3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

2930 commits

Author SHA1 Message Date
Linus Heckemann a560936cab nixos/prometheus-exporters/openvpn: init
Co-Authored-By: Franz Pletz <fpletz@fnordicwalking.de>
Co-Authored-By: Robin Gloster <mail@glob.in>
2020-09-29 10:53:04 +02:00
Emery Hemingway e7d0500cb3 nixos/rsyncd: convert module to an INI generator 2020-09-29 08:07:53 +02:00
WilliButz e736a990c1
Merge pull request #98746 from mayflower/postfix-exporter-group
prometheus postfix exporter: misc
2020-09-27 22:37:38 +02:00
rnhmjoj d7ae8ab35f
nixos/tests/ncdns: more tests and disable DNSSEC
- DNSSEC is currently disable because it's failing
- Separately test .bit domain on ncdns and pdns-recursor
- Test for the SOA record of the bit. zone
2020-09-25 20:56:15 +02:00
Linus Heckemann 0e3f631831 prometheus postfix exporter test: check showq 2020-09-25 14:27:29 +02:00
WilliButz 403c215bdd
nixos/codimd: add option environmentFile for injecting secrets
Secrets are injected from the environment into the rendered
configuration before each startup using envsubst.
The test now makes use of this feature for the db password.
2020-09-23 11:59:44 +02:00
Martin Weinelt 76aeb20d91 nixosTests.magnetico: wait for open port and make curl actually fail 2020-09-22 23:27:12 -07:00
Vladimír Čunát cf09899749
Merge #97922: nixosTests.signal-desktop: fix 2020-09-21 17:31:19 +02:00
Sarah Brofeldt 44289eb20c
Merge pull request #91170 from DianaOlympos/update/apache-kafka
apache-kafka: 2.4.0 -> 2.4.1/2.5.0
2020-09-21 15:42:26 +02:00
Nathaniel Glen e879eb6db6 pipewire: add testing
This adds two tests. One is for whether the paths used by the module are
present, while the other is for testing functionality of PipeWire
itself. This is done with the recent addition of installed tests by
upstream.
2020-09-19 16:33:01 -04:00
Manuel Bärenz 4336f9f7bb tests/agda: Fix comment 2020-09-18 12:42:23 +02:00
Henri Menke 9d60354fae nixos/shadowsocks: add test without plugin 2020-09-14 22:35:05 +02:00
Anderson Torres a5931fa6e3
Merge pull request #95409 from utdemir/stream_layered_image_fix
dockerTools.streamLayeredImage: Store the customisation layer as a tarball
2020-09-14 11:05:48 -03:00
Kai Harries ddd23d6790 signal-desktop: fix test
Test was broken because network is not available during sandboxed test
run and therefore the expected text was never shown.

ZHF: #97479
2020-09-13 19:28:51 +02:00
Maximilian Bosch 4a559f8fee
gotify-server: fix UI
In version 2.0.15 `gotify` switched to `packr` at 2.x which is why the
UI can't be served properly via HTTP and causes an empty 500 response and
the following errors in `journald`:

```
2020/09/12 19:18:33 [Recovery] 2020/09/12 - 19:18:33 panic recovered:
GET / HTTP/1.1
Host: localhost:8080
Accept: */*
User-Agent: curl/7.72.0

stat /home/ma27/Projects/ui/build/index.html: no such file or directory
```

This wasn't caught by the VM-test as it only tested the REST and push
APIs. Using their internal `packr.go` script in our build as it's the
case in the upstream build-system[1] fixes the issue.

[1] https://github.com/gotify/server/pull/277/files#diff-b67911656ef5d18c4ae36cb6741b7965R48
2020-09-12 19:30:17 +02:00
Damien Cassou 607f5a6755
Merge pull request #84246 from lostnet/couchdbpr
couchdb: add support for version 3.0.0
2020-09-11 17:47:47 +02:00
Will Young 0ef1be0aa1 couchdb: add support for version 3.1.0 2020-09-11 14:03:16 +02:00
Florian Klink 484632983f
Merge pull request #97631 from Izorkin/nginx-sandboxing
nixos/nginx: remove option enableSandbox
2020-09-10 20:33:25 +02:00
Félix Baylac-Jacqué a4a1c016a3
Merge pull request #97526 from immae/fix_ejabberd
nixos/ejabberd: Fix tests
2020-09-10 10:21:11 +02:00
Izorkin 535896671b
nixos/nginx: remove option enableSandbox 2020-09-10 08:19:20 +03:00
Ismaël Bouya cdaec7e9ed
ejabberd: fix failing tests
This commit fixes the ejabberd tests for hydra:

mod_http_upload and mod_disco need to be explicitly enabled, and a
handler needs to be setup to make it work. Also, the client needs to be
able to contact the server.

The commit also fixes the situation where http upload failed: in that
case the client would wait forever because nothing catched the error.

Finally, there remains a non-reproducible error where ejabberd server
fails to start with an error like:
format: "Failed to create cookie file '/var/lib/ejabberd/.erlang.cookie': eacces"
(happens ~15%) I tried to check existence of /var/lib/ejabberd/ in
pre-start script and saw nothing that would explain this error, so I
gave up about this error in particular.
2020-09-10 01:08:22 +02:00
Patryk Wychowaniec 183d9abdaf
lxd: s/sha256/hash 2020-09-09 20:07:17 +02:00
Patryk Wychowaniec 93b8435915
lxd: add wait_for_file() to ensure LXD is actually running 2020-09-09 19:46:21 +02:00
Patryk Wychowaniec 04111cb356
lxd: use stable URL for Alpine's image 2020-09-09 19:30:02 +02:00
Ryan Mulligan a38ffcc20e
Merge pull request #95752 from misuzu/3proxy-test-fix
nixosTests.3proxy: fix flakiness
2020-09-08 20:33:20 -07:00
Oleksii Filonenko 45d7f59da8
Merge pull request #97217 from sephii/nixos-caddy-v2-migration 2020-09-08 11:17:55 +03:00
Linus Heckemann ef4e81d756
Merge pull request #96830 from mayflower/unifi-poller
unifi-poller: add service and prometheus-exporter
2020-09-08 09:53:07 +02:00
Sylvain Fankhauser b8bfe941fa
caddy: address remaining MR comments for v2 2020-09-08 09:29:04 +02:00
Robert Scott 61525137fd
Merge pull request #96958 from servalcatty/v2ray
v2ray: 4.26.0 -> 4.27.5 and add tests
2020-09-07 21:29:51 +01:00
Vladimír Čunát 85afe9cbe9
nixos/tests/installer: increase RAM in the VM
1G apparently isn't sufficient anymore, at least in swraid case:
https://hydra.nixos.org/build/126561574
2020-09-07 15:43:37 +02:00
Vladimír Čunát c1c85b9bad
Merge #97146: 'staging-next' branch
This is the last planned iteration before forking 20.09.
2020-09-07 15:43:36 +02:00
Francesco Gazzetta e158d19618 ft2-clone: add nixos test 2020-09-07 11:21:26 +02:00
Jörg Thalheim d9ccdd860c
Merge pull request #96885 from bbigras/sssd-ldap
nixos/tests/sssd-ldap: init
2020-09-06 20:29:36 +01:00
Florian Klink d7046947e5
Merge pull request #91121 from m1cr0man/master
Restructure acme module
2020-09-06 18:26:22 +02:00
elseym aaf0002f68
prometheus-unifi-poller-exporter: init module 2020-09-06 17:48:19 +02:00
elseym 8c49e5a78c
tests/prometheus-exporters: allow overriding test-node-name
allows the prometheus-exporters test abstraction to work with e.g. hyphenated exporter-names
2020-09-06 17:48:00 +02:00
Lucas Savva 34b5c5c1a4
nixos/acme: More features and fixes
- Allow for key reuse when domains are the only thing that
  were changed.
- Fixed systemd service failure when preliminarySelfsigned
  was set to false
2020-09-06 01:28:19 +01:00
Vladimír Čunát 6eea644749
nixos/tests/installer swraid: increase partition size
We apparently didn't fit anymore.  I don't think this test is meant
to (also) check closure size.

Note: as of this commit, the test is blocked by a fontconfig problem,
so I tested with that merge temporarily reverted.
2020-09-05 19:29:38 +02:00
Oleksii Filonenko 06d2d84519
nixosTests.caddy: update to v2
- Update configuration syntax
- Add filalex77 as a maintainer
2020-09-05 14:09:17 +02:00
Lucas Savva f57824c915
nixos/acme: Update docs, use assert more effectively 2020-09-05 01:06:29 +01:00
Lucas Savva 67a5d660cb
nixos/acme: Run postRun script as root 2020-09-04 19:34:10 +01:00
Bruno Bigras 64ce52713c nixos/tests/sssd-ldap: init 2020-09-04 01:51:42 -04:00
Utku Demir ae82f81bfa
dockerTools.streamLayeredImage: Store the customisation layer as a tarball
This fixes as issue described here[1], where permissions set by 'extraCommands'
were ignored by Nix.

[1] https://github.com/NixOS/nixpkgs/pull/91084#issuecomment-669834938
2020-09-04 16:53:23 +12:00
Lucas Savva 1b6cfd9796
nixos/acme: Fix race condition, dont be smart with keys
Attempting to reuse keys on a basis different to the cert (AKA,
storing the key in a directory with a hashed name different to
the cert it is associated with) was ineffective since when
"lego run" is used it will ALWAYS generate a new key. This causes
issues when you revert changes since your "reused" key will not
be the one associated with the old cert. As such, I tore out the
whole keyDir implementation.

As for the race condition, checking the mtime of the cert file
was not sufficient to detect changes. In testing, selfsigned
and full certs could be generated/installed within 1 second of
each other. cmp is now used instead.

Also, I removed the nginx/httpd reload waiters in favour of
simple retry logic for the curl-based tests
2020-09-04 01:09:43 +01:00
Anders Kaseorg f4b2c9dfe7 cryptsetup, lvm2, systemd: Break cyclic dependency at a different point
The cyclic dependency of systemd → cryptsetup → lvm2 → udev=systemd
needs to be broken somewhere.  The previous strategy of building
cryptsetup with an lvm2 built without udev (#66856) caused the
installer.luksroot test to fail.  Instead, build lvm2 with a udev built
without cryptsetup.

Fixes #96479.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2020-09-03 12:35:56 -07:00
Jörg Thalheim 02a2649220
Merge pull request #89748 from heinic/krb5-lists 2020-09-03 07:31:22 +01:00
Lucas Savva 61dbf4bf89
nixos/acme: Add proper nginx/httpd config reload checks
Testing of certs failed randomly when the web server was still
returning old certs even after the reload was "complete". This was
because the reload commands send process signals and do not wait
for the worker processes to restart. This commit adds log watchers
which wait for the worker processes to be restarted.
2020-09-02 19:25:30 +01:00
Lucas Savva 982c5a1f0e
nixos/acme: Restructure module
- Use an acme user and group, allow group override only
- Use hashes to determine when certs actually need to regenerate
- Avoid running lego more than necessary
- Harden permissions
- Support "systemctl clean" for cert regeneration
- Support reuse of keys between some configuration changes
- Permissions fix services solves for previously root owned certs
- Add a note about multiple account creation and emails
- Migrate extraDomains to a list
- Deprecate user option
- Use minica for self-signed certs
- Rewrite all tests

I thought of a few more cases where things may go wrong,
and added tests to cover them. In particular, the web server
reload services were depending on the target - which stays alive,
meaning that the renewal timer wouldn't be triggering a reload
and old certs would stay on the web servers.

I encountered some problems ensuring that the reload took place
without accidently triggering it as part of the test. The sync
commands I added ended up being essential and I'm not sure why,
it seems like either node.succeed ends too early or there's an
oddity of the vm's filesystem I'm not aware of.

- Fix duplicate systemd rules on reload services

Since useACMEHost is not unique to every vhost, if one cert
was reused many times it would create duplicate entries in
${server}-config-reload.service for wants, before and
ConditionPathExists
2020-09-02 19:22:43 +01:00
Serval 4ac99e76bc
nixos/tests/v2ray: init 2020-09-02 22:18:52 +08:00
misuzu 0c688868e7 nixosTests.3proxy: fix flakiness 2020-09-01 14:31:52 +03:00
Lassulus a081e99e41
Merge pull request #83780 from hax404/robustirc-bridge
robustirc-bridge: init at 1.8
2020-08-31 18:14:45 +02:00
Georg Haas 2bd6f0744f
nixos/tests/robustirc-bridge: init 2020-08-31 15:22:50 +02:00
Arian van Putten 882ed6759a
Merge pull request #96149 from JJJollyjim/acme-test-go-15
nixos/acme: fix subjectAltName in test snakeoil certs
2020-08-31 13:54:19 +02:00
Félix Baylac-Jacqué f63c842f1e
nixosTests.systemd-networkd: fix test flakiness
The original idea for this test was, on top of providing a networkd
test, to provide newcomers with a sample configuration they could use
to get started with networkd.

That's precisely why we were doing this systemd tmpfile dance in the
first place. It was a convenient way to create a runtime file with a
specific mode and owner.

Sadly, this tmpfile rule made the test flaky. There's a race condition
between the wireguard interface configured by systemd-networkd and
systemd-tmpfiles-setup.

Sometimes, networkd is going to try loading the wireguard private key
file *before* the said file gets created by systemd-tmpfiles.

A perfect solution here would be to create a "After" dependency
between wg0.netdev and systemd-tmpfiles-setup.service. Sadly, it is
currently impossible to create such a dependency between a
networkd-specific unit and a service.

We're removing this tmp file in favor of pointing networkd directly to
the Nix store. This is clearly something that shouldn't be done in the
real world for a private file: the store is world-readable. However,
this is the only way I found to fix this test flakiness for now.
2020-08-30 21:03:27 +02:00
Maximilian Bosch d416facd39
nixos/tests/systemd-networkd: fix eval
In `systemd-243` the option `FwMark` in the `[WireGuard]` section of
a `.netdev`-unit has been renamed to `FirewallMark`[1]. Due to the
removal of deprecated options in our `networkd` module[2] the evaluation
of this test doesn't work.

Renaming the option to its new name fixes the issue.

[1] 1c30b174ed
[2] e9d13d3751
2020-08-29 22:51:30 +02:00
Aaron Andersen bcdcd5d9fc
Merge pull request #95880 from aanderse/postgresql-settings
nixos/postgresql: replace extraConfig option with settings option
2020-08-29 09:12:54 -04:00
Frederik Rietdijk 7b56d26ae3 Merge master into staging-next 2020-08-29 13:30:25 +02:00
worldofpeace f2d0a68c21
Merge pull request #96396 from flokli/remove-perl-test-driver
nixos/lib/test*: remove perl test driver
2020-08-28 11:30:18 -04:00
Daniël de Kok 192ed0a00e
Merge pull request #95888 from bzizou/charliecloud18
charliecloud: 0.12 -> 0.18
2020-08-28 16:34:57 +02:00
Bruno Bzeznik 1601ff7dd4 charliecloud: 0.12 -> 0.18 (docker + ch-grow support) 2020-08-28 14:39:21 +02:00
Florian Klink 0620184f3f nixos/lib/test*: remove perl test driver
This has been deprecated in 20.03, and all tests have been migrated to
the python framework, effectively making this dead code.
2020-08-27 19:45:38 +02:00
Matthew Bauer 25ac498482
Merge pull request #96404 from matthewbauer/gcc-cross
Fix cycle detected in Darwin->Linux cross GCC
2020-08-26 16:17:14 -05:00
Aaron Andersen 2a44265608 nixos/postgresql: replace extraConfig option with settings option 2020-08-26 17:06:48 -04:00
Florian Klink 36e4ec8568
Merge pull request #96349 from helsinki-systems/feat/postgresql-wal-python
tests/postgresql-wal-receiver: Port to Python
2020-08-26 21:08:15 +02:00
Matthew Bauer ca3fa9c32a
Merge pull request #95956 from matthewbauer/qemu-cpu-max
runInLinuxVM, test-driver: use -cpu max instead of -cpu host
2020-08-26 12:59:57 -05:00
_ 4c8a8800d3 Copy config file, no via-store, short config 2020-08-26 22:41:23 +05:30
Vladimír Čunát e02793de2f
nixos installer tests: add a missing package
Tested it locally fixes #96361
nix-build nixos/release-combined.nix -A nixos.tests.installer.lvm.x86_64-linux -Q
2020-08-26 18:14:34 +02:00
Lassulus 12baef56e4
Merge pull request #96127 from hmenke/shadowsocks
shadowsocks service: support plugins
2020-08-26 16:49:55 +02:00
Janne Heß ead6de5d3d
tests/postgresql-wal-receiver: Port to Python
... and remove some weirdnesses.

- Port to Python
- Drop the extra pkgs, config, system args
- Drop all `with`
- Don't override the standard PostgreSQL directory
- Use pkgs and lib from the test runner

Tested with:
- postgresql_12
- postgresql_11
- postgresql_10
- postgresql_9_6
- postgresql_9_5

Closes #96347
cc @flokli
2020-08-26 16:37:24 +02:00
_ 10ffa340b7 fcitx: Add test (Unicode input, table input, m17n) 2020-08-26 18:36:53 +05:30
Florian Klink df2f22daa8
Merge pull request #94858 from liff/virtualbox-python-test
nixosTests.virtualbox: Port to python
2020-08-26 10:00:04 +02:00
Frederik Rietdijk 081bd762e5 Merge staging-next into staging 2020-08-26 08:43:29 +02:00
Henri Menke 27f281bc50
nixos/shadowsocks: add test 2020-08-26 15:15:27 +12:00
Rouven Czerwinski 7db58b93d0
nixos/tests: use ::1 instead of anycast address (#96250)
According to RFC4291[1], 2001:db8:: is the anycast address for the
prefix and will be answered by all routers responsible for this prefix.
This means that before the iputils bump, the ping from client to isp was
answered by the router and not by the ISP machine. Switching away from
the anycast address fixes this issue.

Credits for finding this go to @primeos.

[1]: https://tools.ietf.org/html/rfc4291#section-2.6.1

Fixes #96188
2020-08-25 22:29:22 +02:00
Anderson Torres fffabfaefd
Merge pull request #96179 from bbigras/sssd
nixos/sssd: fix the module
2020-08-25 16:59:11 -03:00
Nico Heitmann 0bee87c400 nixos/krb5: add list to example configuration
Updated the relevant nixos test to match the example configuration.
2020-08-25 17:18:56 +02:00
Florian Klink c4ef188cae
Merge pull request #96187 from helsinki-systems/os-prober-python
nixos/tests/os-prober.nix: port to python
2020-08-24 21:46:50 +02:00
Symphorien Gibol ddbd436dc4 nixos/tests/os-prober.nix: port to python 2020-08-24 17:49:20 +02:00
Bruno Bigras 5d36e00b7d nixos/sssd: fix the module
'system.nssModules' was not set correctly

fix #91242
2020-08-24 10:10:47 -04:00
Florian Klink 40d2968ebf
Merge pull request #94354 from flokli/systemd-246
systemd: 245.6 -> 246
2020-08-24 12:42:24 +02:00
Florian Klink 618e273861 nixosTests.systemd: disable RuntimeWatchdogUSec=30s assertion
For some reason, this value isn't updated, at least not inside the VM.

Uncomment it, so we still test the rest. Needs to be investigated
further.
2020-08-24 12:40:02 +02:00
Frederik Rietdijk 0a874ff2a6 Merge master into staging-next 2020-08-24 11:50:58 +02:00
Sascha Grunert 1c551f9778 cri-o: add NixOS test via critest
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-08-24 18:34:19 +10:00
Jamie McClymont fb0e3ca40e nixos/acme: fix subjectAltName in test snakeoil certs 2020-08-24 19:49:24 +12:00
Jacek Galowicz 45dd255d61
Merge pull request #96076 from flokli/port-test-hocker-fetchdocker
nixosTests.hocker-fetchdocker
2020-08-24 07:36:34 +02:00
Florian Klink aa55b14beb nixosTests.hocker-fetchdocker: mark as broken
This test tries to download from the official docker registry. I don't
know how this could ever work, but let's mark it as broken for now.
2020-08-23 22:42:02 +02:00
Florian Klink 0e817997a2 nixosTests.hocker-fetchdocker: port to python 2020-08-23 22:42:02 +02:00
Jacek Galowicz 7e545bd7f3
Merge pull request #96094 from helsinki-systems/fix/test/installer-btrfs-warning
nixosTests.installer.btrfsSubvolDefault: fix warning
2020-08-23 20:42:07 +02:00
Jacek Galowicz 54cb0ed5cf
Merge pull request #96070 from flokli/containers-reloadable-fixes
nixosTests.containers-reloadable: fixes
2020-08-23 19:22:24 +02:00
Tor Hedin Brønner 7aaf526225
nixos/tests/gnome3: start terminal with autostart file (#96102)
For some reason starting the terminal using `su user -c '...'` have
a tendency to fail. Simply use an autostart file instead.
2020-08-23 19:09:59 +02:00
ajs124 b4fab1cdff nixosTests.installer.btrfsSubvolDefault: fix warning 2020-08-23 16:10:02 +02:00
Florian Klink 18e4838abf nixosTests.containers-reloadable: fix typo in name 2020-08-23 11:00:54 +02:00
Florian Klink f7874cb2e9 nixosTests.containers-reloadable: fix old reference to make-test.nix in comment 2020-08-23 11:00:35 +02:00
Florian Klink ab62d4f9f0 nixosTests.containers-reloadable: expose test
This hasn't been available before in nixosTests.
2020-08-23 11:00:09 +02:00
Antoine Eiche 8595a0d6b9 Remove docker-preloader module and test 2020-08-23 10:49:13 +02:00
Florian Klink adc5918e83
Merge pull request #80051 from tfc/port-docker-preloader-test
nixosTests.docker-preloader: Port to Python
2020-08-23 10:45:19 +02:00
Florian Klink 33905f8422 nixosTests.docker-preloader: mark as broken
This currently fails with a "read-only file system" error.
2020-08-23 10:44:00 +02:00
Jacek Galowicz 1e4f0e9db5 nixosTests.docker-preloader: Port to Python 2020-08-23 10:42:39 +02:00
Florian Klink 4460cda6b5
Merge pull request #79696 from tfc/port-ec2-test
nixosTests.ec2: Port tests that depend on common/ec2.nix
2020-08-23 10:35:28 +02:00
Florian Klink 97a32bcd08 nixosTests.ec2-config: mark as broken
This test wants to download things from the internet while building the
system. It can probably be fixed by ensuring these paths are present in
the initial nix-store.
2020-08-23 10:31:58 +02:00
Jacek Galowicz 20d09ec3d1 nixosTests.ec2-config: Add to all-tests.nix 2020-08-23 10:25:31 +02:00
Jacek Galowicz c32369676b nixosTests.ec2: Port tests that depend on common/ec2.nix 2020-08-23 10:25:31 +02:00
Florian Klink c2a75a8041
Merge pull request #95924 from helsinki-systems/port/hardened-test
nixos/hardened: Port test to Python and fix it
2020-08-23 10:06:44 +02:00
Jan Tojnar 91104b5417
Merge branch 'master' into staging-next 2020-08-23 02:00:50 +02:00
Lassulus dd2ecd0712
Merge pull request #89729 from JJJollyjim/bitwarden-rs-test
nixos/bitwarden_rs: add test
2020-08-22 23:23:55 +02:00
Jamie McClymont f5f2d89fb7 nixos/bitwarden_rs: add test 2020-08-23 07:29:42 +12:00
Maximilian Bosch 0436b98753
Merge pull request #95845 from WilliButz/update/prometheus-2.20.1
prometheus: 2.19.3 -> 2.20.1, fix thanos test
2020-08-22 21:22:38 +02:00
Lassulus ab5a1fee33
Merge pull request #89532 from DIzFer/transmission-apparmor-test
tests: transmission is now tested with apparmor
2020-08-22 15:26:34 +02:00
Matthew Bauer 47b56e7c19 runInLinuxVM, test-driver: use -cpu max instead of -cpu host
This appears to avoid requiring KVM when it’s not available. This is
what I originally though -cpu host did. Unfortunately not much
documentation available from the QEMU side on this, but this appears
to square with help:

$ qemu-system-x86 -cpu help
...
x86 host                  KVM processor with all supported host features
x86 max                   Enables all features supported by the accelerator in the current host
...

Whether we actually want to support this not clear, since this only
happens when your CPU doesn’t have full KVM support. Some Nix builders
are lying about kvm support though. Things aren’t too slow without it
though.

Fixes https://github.com/NixOS/nixpkgs/issues/85394

Alternative to https://github.com/NixOS/nixpkgs/pull/83920
2020-08-21 23:42:07 -05:00
Janne Heß 540c033507
nixos/hardened: Port test to Python and fix it
Related to #72828
Replaces and closes #76708

Looks like `nix ping-store` does not output anything anymore but still
fails when the connection does not work.
2020-08-21 21:35:07 +02:00
WilliButz 876396cac0
prometheus: 2.19.3 -> 2.20.1, fix thanos test 2020-08-20 11:14:43 +02:00
Frederik Rietdijk 4cf394ea3f Merge master into staging-next 2020-08-18 17:55:04 +02:00
Jörg Thalheim 3ca2fd5520
cloud-init: 0.7.9 -> 20.2 2020-08-18 11:49:22 +01:00
Frederik Rietdijk fe7bab33d7
Merge pull request #95553 from zowoq/rename-maintainers
maintainers: prefix number with underscore
2020-08-18 11:30:24 +02:00
zowoq 0052523a18 maintainers: 1000101 -> _1000101 2020-08-18 07:59:48 +10:00
zowoq 7d9c49f8e6 maintainers: 0x4A6F -> _0x4A6F 2020-08-18 07:59:44 +10:00
Frederik Rietdijk 0ac85bc455 Merge master into staging-next 2020-08-17 14:54:39 +02:00
Olli Helenius 5f5c990ea0
nixosTests.virtualbox: Port to python 2020-08-17 14:31:00 +03:00
Olli Helenius e64e92fd08
nixosTests.virtualbox: Disable predictable interface names in guest 2020-08-17 14:30:06 +03:00
Florian Klink 431b08cafd
Merge pull request #95158 from Izorkin/mariadb
mariadb: 10.4.13 -> 10.4.14
2020-08-16 20:32:57 +02:00
Florian Klink 16fc531784
Merge pull request #95505 from flokli/remove-mathics
mathics: remove package, module and test
2020-08-16 18:42:10 +02:00
Izorkin d35d990025 nixos/tests/mariadb: disable check TokuDB in aarch32 and aarch64 2020-08-16 16:08:14 +03:00
Florian Klink b2f3bbd3fb
Merge pull request #95507 from flokli/remove-mesos
mesos: remove package, module and test (and chronos/marathon which depends on it)
2020-08-16 14:46:24 +02:00
Sergey Lukjanov da4e029edf nixos/zfs: enable encryption test for stable zfs 2020-08-16 10:36:48 +00:00
Doron Behar 2519e54bef tests/misc: Test mount +s permission
For #95444
Co-authored-by: Florian Klink <flokli@flokli.de>
2020-08-15 22:21:30 +03:00
Florian Klink 3c65c53f2c nixosTests.mesos: remove
The `mesos` package has been broken for >9 months.
2020-08-15 16:51:23 +02:00
Florian Klink d71cae4275 nixosTests.mathics: remove
The mathics package is unmaintained and doesn't build. Remove the test
using it.
2020-08-15 16:16:40 +02:00
Frederik Rietdijk cfe6081cee Merge staging-next into staging 2020-08-15 09:12:42 +02:00
Martin Weinelt f1efdd2c0b
Merge pull request #89444 from mweinelt/pinnwand-module
nixos/pinnwand: init; steck: init at 0.5.0; nixos/tests/pinnwand: init
2020-08-14 22:09:33 +02:00
worldofpeace bea5560354
Merge pull request #94878 from stigtsp/package/firejail-test
nixos/tests: add test for firejail
2020-08-14 14:05:39 -04:00
Jan Tojnar afe22f645a
Merge branch 'staging-next' into staging 2020-08-13 21:59:15 +02:00
Florian Klink d85d7c7179 nixosTests.systemd: update output
systemd shows minutes as `min`, not `m`.
2020-08-13 20:51:42 +02:00
Florian Klink 962e15aebc nixos: remove StandardOutput=syslog, StandardError=syslog lines
Since systemd 243, docs were already steering users towards using
`journal`:

eedaf7f322

systemd 246 will go one step further, it shows warnings for these units
during bootup, and will [automatically convert these occurences to
`journal`](f3dc6af20f):

> [    6.955976] systemd[1]: /nix/store/hwyfgbwg804vmr92fxc1vkmqfq2k9s17-unit-display-manager.service/display-manager.service:27: Standard output type syslog is obsolete, automatically updating to journal. Please update│······················
 your unit file, and consider removing the setting altogether.

So there's no point of keeping `syslog` here, and it's probably a better
idea to just not set it, due to:

> This setting defaults to the value set with DefaultStandardOutput= in
> systemd-system.conf(5), which defaults to journal.
2020-08-13 18:49:15 +02:00
Frederik Rietdijk 46ee7ddcad Merge staging-next into staging 2020-08-11 10:26:59 +02:00
Stig Palmquist 15c53cf0fa
nixos/tests: add test for firejail 2020-08-10 06:54:26 +02:00
Francesco Gazzetta 6cfda0e92c shattered-pixel-dungeon: add nixos test 2020-08-09 15:34:30 -07:00
Martin Weinelt cb50679f0e
nixos/tests/pinnwand: init 2020-08-09 01:52:25 +02:00
Frederik Rietdijk cb634b2aa5 Merge staging-next into staging 2020-08-07 23:02:23 +02:00
Jörg Thalheim e879d83e38
Merge pull request #92106 from ju1m/transmission 2020-08-07 14:40:17 +01:00
Julien Moutinho 2a49db6a89 transmission: apply RFC0042 and harden the service 2020-08-07 04:28:11 +02:00
Maximilian Bosch 50d8cdb3ca
Merge pull request #93584 from DavHau/nextcloud-improvements
nextcloud: restrict web server support to nginx; stop sharing nginx user/group; improve setup service
2020-08-06 19:00:21 +02:00
Florian Klink 8e0b2b9177
Merge pull request #66856 from flokli/systemd-cryptsetup-lvm
systemd: build with cryptsetup support, add cryptsetup generators
2020-08-06 12:06:54 +02:00
Aaron Andersen e50e89e1a8 nixos/postgresql: conditionally provision data directory with StateDirectory 2020-08-05 17:31:16 -04:00
Marek Mahut 258ca6451d
Merge pull request #94617 from dadada/dadada/dokuwiki
nixos/dokuwiki: add test for login
2020-08-05 11:55:40 +02:00
Marek Mahut 0bc37f7cb4
Merge pull request #94609 from 1000101/dokuwiki
nixos/dokuwiki: drop SSL forcing and document incompatibility
2020-08-05 11:54:42 +02:00
Florian Klink eb58711edf nixosTests.systemd: test cryptsetup support
This creates and opens a luks volume, puts its passphrase into a keyfile
and writes a /etc/crypttab. It then reboots the machine, and verifies
systemd parsed /etc/crypttab properly, and was able to unlock the volume
with the keyfile provided (as we try to mount it).

The memorySize of the VM had to be bumped, as luksFormat would otherwise
run out of memory.
2020-08-05 01:34:12 +02:00
Ryan Mulligan c4814c03b7 treewide: add Jitsi maintainers
* makes jitsi maintainer team
2020-08-04 13:07:36 -07:00
Maximilian Bosch f5d964724d
nixos/tests/hydra*: fix eval
To specify distributed build-machines, `nix.distributedBuilds` must be
set to `true` now[1].

[1] 67b6e56391
2020-08-04 15:29:08 +02:00
dadada 20f052b6f6
nixos/dokuwiki: add test for login page
Cookie jar can be used to accurately test if the login was successful.
Simply searching for the user name is not sufficient, since it is always
part of the returned page after login. The page should display a phrase
containing the username after login.
2020-08-04 11:03:25 +02:00
Ryan Mulligan 4162c69b3c
Merge pull request #92468 from petabyteboy/jitsi-meet
nixos/jitsi-meet: init
2020-08-03 12:43:37 -07:00
Jacek Galowicz 319d7ec8d4
Merge pull request #93413 from liff/taskserver-python-test
nixosTests.taskserver: Port to python
2020-08-03 19:38:57 +02:00
Martin Weinelt d1f59cf7b8
Merge pull request #94583 from mweinelt/zigbee2mqtt
zigbee2mqtt: 1.14.1 -> 1.14.2
2020-08-03 17:50:28 +02:00
Maximilian Bosch 04a10b3355
nixos/tests/systemd-networkd-vrf: add comment about trailing whitespaces in test script
For further context please read the discussion in https://github.com/NixOS/nixpkgs/pull/94607#issuecomment-668070029
2020-08-03 17:43:56 +02:00
Maximilian Bosch 5bd1fb2884
nixos/tests/systemd-networkd-vrf: fix test
Broken while fixing some `.editorconfig`-definitions[1], however this
test explicitly relies on the output of `iproute2`.

[1] 8ae7f8c359
2020-08-03 16:47:40 +02:00
zowoq 8ae7f8c359 nixos/tests/*: editorconfig fixes 2020-08-04 00:23:54 +10:00
Martin Weinelt b41b902a1c
nixos/zigbee2mqtt: add test to all-tests.nix 2020-08-03 16:17:49 +02:00
1000101 850b3ea028 nixos/dokuwiki: drop SSL forcing 2020-08-03 16:10:05 +02:00
DavHau ca916e8cb3 nextcloud: deprecate nginx, use chgrp, mkDefault for nginx, fix tests 2020-08-03 14:21:45 +07:00
Martin Weinelt 0a9dd49634
nixos/tests: add snapcast
Checks
- if all configured ports are listened on
- if all pipes for multiple streams get set up
- if rpc interaction is possible
2020-08-02 17:09:57 +02:00
Maximilian Bosch 37e3cadb8b
nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernel
By design, VRFs allow route-leaking for forwarded packages, but not for
local processes using a socket. While it was possible to leak such TCP
traffic through a VRF on a 4.x kernel, this behavior was considered
wrong and got fixed in Linux 5.x[1].

From now on, local unix sockets must run in the VRF itself using
`ip vrf exec`[2] which basically injects a BPF program into the VRF and
drops elevated networking capabilities by default for the specified
command.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c82a21f4320c8d54cf6456b27c8d49e5ffb722e
[2] https://man7.org/linux/man-pages/man8/ip-vrf.8.html
2020-07-31 21:06:00 +02:00
Johan Thomsen f5db415e2f nixos/tests/dockerTools: add test for running non-root containers with buildLayeredImage
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2020-07-31 10:14:07 +02:00
Jörg Thalheim a7888ee7f6
Merge pull request #94183 from fgaz/pt2-clone/1.22
pt2-clone: 1.20 -> 1.22, add nixos test
2020-07-30 12:54:49 +01:00
Francesco Gazzetta 4436c0151e pt2-clone: add nixos test 2020-07-29 19:45:03 +02:00
1000101 046a80f7a4 nixos/blockbook-frontend: adjust tests to bitcoind 2020-07-29 12:58:25 +02:00
Marek Mahut b415ebae97
Merge pull request #93700 from 1000101/bitcoind
nixos/bitcoind: change to multi-instance + add tests
2020-07-27 12:55:29 +02:00
Olli Helenius 6b1c347a85
nixosTests.taskserver: Port to python 2020-07-27 12:12:17 +03:00
Jan Tojnar a86f4110a7
Merge pull request #93771 from jtojnar/flatpak-1.8 2020-07-26 13:56:16 +02:00
Charlotte Van Petegem 8eca34dd16 nixos/tests/networking: fix macvlan tests
The range option still needs to be defined in dhcpd4 to be able to give out static IP addresses
2020-07-26 12:44:05 +02:00
Vladimír Čunát 5475b84859
nixos/tests/installer lvm: increase partition size
We apparently didn't fit anymore.  I don't think this test is meant
to (also) check closure size.
2020-07-25 22:57:27 +02:00
Emery Hemingway 39deb82e4b nixos/yggdrasil.nix: test 300::/7 addresses 2020-07-25 16:34:20 +02:00
Vladimír Čunát 2b7c0dcdaa
Merge branch 'staging-next'
Rebuild on Hydra seems OK-ish.
mongodb.nix needed some conflict resolution (scons versions);
all four versions seem to build fine.
2020-07-25 16:18:40 +02:00
Jan Tojnar 352749e577
ostree: enable ed25519 support
This was omitted in the latest update.

Only adds ~400 KB.

It required adding openssl to tests so I tacked on some cleanups.
In particular, the GI_TYPELIB_PATH was already being set in the wrapper
so we can remove it from the module (not sure why Gtk was even there).

Also switched away from using pkgconfig and docbook_xsl aliases
and reordered the expression a bit.
2020-07-25 12:54:18 +02:00
Lassulus 032775d0ac
Merge pull request #93788 from chkno/syncthing-test
nixos/tests: Add test for syncthing
2020-07-25 11:40:06 +02:00
Scott Worley 140247cd8a nixos/tests: Add test for syncthing 2020-07-24 15:51:14 -07:00
Jan Tojnar 379038b4dc nixosTests.flatpak: clean up
GNOME is not necessary. Portals probably are not either,
but the NixOS module requires them.

Not sure why it did not work without GNOME before.
2020-07-24 21:02:02 +02:00
Jaka Hudoklin fea9351d81
Merge pull request #92719 from pjjw/update/mongodb-42
mongodb: 4.0.12 -> 4.2.8
2020-07-24 20:15:29 +02:00
Peter Woodman dbd0f3e957
mongodb: 4.0.12 -> 4.2.8
Not strictly an upgrade, but adds a new mongodb-4_2 target with the
current mongodb from that branch.

Use matching client and server versions in mongodb tests- tests were
using the mongo 3.4 client to connect, and this finally doesn't work
with server 4.2.

Per reviewer suggestion, adding myself as cheetah3 maintainer.

Additionally, reestore comments describing the purpose of the
build-dependencies patch
2020-07-24 11:44:16 -04:00
Jan Tojnar 8d53e88346
nixosTests.installed-tests.flatpak: Fix
Along with the `socat` fix in the parent commit, this makes
the Flatpak’s installed tests finally pass again.

The tests seem to need slightly over 2G of disk space,
and it appears that the test suite was ported to Python 3 in 1.5.1:
2b6641575d
2020-07-24 16:32:34 +02:00
Jan Tojnar 2bfa6aa848
nixosTests.installed-tests: Add the test data to VM closure
Flatpak’s installed tests build Flatpak runtimes, among other things.
Upstream code does this by copying some programs on `PATH`
as well as some possible dependencies from host’s /usr.
We patch the code to use `nix-store --query --requisites`
to make the dependency discovery easier.

The Flatpak’s installed tests add `socat` to `PATH` and later run
`nix-store --query --requisites` on its location but it was failing with

    error: path '/nix/store/qcyf7nq5vvfw32967sv4j6z190inrbrc-socat-1.7.3.4' is not valid

The issue occurred because, while the host Nix store is bind mounted into the test VM,
the VM’s store uses its own database that only contains the packages in the VM’s closure.
Since the test commands are not actually part of the VM but only passed through PTY,
the `flatpak.installedTests` derivation was not part of the VM’s closure, so `nix-store`
in the VM could not get information about its dependency `socat`.

Let’s make the `installedTests` of the tested package part of the test VM’s closure
by passing it as a global environment variable. This will also have the added benefit
that user no longer has to type the path when running the installed tests manually in the VM;
they can just use `gnome-desktop-testing-runner -d $TESTED_PACKAGE_INSTALLED_TESTS`,
which is much more conducive to tab completion.
2020-07-24 16:30:49 +02:00
Emery Hemingway 76d60b0fcd nixos/molly-brown: init 2020-07-24 11:04:33 +02:00
1000101 7b76bc2c7d nixos/bitcoind: add tests 2020-07-23 12:05:52 +02:00
Vladimír Čunát 7a5c6fee0f
Merge branch 'master' into staging-next
Some rebuilds, e.g. all of haskell.
Hydra nixpkgs: ?compare=1601713
2020-07-22 08:37:19 +02:00
Simon Weber 3dc3f019cf nixos/zigbee2mqtt: add minimal test 2020-07-20 21:48:14 +02:00
Bas van Dijk e15815e885 nixos/tests/networking.nix: test the services.dhcpd4.machines option
This modifies the `router` to not give out a range of IP addresses but
only give out a fixed address based on the MAC address using the
`services.dhcpd4.machines` option.

To get access to the MAC address the `qemuNicMac` function is defined
and exported from `qemu-flags.nix`.
2020-07-20 13:09:27 +02:00
Vladimír Čunát 4244b73917
Merge branch 'master' into staging 2020-07-18 17:50:23 +02:00
Matt Layher a58346a5ee
nixos/prometheus-modemmanager-exporter: new module
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-07-17 13:54:58 -04:00
Robert Hensing c1908bf802
Merge pull request #92934 from hercules-ci/dockerTools-set-imageTag
dockerTools: Always set imageTag attribute
2020-07-16 17:05:58 +02:00
Daniël de Kok aa94e5f2c2
Merge pull request #93210 from zowoq/podman
podman updates
2020-07-16 09:20:01 +02:00
Sarah Brofeldt 7ab42c176c nixos/tests/kubernetes: Don't re-import <nixpkgs> 2020-07-16 08:44:04 +02:00
zowoq 805f7676bc Revert "nixos/podman: use cgroupfs for rootless crun test"
This reverts commit 033ba9c73d.
2020-07-16 12:11:09 +10:00
Jan Tojnar 821dba740e
Merge branch 'staging-next' into staging 2020-07-15 09:29:01 +02:00
Florian Klink b6c53e3ac5
Merge pull request #92791 from johanot/ceph-15
ceph: 14.2.10 -> 15.2.4
2020-07-14 20:10:23 +02:00
worldofpeace 97054ce880
Merge pull request #93089 from jtojnar/debug-gnome-tests
nixosTests.gnome3: enable debug mode
2020-07-14 12:43:56 -04:00
ajs124 53a34361af nixos/tests/installer: lvm: test lvm2-pvscan@ units
Also, add some sleep statements in between, which seems to at least feel
like it causes

> WARNING: Device /dev/vda* not initialized in udev database even after waiting 10000000 microseconds.

To occur less frequently.

This eventually still succeeds after some amount of waiting, I suspect
some racyness in the way lvm's udev-triggered scripts trigger other
units.
2020-07-14 12:00:33 +02:00
ajs124 d056f6e86d nixos/test/installer: add postBootCommands 2020-07-14 12:00:33 +02:00
Jan Tojnar 13e22e4607
nixosTests.gnome3: enable debug mode
The tests fail too often on Hydra without much of a hint what went wrong. Hopefully, this will provide some clue.
2020-07-14 04:35:15 +02:00
adisbladis 5733967290
nixos.users-groups: Set up subuid/subgid mappings for all normal users
This is required by (among others) Podman to run containers in rootless mode.

Other distributions such as Fedora and Ubuntu already set up these mappings.

The scheme with a start UID/GID offset starting at 100000 and increasing in 65536 increments is copied from Fedora.
2020-07-13 13:15:02 +02:00
Florian Klink 94dc0c006e
Merge pull request #92759 from mdlayher/mdl-systemd-watchdog
nixos/systemd: add options for hardware watchdog management
2020-07-12 09:35:25 +02:00
Florian Klink 8c0708f0bb
Merge pull request #91424 from i077/restic-rclone-opts
nixos/restic: Add rclone options
2020-07-11 23:57:47 +02:00
Florian Klink 12834b3e87
Merge pull request #91232 from primeos/systemd-allow-transient-hostname
systemd: Allow setting the transient hostname via DHCP
2020-07-11 22:28:52 +02:00