for #15226, so that the test will fail once we
accidentally kill one or more of the md kthreads (aka: if safe mode is
enabled).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-06 16:51:38 +02:00
zimbatm f076f36f8f Merge pull request #14957 from dezgeg/gummiboot-test
NixOS installer tests: Add a test using Gummiboot
2016-05-05 21:14:30 +01:00
aszlig acf7bc898a
nixos/tests/containers: Remove unused module arg
Just removing the system argument because it doesn't exist (it's
actually config.nixpkgs.system, which we're already using). We won't get
an error anyway if we're not actually using it, so this is just an
aesthetics fix.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-04 20:51:01 +02:00
aszlig 9fa30d3bad
nixos/tests/containers-imperative: Fix test
Make sure that we always have everything available within the store of
the VM, so let's evaluate/build the test container fully on the host
system and propagate all dependencies to the VM.

This way, even if there are additional default dependencies that come
with containers in the future we should be on the safe side as these
dependencies should now be included for the test as well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @kampfschlaefer, @edolstra
2016-05-04 20:18:27 +02:00
aszlig f35e9386bd
nixos/tests/chromium: Re-add map for all channels
This partially reverts f2d24b9840.

Instead of disabling the channels via removing the channel mapping from
the tests themselves, let's just explicitly reference the stable test in
release.nix. That way it's still possible to run the beta and dev tests
via something like "nix-build nixos/tests/chromium.nix -A beta" and
achieve the same effect of not building beta and dev versions on Hydra.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-04 18:45:44 +02:00
Eelco Dolstra f2d24b9840 chromium: Disable Hydra builds of -dev and -beta
It's not the job of Nixpkgs to distribute beta versions of upstream
packages. More importantly, building these delays channel updates by
several hours, which is bad for our security fix turnaround time.
2016-05-04 18:16:27 +02:00
aszlig e7d3166656
nixos/tests/netboot: Fix evaluation error
Regression introduced by dfe608c8a2.

The commit turns the two arguments into one attrset argument so we need
to adapt that to use the new calling convention.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-03 22:05:11 +02:00
Nahum Shalman 83c0aca062 installer: simple PXE bootable NixOS installer
The Nix store squashfs is stored inside the initrd instead of separately

(cherry picked from commit 976fd407796877b538c470d3a5253ad3e1f7bc68)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-04-29 10:42:39 +01:00
Tuomas Tynkkynen 1feed61164 NixOS installer tests: Add a test using Gummiboot
Issue #14956
2016-04-24 22:05:48 +03:00
Franz Pletz 8cca66f774 Merge pull request #14018 from kampfschlaefer/feature/hostbridge_and_ipv6_for_containers
containers: hostbridge and IPv6
2016-04-24 20:33:46 +02:00
Vladimír Čunát a1b39b9990 cups tests: finally fix them
Fixes #14748.
2016-04-23 16:17:22 +02:00
Joachim Fasting 55a82158e2
Revert "nixos.tests.printing: fix"
This reverts commit 49894ac857.

Reverting in deference to https://github.com/NixOS/nixpkgs/issues/14782
2016-04-18 13:40:35 +02:00
Joachim Fasting 49894ac857
nixos.tests.printing: fix
Two fixes:

Not really sure why removing `--fail` from the curl calls is necessary,
but with that option, curl erronously reports 404 (which it shouldn't
per my interactive vm testing).

Fix paths to example files used for the printing test

Toghether, these changes allow the test to run to completion on my machine.
2016-04-18 02:21:12 +02:00
aszlig 9ed9e268a2
Merge pull request #14476 (taskserver)
This adds a Taskserver module along with documentation and a small
helper tool which eases managing a custom CA along with Taskserver
organisations, users and groups.

Taskserver is the server component of Taskwarrior, a TODO list
application for the command line.

The work has been started by @matthiasbeyer back in mid 2015 and I have
continued to work on it recently, so this merge contains commits from
both of us.

Thanks particularly to @nbp and @matthiasbeyer for reviewing and
suggesting improvements.

I've tested this with the new test (nixos/tests/taskserver.nix) this
branch adds and it fails because of the changes introduced by the
closure-size branch, so we need to do additional work on base of this.
2016-04-15 00:21:49 +02:00
Vladimír Čunát 39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
Eelco Dolstra a42698d2a4 Add a regression test for #14623 2016-04-12 19:13:52 +02:00
Eelco Dolstra 9153d8ed64 Fix X11 tests broken by the removal of -ac
Probably missed a few. Also adding xauth to the system path (it was
already in the closure).
2016-04-12 19:13:47 +02:00
Tuomas Tynkkynen 87b49397bf installer tests: Use different package for testing nix-env -iA
Coreutils is multi-output and the `info` output doesn't seem to be
included on the install disk, failing like this (because now nix-env
wants to build coreutils):

````
machine# these derivations will be built:
machine#   /nix/store/0jk4wzg11sa6cqyw8g7w5lb35axji969-bison-3.0.4.tar.gz.drv
...
machine#   /nix/store/ybjgqwxx63l8cj1s7b8axx09wz06kxbv-coreutils-8.25.drv
machine# building path(s) ‘/nix/store/4xvdi5740vq8vlsi48lik3saz0v5jsx0-coreutils-8.25.tar.xz’
machine# downloading ‘http://ftpmirror.gnu.org/coreutils/coreutils-8.25.tar.xz’...
machine# error: unable to download ‘http://ftpmirror.gnu.org/coreutils/coreutils-8.25.tar.xz’: Couldn't resolve host name (6)
machine# builder for ‘/nix/store/5j3bc5sjr6271fnjh9gk9hrid8kgbpx3-coreutils-8.25.tar.xz.drv’ failed with exit code 1
machine# cannot build derivation ‘/nix/store/ybjgqwxx63l8cj1s7b8axx09wz06kxbv-coreutils-8.25.drv’: 1 dependencies couldn't be built
machine# error: build of ‘/nix/store/ybjgqwxx63l8cj1s7b8axx09wz06kxbv-coreutils-8.25.drv’ failed
````
2016-04-12 17:29:15 +03:00
aszlig e2383b84f8
nixos/taskserver/helper: Improve CLI subcommands
Try to match the subcommands to act more like the subcommands from the
taskd binary and also add a subcommand to list groups.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-12 05:38:37 +02:00
aszlig ce0954020c
nixos/taskserver: Set allowedTCPPorts accordingly
As suggested by @matthiasbeyer:

"We might add a short note that this port has to be opened in the
firewall, or is this done by the service automatically?"

This commit now adds the listenPort to
networking.firewall.allowedTCPPorts as soon as the listenHost is not
"localhost".

In addition to that, this is now also documented in the listenHost
option declaration and I have removed disabling of the firewall from the
VM test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-12 05:16:15 +02:00
aszlig a41b109bc1
nixos/taskserver: Don't change imperative users
Whenever the nixos-taskserver tool was invoked manually for creating an
organisation/group/user we now add an empty file called .imperative to
the data directory.

During the preStart of the Taskserver service, we use process-json which
in turn now checks whether those .imperative files exist and if so, it
doesn't do anything with it.

This should now ensure that whenever there is a manually created user,
it doesn't get killed off by the declarative configuration in case it
shouldn't exist within that configuration.

In addition, we also add a small subtest to check whether this is
happening or not and fail if the imperatively created user got deleted
by process-json.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-12 03:42:13 +02:00
aszlig cfb6ce2abe
nixos/tests/taskserver: Make tests less noisy
We were putting the whole output of "nixos-taskserver export-user" from
the server to the respective client and on every such operation the
whole output was shown again in the test log.

Now we're *only* showing these details whenever a user import fails on
the client.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-12 01:49:47 +02:00
aszlig 7889fcfa41
nixos/taskserver/helper: Implement deletion
Now we finally can delete organisations, groups and users along with
certificate revocation. The new subtests now make sure that the client
certificate is also revoked (both when removing the whole organisation
and just a single user).

If we use the imperative way to add and delete users, we have to restart
the Taskserver in order for the CRL to be effective.

However, by using the declarative configuration we now get this for
free, because removing a user will also restart the service and thus its
client certificate will end up in the CRL.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-12 01:41:41 +02:00
aszlig 3affead91b
nixos/taskserver: Move .pki.fqdn to .fqdn
It's not necessarily related to the PKI options, because this is also
used for setting the server address on the Taskwarrior client.

So if someone doesn't have his/her own certificates from another CA, all
options that need to be adjusted are in .pki. And if someone doesn't
want to bother with getting certificates from another CA, (s)he just
doesn't set anything in .pki.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-11 12:42:20 +02:00
aszlig 6de94e7d24
nixos/taskserver: Rename .server options to .pki
After moving out the PKI-unrelated options, let's name this a bit more
appropriate, so we can finally get rid of the taskserver.server thing.

This also moves taskserver.caCert to taskserver.pki.caCert, because that
clearly belongs to the PKI options.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-11 12:38:16 +02:00
aszlig d6bd457d1f
nixos/taskserver: Rename server.{host,port}
Having an option called services.taskserver.server.host is quite
confusing because we already have "server" in the service name, so let's
first get rid of the listening options before we rename the rest of the
options in that .server attribute.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-11 12:26:34 +02:00
aszlig 636e0e552d
nixos/tests/taskserver: Test imperative users
As the nixos-taskserver command can also be used to imperatively manage
users, we need to test this as well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-11 12:03:16 +02:00
Joachim Fasting cef2814a4f nixos: add optional process information hiding
This module adds an option `security.hideProcessInformation` that, when
enabled, restricts access to process information such as command-line
arguments to the process owner.  The module adds a static group "proc"
whose members are exempt from process information hiding.

Ideally, this feature would be implemented by simply adding the
appropriate mount options to `fileSystems."/proc".fsOptions`, but this
was found to not work in vmtests. To ensure that process information
hiding is enforced, we use a systemd service unit that remounts `/proc`
after `systemd-remount-fs.service` has completed.

To verify the correctness of the feature, simple tests were added to
nixos/tests/misc: the test ensures that unprivileged users cannot see
process information owned by another user, while members of "proc" CAN.

Thanks to @abbradar for feedback and suggestions.
2016-04-10 12:27:06 +02:00
Vladimír Čunát d1df28f8e5 Merge 'staging' into closure-size
This is mainly to get the update of bootstrap tools.
Otherwise there were mysterious segfaults:
https://github.com/NixOS/nixpkgs/pull/7701#issuecomment-203389817
2016-04-07 14:40:51 +02:00
aszlig 2d89617052
nixos/taskserver: Rename nixos-taskdctl
Using nixos-taskserver is more verbose but less cryptic and I think it
fits the purpose better because it can't be confused to be a wrapper
around the taskdctl command from the upstream project as
nixos-taskserver shares no commonalities with it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-05 18:53:31 +02:00
aszlig 61b8d9ebe0
nixos/tests: Add a test for the Taskserver service
A small test which checks whether tasks can be synced using the
Taskserver.

It doesn't test group functionality because I suspect that they're not
yet implemented upstream. I haven't done an in-depth check on that but I
couldn't find a method of linking groups to users yet so I guess this
will get in with one of the text releases of Taskwarrior/Taskserver.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-05 18:53:31 +02:00
Arnold Krille 2d6a2b4131 containers tests: Distinguish declarative and imperative containers 2016-04-02 17:07:41 +02:00
Arnold Krille 3b31c52d4b containers: Add more tests for ipv6 and hostbridge
A testcase each for
- declarative ipv6-only container
  Seems odd to define the container IPs with their prefix length attached.
  There should be a better way…
- declarative bridged container

Also fix the ping test by waiting for the container to start

When the ping was executed, the container might not have finished starting. Or
the host-side of the container wasn't finished with config. Waiting for
2 seconds in between fixes this.
2016-04-02 17:07:41 +02:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
aszlig a3ac630092
nixos/tests: Add a test for keyboard layouts
I had the basic version of this laying around for some while but didn't
continue on it. Originally it was for testing support for the Neo layout
introduced back then (8cd6d53).

We only test the first three Neo layers, because the last three layers
are largely comprised of special characters and in addition to that the
support for the VT keymap seems to be limited compared to the Xorg
keymap.

Yesterday @NicolasPetton on IRC had troubles with the Colemak layout
(IRC logs: http://nixos.org/irc/logs/log.20160330, starting at 16:08)
and I found that test again, so I went for improving and adding to
<nixpkgs>.

While the original problem seemed to be related to GDM, we can still add
another subtest that checks whether GDM correctly applies the keyboard
layout. However I don't have a clue how to properly configure the
keyboard layout on GDM, at least not within the NixOS configuration.

The main goal of this test is not to test a complete set of all key
mappings but to check whether the keymap is loaded and working at all.

It also serves as an example for NixOS keyboard configurations.

The list of keyboard layouts is by no means complete, so everybody is
free to add their own to the test or improve the existing ones.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-31 09:49:08 +02:00
Eelco Dolstra 1783e33b06 Fix the boot-ec2-config test 2016-03-30 22:22:40 +02:00
Eelco Dolstra 0d3738cdcc Fix the EC2 test
We now generate a qcow2 image to prevent hitting Hydra's output size
limit. Also updated /root/user-data -> /etc/ec2-metadata/user-data.

http://hydra.nixos.org/build/33843133
2016-03-30 21:50:23 +02:00
Graham Christensen 37617a2c45 nixos.tests.installer.swraid: mdadm verbosity
These two steps seem to fail intermittently with exit code 1. It isn't clear to me why, or what the issue is. Adding the `--verbose` option, hoping to capture some debugging information which might aid stabilization. Also: I was unable to replicate the failure locally.
2016-03-28 14:00:00 -05:00
Joachim Fasting ea443d719c nixos/tests: implement a trivial test for sudo
This is an alternative to NixOS/nixpkgs#6721, with
improvements suggested by @edolstra
2016-03-25 06:33:11 +01:00
Joachim Fasting 2438c61255 dnscrypt-proxy vmtest: more specific waitForUnit
The test sometimes times out waiting for multi-user.target; this
should be more robust.
2016-03-24 17:14:22 +01:00
Domen Kožar ba78130c21 remove elrangR15 and riak 1.3.0 as they're outdated
(cherry picked from commit 4452a68425)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-03-22 21:40:07 +00:00
aszlig e047d79279
nixos/tests/chromium: Propagate "system" to pkgs
Assigning the channelMap by the function attrset argument at the
top-level of the test expression file may reference a different
architecture than we need for the tests.

So if we get the pkgs attribute by auto-calling, this will lead to test
failure because we have a different architecture for the test than for
the browser.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-21 03:50:38 +01:00
aszlig 3bd71b135b
nixos/tests/chromium: Allow overriding channel map
This has been the case before e45c211, but it turns out that it's very
useful to override the channel packages so we can run tests with
different Chromium build options.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-20 22:20:39 +01:00
Joachim Fasting ece457c62f nixos/tests: fix docker test
The docker service is socket activated by default; thus,
`waitForUnit("docker.service")` before any docker command causes the
unit test to time out.

Instead, do `waitForUnit("sockets.target")` to ensure that sockets are
setup before running docker commands.
2016-03-19 03:18:17 +01:00
Peter Simons c523aeffde nixos/tests/firewall.nix: ping now succeeds in the firewall's default configuration 2016-03-18 11:44:07 +01:00
Joachim Fasting 19492185fa nixos/tests: implement dnscrypt-proxy test
This test verifies that the daemon actually activates upon a
user-initiated ping, when using the recommended configuration.
2016-03-11 11:35:09 +01:00
Vladimír Čunát 09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
joachifm 4fa37759be Merge pull request #13548 from joelmo/nixos-unstable
avahi: fix test
2016-03-02 20:55:42 +00:00
Domen Kožar ba05826707 Attempt to fix transient grub1 test kernel panics
Example: http://hydra.nixos.org/build/32469819/nixlog/26/raw
2016-03-02 17:31:57 +00:00
aszlig 1f89aa6c7f
nixos/tests: Remove tests.boot.boot* prefixes
As @bobvanderlinden suggests in #13585:

"Looks like that cleans things up quite a bit! Just one aesthetics note,
the boot tests could now be renamed from boot.bootBiosCdrom to
boot.biosCdrom in nixos/tests/boot.nix:L33.

That makes them more consistent with the other tests."

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-01 19:02:36 +01:00
aszlig e45c211b50
nixos/tests/chromium: Split up into subtests
This makes it easier to test just a specific channel rather than to
force testing all builds down the users/testers throat. Especially this
makes it easier to test NixOS channel upgrades only against the Chromium
stable channel instead of just removing the beta/dev channels from the
tests entirely (as done in 69ec09f38a).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-03-01 01:04:51 +01:00
aszlig 2f2536b935
nixos/tests/networking: Expose subtests via attrs
So far the networking test expression only generated a single test
depending on the passed "test" attribute. This makes it difficult to
autodiscover the subtests with our shiny new callSubTests function.

This change essentially doesn't change the behaviour of the subtests but
rather exposes them as an attribute set instead of relying on a
particular input argument.

The useNetworkd argument still exists however.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @wkennington
2016-03-01 01:04:42 +01:00
aszlig 5bab623fb9
nixos/tests/virtualbox: Split up subtests
Now subtests are separate derivations, because the individual tests do
not depend on state from previous test runs.

This has the advantage that it's easier to run individiual tests and
it's also easier to pinpoint individual tests that randomly fail.

I ran all of these tests locally and they still succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-29 20:15:31 +01:00
Joel Moberg 75e96d2c30 avahi: fix test
Reflects module changes made by cdd7310a50
2016-02-28 16:18:39 +01:00
Eelco Dolstra d4636fa254 Revert "Add a way to pin a NixOS version within the module system."
This reverts commit a5992ad61b. Motivation:

a5992ad61b (commitcomment-14986820)
2016-02-27 20:48:12 +01:00
Nikolay Amiantov 8b124b7521 nixos.tests.printing: fix for new CUPS version
It looks like now queue is not immediately cleared from cancelled jobs.
Instead, files like "c00001" are left alongside "d00001-001", and
cleanup happens at some later point of time. Also, all new jobs are
assigned consecutive numbers now (00002, 00003 etc.). So when
original d00001 file is finally cleaned, it breaks the test. Fixed
by checking for any "d*" file inside the queue and cleaning it by
ourselves to ensure that each job works correctly.
2016-02-22 12:42:06 +03:00
Vladimír Čunát d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra abdbdbebf6 nixos/tests/simple.nix: Include minimal.nix
This reduces the amount of rebuilds (particularly some X11 stuff)
after changing some dependencies like systemd.
2016-02-12 14:35:41 +01:00
Aneesh Agrawal 3c5fca9618 filesystems: use list of strings for fs options
Allow usage of list of strings instead of a comma-separated string
for filesystem options. Deprecate the comma-separated string style
with a warning message; convert this to a hard error after 16.09.
15.09 was just released, so this provides a deprecation period during
the 16.03 release.

closes #10518

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-06 19:48:30 +00:00
Robin Gloster f7aa921773 Merge pull request #12560 from tvestelind/haka
Haka: new package
2016-02-06 20:32:39 +01:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Eelco Dolstra 69ec09f38a Don't make chromium-beta/dev release blockers
Generally we shouldn't ship pre-release versions anyway, and we
certainly don't want them to be release blockers. Also, chromium
builds are just too slow to have them blocking the channel (see
https://github.com/NixOS/nixpkgs/issues/12794).
2016-02-03 11:49:50 +01:00
Eelco Dolstra cc925d0506 boot.initrd.network: Support DHCP
This allows us to use it for EC2 instances.
2016-02-02 19:59:27 +01:00
Dan Peebles dd18447055 grsecurity: add NixOS VM test 2016-01-24 04:06:19 +00:00
Tomas Vestelind 198c03bffe haka: very basic testing 2016-01-23 01:20:14 +01:00
Rok Garbas 109ba4c861 nixos: add test for postgresql, fixes #11146 2016-01-20 03:42:59 +01:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
aszlig 5caa8ab55e
nixos/tests/quake3: Don't quote +set arguments
With the new upstream Git version of ioquake3 introduced in 7fc7502, the
arguments to the quake3(server) binaries/wrappers may no longer be
passed as full single arguments (like "+set foo bar") but rather as
separate arguments (like "+set" "foo" "bar"), otherwise they will be
completely ignored.

Ran the x86_64-linux test on my machine and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:36 +01:00
aszlig c4de45b7ca
nixos/tests/quake3: Fix eval due to unfree license
Regression introduced by 6b447a3c9b.

In this commit the Quake 3 demo data now have a meta attribute which
specifies the license as unfreeRedistributable.

While I haven't found anything official about that on the web, let's
just allow it to be used in the test because first of all, we have been
using it for a long time (since 2009, introduced in 497760b) and second,
because it will be quite some effort to rewrite the test with something
like OpenArena (particularily because we need coverage data and need to
use the ioquake3 version plus OpenArena-specific patches).

Tested evaluation on my local system, but the VM test still fails.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:02 +01:00
Luca Bruno 27928a020a gnome3: default to gnome 3.18 2016-01-13 12:13:27 +00:00
Domen Kožar 82af770fa6 correctly fix 313fa2ebc6 2016-01-10 18:24:29 +01:00
Domen Kožar 313fa2ebc6 nixos installer tests: use -A nix-env flag to prevent out of memory 2016-01-10 17:48:35 +01:00
Robin Gloster 88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Dan Peebles 668179f31e tests.ec2-config: fix to not try to talk to the internet (which breaks on Hydra) 2016-01-07 03:25:56 +00:00
Tobias Geerinckx-Rice 82419575aa btrfsProgs -> canonical btrfs-progs 2016-01-03 20:38:44 +01:00
Benjamin Staffin fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
Vladimír Čunát f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Lancelot SIX 4994f0f7d0 slurm service: add tests 2015-12-25 15:55:07 +01:00
aszlig 4c61faa009
nixos/tests/networking: Add a test for loopback
It serves as a regression test, because right now if you enable
networking.useNetworkd the default loopback interface doesn't get
assigned any IP addresses.

To be sure, I have bisected this and it has been introduced with the
update to systemd 228 in 1da87d4.

Only the "scripted" networking tests have to succeed in order to trigger
a channel update of nixos-unstable, so I'm leaving this test as broken
and we have to figure out next what's the *exact* reason for the
breakage.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-18 07:09:42 +01:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Thomas Tuegel 899c554f65 nixos/tests: test SDDM with KDE 5 enabled 2015-12-11 07:09:08 -06:00
Rodney Lorrimar 2198381235 nixos tests: pump.io: init 2015-12-06 13:35:21 +00:00
Emery Hemingway 2b6dcdfcd0 Rename 'emery' maintainer handle to 'ehmry', fixes #11493
Communication happens on Github so names should be consistent.
2015-12-05 23:06:20 +01:00
Luca Bruno e0102a91ea nixos/tests: increase ram from 768 to 1024
Fixes simpleProvided test failing on unionfs
using more ram than available.

cc @edolstra @wkennington
2015-12-01 11:24:37 +01:00
Luca Bruno bb88a11ee9 nixos/tests/misc: start systemd-udev-settle manually
systemd-udev-settle is not started by default anymore.
Because checking for psmouse like that is considered legacy,
we start systemd-udev-settle manually in the test.

cc @edolstra
2015-12-01 10:27:26 +01:00
Pascal Wittmann 763d89f9c5 tests-chromium: fix link to svg file
closes #11208
2015-11-29 22:43:28 +01:00
Luca Bruno a412927924 Merge remote-tracking branch 'origin/master' into closure-size 2015-11-25 21:37:30 +01:00
Thomas Tuegel 314d3e52e8 add nixos/tests/sddm 2015-11-23 06:39:19 -06:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00