1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-21 05:00:16 +00:00
Commit graph

3840 commits

Author SHA1 Message Date
Martin Weinelt dc940ecdb3
Merge pull request #121750 from m1cr0man/master
nixos/acme: Ensure certs are always protected
2021-07-06 15:10:54 +02:00
Sandro ed79adc782
Merge pull request #129269 from Izorkin/mariadb-fix 2021-07-05 18:19:13 +02:00
Sandro 0928f8b0d3
Merge pull request #129239 from LeSuisse/trafficserver-9.0.2
trafficserver: 9.0.1 -> 9.0.2
2021-07-05 18:04:15 +02:00
Thomas Gerbet d41e86c67f trafficserver: 9.0.1 -> 9.0.2
Fixes CVE-2021-32566 and CVE-2021-32567.
2021-07-05 15:16:06 +02:00
Bruno Bigras 7265334f1a yggdrasil: 0.3.16 -> 0.4.0 2021-07-05 12:21:37 +02:00
Pamplemousse 4f093b8fdb nixos/modules/jenkins: Test the CLI
Signed-off-by: Pamplemousse <xav.maso@gmail.com>
2021-07-04 14:49:39 -07:00
Izorkin a87a078dbc
nixos/tests/mariadb: add check Mroonga storage 2021-07-04 22:53:15 +03:00
Léo Gaspard 5bcb49475f
Merge pull request #127479 from symphorien/btrbk-module
nixos/btrbk: add module and test
2021-07-03 21:55:01 +02:00
Guillaume Girol 72894352b8 nixos/btrbk: add module and test 2021-07-03 17:18:20 +02:00
Jörg Thalheim a47ace80e5
Merge pull request #126187 from K900/vaultwarden
vaultwarden: update to 1.21.0, rename from bitwarden_rs
2021-07-03 11:15:22 +01:00
Christian Kampka 971e37dc07 nixos/tests/coturn: init
Co-authored-by: MatthewCroughan <matt@croughan.sh>
2021-07-03 08:32:03 +01:00
aszlig 3895ec33ad
nixos/tests/zsh-history: Fix matching prompt
In commit fbbaa4d40f, the Zsh default
prompt has changed from "walters" to "suse". So instead of:

  root@default>

... we now have:

  root@default:~/ >

However, in the NixOS VM test, we are matching "root@default>", which
doesn't include the current working directory and thus eventually leads
to a test failure after timing out.

To fix this, I changed the regex to include a newline at the beginning
and made sure that the hostname ends with a word boundary. This way it
doesn't matter whether the prompt is "walters" or "suse", because after
all the test is not about the prompt but about whether the history
mechanism works (or not).

Signed-off-by: aszlig <aszlig@nix.build>
2021-07-02 21:01:49 +02:00
K900 dc1b56c714 vaultwarden: update to 1.22.1, rename from bitwarden_rs
I tried to make this as non-breaking as possible, but it will still
break things slightly for people expecting certain file names in the
packages themselves.
2021-07-01 12:31:20 +03:00
Jonathan Ringer cd687af9f4 nixos/test/vault: fix assertion logic
"vault status" now returns exit code 2 when the
vault is still unsealed.
2021-06-30 22:50:01 -07:00
Sandro 30e2735f5d
Merge pull request #83904 from ju1m/sanoid
sanoid: fix sanoid.conf generation
2021-06-30 23:55:26 +02:00
Sandro 3a0d1ab3e2
Merge pull request #128546 from scvalex/fix-kubernetes-tests
kubernetes: make tests pass by fixing a conntrack-tools dep and a missing dir
2021-06-30 01:49:58 +02:00
Luke Granger-Brown 0dccbe2729 nixos/tests/kernel-generic: fix evaluation
This is breaking the tarball build, because #128502 depends on this test
existing. After this commit, nixpkgs.tarball once again evaluates.
2021-06-28 22:41:56 +00:00
Alexandru Scvortov ab1567e812 kubernetes: fix conntrack-tools package name, missing dir, and tests 2021-06-28 20:33:17 +01:00
Robert Schütz a3d043387f nixos/tests/home-assistant: don't test package
The modules overrides extraComponents which leads to a costly rebuild of
the home-assistant package with all tests.  Make it less costly by not
running the tests, as does the default for the package option.  The
package's tests are already run by ofborg on every pull request as well
as by Hydra when building home-assistant.
2021-06-28 14:34:18 +02:00
Elis Hirwing 94d07b7492
php: Run nixpkgs-fmt on all php related files 2021-06-26 20:07:56 +02:00
github-actions[bot] 45003ba5f9
Merge master into staging-next 2021-06-26 12:06:25 +00:00
Martin Weinelt ef2ce48d8b
Merge pull request #127767 from Mic92/go-neb 2021-06-26 12:23:16 +02:00
Jörg Thalheim 34d1c55580
nixos/go-neb: secret support 2021-06-26 11:59:50 +02:00
github-actions[bot] bae6b2055f
Merge master into staging-next 2021-06-25 12:06:04 +00:00
Michael Weiss 370a10c27f
Merge pull request #128055 from Synthetica9/sway-check-quit
nixos/tests/sway: add check that sway quits
2021-06-25 13:23:39 +02:00
Maximilian Bosch eb5013d20d
Merge pull request #128048 from dali99/add-txredisapi-synapse
Add txredisapi to matrix-synapse dependencies
2021-06-25 10:40:11 +02:00
Robert Schütz c1dca92daf Merge branch 'master' into staging-next 2021-06-25 10:02:10 +02:00
Patrick Hilhorst ad1141b528
nixos/tests/sway: add check that sway quits
We used to check that sway quits _succesfully_.
However, since 73d7f08b4d
disabled this, we'll add another check to see it quits _at all_.

cc @primeos
2021-06-25 02:06:00 +02:00
Daniel Olsen f7f52a4fbf pythonPackages.txredisapi: Add unit test 2021-06-24 23:34:03 +02:00
Michael Weiss 73d7f08b4d
sway: 1.6 -> 1.6.1
Since wlroots 0.14 setting WLR_RENDERER_ALLOW_SOFTWARE=1 to allow
software rendering is now enforced [0].

[0]: https://github.com/swaywm/wlroots/pull/2810
2021-06-24 22:59:06 +02:00
Martin Weinelt eef9694ebc
Merge branch 'master' into staging-next 2021-06-22 00:58:31 +02:00
Jörg Thalheim 7c2d15627a
Merge pull request #92378 from jnetod/zfs-smb-share-fix
zfs: patch client path used in smb share
2021-06-21 07:11:43 +02:00
github-actions[bot] 9c8cef37d2
Merge master into staging-next 2021-06-20 12:04:37 +00:00
illustris 85aa4bf92b nixos/jitsi-meet: update nixos tests
- remove check for `connected .JID: focus@auth.server` because
	- log format was changed in c1945ea6cb
	- connection.getUser() in jicofo also appears to be broken, returning null instead of username
	- testing for this log line shouldn't be necessary, as we also test for "Authenticated as focus@auth.server"

- remove check for `External component successfully authenticated` because
	- [JVB no longer uses component](https://community.jitsi.org/t/jvb-not-connecting/91157/2)

- increase VM memory
2021-06-20 12:36:51 +02:00
github-actions[bot] d0cc21f4bd
Merge master into staging-next 2021-06-19 00:08:37 +00:00
Jörg Thalheim a4cb90bdbd
Update nixos/tests/zfs.nix
Co-authored-by: jnetod <49963580+jnetod@users.noreply.github.com>
2021-06-18 22:19:16 +02:00
Martin Weinelt af664bf942
Merge pull request #127127 from mweinelt/home-assistant
nixos/home-assistant: update hardening
2021-06-18 20:15:05 +02:00
github-actions[bot] 4ea74538ce
Merge master into staging-next 2021-06-18 18:04:25 +00:00
adisbladis 1394a33858
Merge pull request #125598 from zowoq/podman
podman: 3.1.2 -> 3.2.1
2021-06-18 09:59:48 -05:00
zowoq 9edf2e0ffd nixos/podman/tests: add workaround for broken import 2021-06-18 15:43:24 +10:00
Martin Weinelt 36659d1efa
nixos/home-assistant: update hardening
This makes access to serial devices contingent on using certain
components and restricts the default setup even further.
2021-06-16 21:31:24 +02:00
Jan Tojnar e3dfa79441
Merge branch 'staging-next' into staging
Regenerated pkgs/servers/x11/xorg/default.nix to resolve the conflict.
2021-06-16 19:59:05 +02:00
markuskowa 5ad54b5bc9
Merge pull request #126785 from oxzi/ucarp-1.5.2
ucarp: init at 1.5.2 / nixos/ucarp: init / nixos/test/ucarp: init
2021-06-16 10:54:23 +02:00
aszlig c55e00d8ff
nixos/tests/overlayfs: Use individual commands
This reverts the test to be similar to its original Perl version, where
the test steps were performed as individual commands instead of what we
have now, where commands are sent to the machine as one giant string.

While this change doesn't seem like it would make a big difference, it
makes a huge difference if the test fails because you then get an error
about which command has failed exactly instead of just knowing that
"something in there" has failed.

I also switched 2 spaces indentation, because it is more in line with
Nix coding conventions.

Signed-off-by: aszlig <aszlig@nix.build>
2021-06-16 04:12:18 +02:00
aszlig 9ecde9d165
nixos/tests/overlayfs: Fix erroneous backslashes
Since commit b7749c7671, commands run as
part of VM tests are exiting immediately if an error happens.

When converting the overlayfs test to Python in commit
5ae92144ba, the individual test commands
were crammed into one big string instead of using a series of test
commands like done in the Perl version.

Additionally, the backslash-escaped dollar signs were necessary in
Perl's double-quoted strings to avoid variable interpolation, for Python
however, this results in an actual backslash being inserted into the
command.

While this obviously results in an exit code of 1 (without an error
message, since it's using bash's expression evaluation command), the
test didn't fail because putting all these commands in one string will
result in only the last error code being relevant.

With the change to "set -e" for commands sent to test machines, this has
changed and with the exit code of all commands now relevant, the test
now fails because the errors from individual command substitutions that
were prevented by escaping the dollar sign are now actually visible.

This in turn also means that until now, we wouldn't have noticed if the
overlayfs test would have failed for real.

Signed-off-by: aszlig <aszlig@nix.build>
2021-06-16 04:12:04 +02:00
Martin Weinelt ff06400b7d
Merge pull request #125011 from Xe/Xe/solanum-motd
solanum: fix MOTD
2021-06-16 00:01:24 +02:00
Alvar Penning 95ca79092e nixos/test/ucarp: init 2021-06-15 18:31:57 +02:00
Jörg Thalheim 86b1feefbd
nixos/zfs: add tests for samba 2021-06-11 08:24:56 +02:00
github-actions[bot] f023076314
Merge staging-next into staging 2021-06-10 18:14:20 +00:00
Bjørn Forsman a655b71201 nixos/jenkins: test declarative jobs 2021-06-10 19:23:28 +02:00
Jan Tojnar ba733d435b
Merge branch 'staging-next' into staging 2021-06-10 14:07:45 +02:00
Vladimír Čunát 2ee781417e
nixos/*: replace alsa* aliases
The attributes got renamed in PR #126440 and in some places this caused
evaluation errors, e.g. the tarball job was saying (locally)
> attribute 'alsaUtils' missing, at /build/source/nixos/modules/services/audio/alsa.nix:6:4
and I suspect that trunk-combined jobset's failure to evaluate was also caused.
2021-06-10 09:46:55 +02:00
talyz b4fd0a9118
nixos/tests/printing: fix after setting pipefail
It failed since pipefail (b7749c7, PR #125683), due to `systemctl status`
not exiting with code=0 for inactive units (apparently).
That command is meant for humans anyway.
2021-06-10 08:01:53 +02:00
github-actions[bot] cf8441dd85
Merge staging-next into staging 2021-06-09 18:14:53 +00:00
Martin Weinelt e2701c3115
Merge pull request #126271 from mweinelt/firefox 2021-06-09 14:51:21 +02:00
Maximilian Bosch 10eab5b6b3
nixos/tests/kernel-generic: fix evaluation
The test doesn't evaluate since #125469 because Linux 5.11 got removed
as it's EOL.

As this fixes the evaluation of the test and it only removes a
declaration that was apparently forgotten, I figured that a push to
unbreak the test is fine.
2021-06-09 13:00:43 +02:00
Julien Moutinho b62a093a58 sanoid: fix sanoid.conf generation 2021-06-09 03:25:04 +02:00
Martin Weinelt 2d4ed9bae6
nixos/tests/custom-ca: disable firefox test integration
Firefox has been decoupled from the system certificate store since the
nss p11-kit integration in combination with our cacert package does not
expose CKA_NSS_MOZILLA_CA_POLICY, which among other things is required
for addon updates.
2021-06-09 01:52:27 +02:00
github-actions[bot] fde4df19f2
Merge staging-next into staging 2021-06-08 12:04:39 +00:00
Robert Hensing 843248d39f
Merge pull request #117379 from hercules-ci/nixos-metricbeat
nixos/metricbeat: init
2021-06-08 13:53:20 +02:00
github-actions[bot] e218376e4a
Merge staging-next into staging 2021-06-07 06:37:31 +00:00
Luke Granger-Brown 91fb672b21
Merge pull request #125573 from Flakebi/prometheus-script-exporter
prometheus-script-exporter: init at 1.2.0
2021-06-07 01:59:41 +01:00
Flakebi 3bcf4e31ef
nixos/prometheus: add script exporter 2021-06-06 22:42:46 +02:00
github-actions[bot] a1f68141f3
Merge staging-next into staging 2021-06-06 18:30:36 +00:00
Luke Granger-Brown b45f157f03
Merge pull request #125770 from Mewp/acme-fix-tests
nixos/acme: Remove an incorrect assertion from tests
2021-06-06 19:11:04 +01:00
github-actions[bot] 385224957b
Merge staging-next into staging 2021-06-06 12:14:34 +00:00
Robert Hensing c177b49d39
Merge pull request #125683 from talyz/test-driver-pipefail
nixos/test-driver: Run commands with pipefail set
2021-06-06 10:42:54 +02:00
github-actions[bot] 500db2661d
Merge staging-next into staging 2021-06-06 00:15:23 +00:00
Flakebi 5e5a3c39ed nixos/prometheus: add process exporter 2021-06-06 08:17:25 +09:00
Léo Gaspard 925ee864fe
rss2email test: fix name (#125863) 2021-06-06 01:05:39 +02:00
tomberek 157aee00a5
nixos/sourcehut: init (#113244)
* nixos/sourcehut: init

* sourcehut: default nginx setup

* sourcehut: documentation

* sourcehut: re-structure settings

* sourcehut: tests

* nixos/sourcehut: adopt StateDirectory

* Apply suggestions from code review

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Thibaut Marty <github@thibautmarty.fr>
Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com>

* nixos/sourcehut: PR suggestions

* nixos/sourcehut: malte-v patch

* nixos/sourcehut: add base virtualhost

* nixos/sourcehut: remove superfluous key

* nixos/sourcehut: use default from cfg

* nixos/sourcehut: use originBase for logs

* nixos/sourcehut: use toPythonApplication in systemPackages

* nixos/sourcehut: directly use ExecStart

* nixos/sourcehut: update docs

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Thibaut Marty <github@thibautmarty.fr>
Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com>
2021-06-05 14:42:51 -04:00
github-actions[bot] 0397e518b7
Merge staging-next into staging 2021-06-05 18:30:31 +00:00
Kim Lindberger 0dda2a708f
Merge pull request #125699 from talyz/fix-mysql-alias
treewide: Fix mysql alias deprecation breakage
2021-06-05 19:07:35 +02:00
talyz 3d9c3e5cfd
nixosTests.*: Don't use the -q flag with grep when used with curl
The `-q` flag makes grep close the pipe early, which curl doesn't
handle gracefully, but exits with an error like "(23) Failed writing
body".
2021-06-05 18:44:54 +02:00
talyz a86853501a
nixosTests.nginx*: nginxUnstable -> nginxMainline
Stop using the old `nginxUnstable` alias, which is invalid in tests
since 3edde6562e.
2021-06-05 18:44:48 +02:00
talyz b7749c7671
nixos/test-driver: Run commands with error handling
Bash's standard behavior of not propagating non-zero exit codes
through a pipeline is unexpected and almost universally
unwanted. Default to setting `pipefail` for the command being run;
it can still be turned off by prefixing the pipeline with
`set +o pipefail` if needed.

Also, set `errexit` and `nonunset` options to make the first command
of consecutive commands separated by `;` fail, and disallow
dereferencing unset variables respectively.
2021-06-05 18:44:42 +02:00
Robert Hensing 81c8189a84 nixos/postgresqlBackup: Only replace backup when successful
Previously, a failed backup would always overwrite ${db}.sql.gz,
because the bash `>` redirect truncates the file; even if the
backup was going to fail.
On the next run, the ${db}.prev.sql.gz backup would be
overwritten by the bad ${db}.sql.gz.

Now, if the backup fails, the ${db}.in-progress.sql.gz is in an
unknown state, but ${db}.sql.gz will not be written.
On the next run, ${db}.prev.sql.gz (our only good backup) will
not be overwritten because ${db}.sql.gz does not exist.
2021-06-05 15:09:27 +02:00
Mewp b00bcf21ab nixos/acme: Remove an incorrect assertion from tests
Commit 3a2e0c36e7 has removed
`--reuse-key` from default renew options, yet the tests still expected
keys not to change. This assertion is now removed, as they are supposed
to change on each renew/change.
2021-06-05 10:38:46 +02:00
github-actions[bot] 8d96bfd409
Merge staging-next into staging 2021-06-05 00:20:36 +00:00
Maciej Krüger 26b3751de7
Merge pull request #97692 from ryneeverett/lockkernelmodules-lxd 2021-06-05 01:27:27 +02:00
talyz 59e0120aa5
treewide: Fix mysql alias deprecation breakage
62733b37b4 broke evaluation in all
places `pkgs.mysql` was used. Fix this by changing all occurrences to
`pkgs.mariadb`.
2021-06-04 21:42:08 +02:00
github-actions[bot] c06baac6ff
Merge staging-next into staging 2021-06-04 19:41:02 +00:00
Elis Hirwing c76bebc549
unit: Add php80 and use it as default 2021-06-04 09:27:07 +02:00
Elis Hirwing 68eb5305ac
php: Drop PHP 7.3 support
PHP 7.3 won't be supported by upstream for the entire life cycle of
the 21.11 release.

Also drop the pcre' alias since it isn't needed anymore since we don't
need different pcre versions anymore.
2021-06-04 09:26:54 +02:00
github-actions[bot] b511c637c8
Merge staging-next into staging 2021-06-03 19:52:05 +00:00
Martin Weinelt 64f1254248
Merge pull request #125532 from petabyteboy/feature/snapcast-0-25 2021-06-03 20:41:53 +02:00
Martin Weinelt 6d27068d7c
nixos/tests/snapcast: minor polish to make the tests more expressive 2021-06-03 20:29:02 +02:00
Frederik Rietdijk 3edde6562e make-test-python: disallow aliases
When importing Nixpkgs within Nixpkgs, we should not consider aliases
to ensure we don't rely on them internally.

There are probably more places that need to be converted.
2021-06-03 11:03:31 -07:00
github-actions[bot] a261aaf9c2
Merge staging-next into staging 2021-06-02 13:08:16 +00:00
Maximilian Bosch cc88797ce0 plausible: minor polishing 2021-06-02 19:21:31 +09:00
Maximilian Bosch b06ea1146c plausible: init at 1.3.0 2021-06-02 19:21:31 +09:00
github-actions[bot] 632c65fbd4
Merge staging-next into staging 2021-06-02 07:51:55 +00:00
Robert Hensing d9e4512443
Merge pull request #124589 from hercules-ci/containers-dnsname
nixos/podman-dnsname: init
2021-06-02 08:18:48 +02:00
davidak 26648d29d4
Merge pull request #124971 from oxalica/fix/kbd-paths
kbd: patch paths to decompressors
2021-06-01 01:53:45 +02:00
Maciej Krüger ef555f6a0b
Merge pull request #123426 from mattchrist/brscan5 2021-05-31 17:52:16 +02:00
Robert Hensing 54f2f1e5f1 nixos/podman-dnsname: init 2021-05-31 14:31:09 +02:00
Robert Hensing 5699d027ec nixos/metricbeat: init 2021-05-31 10:42:08 +02:00
Christine Dodrill b1fe9fab6f solanum: fix MOTD
Previously this defaulted to the default MOTD in the solanum source
tree, and I don't want my friends to laugh at me. Includes a patch to
the tests to ensure that the MOTD is actually set.

This replicates the fix done in #109705 (solanum is a fork of charybdis,
so they share fundamental logic for this).

Signed-off-by: Christine Dodrill <me@christine.website>
2021-05-30 20:27:08 -04:00
oxalica 7fb927c9e5
nixos/tests/kbd-setfont-decompress: init 2021-05-31 02:45:15 +08:00
Robert Hensing db31d8354d podman: Add iproute2, fixing docker network rm 2021-05-30 11:23:25 +02:00
Robert Hensing b6570e7238 nixos/podman-network-socket-ghostunnel: init 2021-05-30 11:23:24 +02:00
Robert Hensing ff4d83a667 nixos/podman: Add dockerSocket.enable 2021-05-30 11:21:05 +02:00
talyz cb80b67993 nixos/discourse: Assert deployed PostgreSQL version
Assert that the PostgreSQL version being deployed is the one used
upstream. Allow the user to override this assertion, since it's not
always possible or preferable to use the recommended one.
2021-05-28 17:43:02 -07:00
Robert Hensing 490aeb3cfa
Merge pull request #124494 from hercules-ci/dockerTools-omit-store
dockerTools: Allow omitting all store paths
2021-05-28 08:55:33 +02:00
Michael Weiss 2f671ccc7a
nixos/tests/{sway,cage,cagebreak}: Fix the tests on aarch64-linux
Since the update to wlroots 0.13 (e03dde82a7) the default VGA card
isn't supported anymore and we needed to switch to virtio (qxl didn't
work either). However, as it turned out "-vga virtio" (28b8cff301)
broke the test on AArch64. Luckily there's a third option that works on
all three supported platforms: virtio-gpu-pci

According to [0] "This device lacks VGA compatibility mode but is
otherwise identical to the virtio vga device. UEFI firmware can handle
this, and if your guests has drivers too you can use this instead of
virtio-vga. This will reduce the attack surface (no complex VGA
emulation support) and reduce the memory footprint by 8 MB (no pci
memory bar for VGA compatibility). This device can be placed in a PCI
Express slot."
So in the end this seems like the ideal choice :)
See also [1].

[0]: https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/#virtio-gpu-pci
[1]: https://patches.openembedded.org/patch/164351/
2021-05-27 21:29:54 +02:00
Michael Weiss abb9ea73f7
nixos/tests/{sway,cagebreak}: Disable on aarch64-linux
The tests timeout on AArch64 (e.g. [0] and [1]), likely because the QEMU
option "-vga virtio" isn't supported there (unfortunately I currently
lack access to an AArch64 system with NixOS to investigate).

This also affects the test for Cage but that one is already limited to
x86_64-linux.

[0]: https://hydra.nixos.org/build/144148809
[1]: https://hydra.nixos.org/build/144103034
2021-05-27 14:14:49 +02:00
Robert Hensing 5259d66b74 dockerTools: Allow omitting all store paths
Adds includeStorePaths, allowing the omission of the store paths.
You generally want to leave it on, but tooling may disable this
to insert the store paths more efficiently via other means, such
as bind mounting the host store.
2021-05-26 15:11:42 +02:00
Michael Raskin ab51a2dbd6
Merge pull request #123926 from pschyska/master
nixos/atop: Add defaultText to types.package options, Fix timing-related test failures.
2021-05-23 18:08:46 +00:00
Matt Christ 14bf8f109b fix brscan5 config generation
before this, the config utility was unable to locate the models folder
update tests to use a compatible model
2021-05-23 08:08:31 -05:00
Martin Weinelt d210ed99c4
nixos/tests/botamusique: init 2021-05-23 01:01:52 +02:00
Sandro 7be85b5090
Merge pull request #104420 from danielfullmer/syncoid-perm-fix 2021-05-22 17:57:56 +02:00
Paul Schyska e1a8e85631
nixos/atop: Wait for conditions
I had intermittent test failures due to timing issues.
This patch seems to have fixed them.
2021-05-22 14:11:45 +02:00
Martin Weinelt 71fb79ee6b
Merge pull request #123828 from Lassulus/solanum2
nixos/solanum: init
2021-05-21 23:23:01 +02:00
lassulus 48c16e48aa nixos/solanum: init 2021-05-21 23:06:38 +02:00
Matt Christ a9b7300f6f brscan5: init at 1.2.6-0 2021-05-21 12:59:30 -05:00
talyz 2d8a870813
keycloak.tests: Test HTTPS support 2021-05-21 13:09:43 +02:00
talyz dbf91bc2f1
nixos/keycloak: keycloak.database* -> keycloak.database.*
Move all database options to their own group / attribute. This makes
the configuration clearer and brings it in line with most other modern
modules.
2021-05-21 13:09:32 +02:00
Jonas Chevalier 30c021fa15
Merge pull request #123744 from hercules-ci/init-ghostunnel
ghostunnel: init
2021-05-20 20:58:41 +02:00
Robert Hensing dc9cb63de4 nixos/ghostunnel: init 2021-05-20 10:41:52 +02:00
Christoph Hrdinka 57acb6f9f7
Merge pull request #123598 from pschyska/master
nixos/nsd: make nsd-checkconf work when configuration contains keys (#118140)
2021-05-20 10:41:30 +02:00
Maximilian Bosch 3f3cec6d9e clickhouse: 20.11.4.13-stable -> 21.3.11.5-lts
Failing Hydra build: https://hydra.nixos.org/build/143269865
ZHF #122042
2021-05-19 14:08:46 -07:00
Sebastian Neubauer 68c618cba3
opensmtpd-filter-rspamd: init at 0.1.7 (#122823) 2021-05-19 22:37:49 +02:00
Paul Schyska 69202853ea
nixos/nsd: make nsd-checkconf work when configuration contains keys 2021-05-19 18:21:10 +02:00
Michael Weiss c21dd33953
Merge pull request #123609 from berbiche/cagebreak-use-waylands-utils-in-test
nixos/tests/cagebreak: use wayland-info instead of wallutils
2021-05-19 14:50:55 +02:00
Michele Guerini Rocco 376eabdac3
Merge pull request #123254 from rnhmjoj/ipsec
libreswan: 3.2 -> 4.4
2021-05-19 13:36:04 +02:00
Nicolas Berbiche 5e2cedfae3
nixos/tests/cagebreak: use wayland-info instead of wallutils
wayland-info from wayland-utils is already used in other Wayland
tests whereas wallutils' wayinfo is not.
2021-05-18 22:02:24 -04:00
Michael Weiss 1b114586e8
Merge pull request #123381 from primeos/nixos-tests-cagebreak
nixos/tests/cagebreak: Fix the test
2021-05-18 16:01:37 +02:00
Michael Raskin 02ba3238d2
Merge pull request #123053 from pschyska/master
atop, netatop, nixos/atop: improve packaging and options
2021-05-18 10:54:13 +00:00
rnhmjoj 3a46314455
nixos/tests/libreswan: add test 2021-05-18 08:13:36 +02:00
Sandro 4fc08dd955
Merge pull request #121500 from servalcatty/v2ray
v2ray: 4.37.3 -> 4.38.3
2021-05-17 19:18:56 +02:00
Michael Weiss f691e6c074
nixos/tests/cagebreak: Simplify the startup 2021-05-17 18:41:27 +02:00
Michael Weiss 81b2ce96c6
nixos/tests/cagebreak: Fix the test
Starting Cagebreak as X11 client doesn't work anymore as wlroots 0.13
started to require the DRI3 extension which isn't supported by LLVMpipe:
machine # [   13.508284] xsession[938]: 00:00:00.003 [ERROR] [backend/x11/backend.c:433] X11 does not support DRI3 extension
machine # [   13.666989] show_signal_msg: 62 callbacks suppressed
machine # [   13.666993] .cagebreak-wrap[938]: segfault at 8 ip 0000000000408574 sp 00007ffef76f2440 error 4 in .cagebreak-wrapped[407000+d000]
machine # [   13.670483] Code: f4 ff ff 4c 8b 84 24 70 01 00 00 8d 45 01 48 89 c5 49 8b 3c c0 48 85 ff 75 e4 4c 89 c7 e8 84 f4 ff ff 48 8b bc 24 18 01 00 00 <48> 8b 47 08 4c 8d 6f d8 48 8d 68 d8 48 39 df 75 0e eb 36 66 0f 1f
machine # [   13.518274] xsession[938]: 00:00:00.006 [ERROR] [../cagebreak.c:313] Unable to create the wlroots backend

The test broke after updating Cagebreak in #121652 (bf8679ba94).

XWayland still fails for unknown reasons:
Modifiers specified, but DRI is too old
libEGL warning: DRI2: failed to create dri screen
libEGL warning: NEEDS EXTENSION: falling back to kms_swrast
glamor: No eglstream capable devices found
glamor: 'wl_drm' not supported
Missing Wayland requirements for glamor GBM backend
Missing Wayland requirements for glamor EGLStream backend
Failed to initialize glamor, falling back to sw
00:00:03.534 [ERROR] [xwayland/server.c:252] waitpid for Xwayland fork
failed: No child processes
(EE) failed to write to XWayland fd: Broken pipe
/nix/store/kcm3x8695fgycf31grzl9fy5gggwpram-xterm-367/bin/xterm: Xt
error: Can't open display: :0

The fallback to software rendering is to be expected but it looks like
XWayland is crashing with "failed to write to XWayland fd: Broken pipe".
2021-05-17 18:41:12 +02:00
Michael Weiss aa2537b554
Merge pull request #122926 from primeos/signal-desktop-fix-db-encryption
signal-desktop: Fix the database encryption by preloading SQLCipher
2021-05-17 16:06:52 +02:00
Martin Weinelt 7bd65d54f7 treewide: remove nand0p as maintainer
While looking at the sphinx package I noticed it was heavily
undermaintained, which is when we noticed nand0p has been inactive for
roughly 18 months. It is therefore prudent to assume they will not be
maintaining their packages, modules and tests.

- Their last contribution to nixpkgs was in 2019/12
- On 2021/05/08 I wrote them an email to the address listed in the
  maintainer-list, which they didn't reply to.
2021-05-17 01:50:49 +02:00
Robert Hensing 338baef861
Merge pull request #122458 from serokell/team-serokell
maintainers: add serokell team, move various packages to it
2021-05-16 22:37:50 +02:00
Paul Schyska fb90a9c552
nixos/atop: Rework the test
- use "with subtest" everywhere
- do more in nix and less in python
- use makeTest directly to define multiple tests instead of one with
  multiple nodes -> this enables them to run in parallel
2021-05-16 18:22:03 +02:00
Paul Schyska 8f3d2e5c3b
nixos/atop: Add configuration for atop services, allow to enable netatop, gpuatop, allow setuid wrapper 2021-05-16 18:22:03 +02:00
Jan Tojnar 684991c696
Merge branch 'master' into staging-next
- Thunderbird 68 has been dropped on master.
- gccCrossLibcStdenv has been factored out on staging-next in all-packages.nix, while the file has been re-formatted on master.
2021-05-16 15:34:51 +02:00
Lucas Savva 083aba4f83 nixos/acme: Ensure certs are always protected
As per #121293, I ensured the UMask is set correctly
and removed any unnecessary chmod/chown/chgrp commands.
The test suite already partially covered permissions
checking but I added an extra check for the selfsigned
cert permissions.
2021-05-15 12:41:33 +01:00
Milan Pässler 827f69cf0d
nixos/tests/minecraft-server: fix build on i686
"at most 2047 MB RAM can be simulated"
2021-05-15 01:17:51 +02:00
Vladimír Čunát c48eaa70e3
Merge branch 'master' into staging-next 2021-05-14 22:27:34 +02:00
Robert Schütz e611d663f4
Merge pull request #120440 from dotlambda/radicale-settings
nixos/radicale: add settings option
2021-05-14 15:37:26 +02:00
Michael Weiss 89cc391728
Merge pull request #122877 from primeos/nixos-tests-sway-gpg-agent-pinentry
nixos/tests/sway: test GPG's pinentry pop-up
2021-05-14 14:45:56 +02:00
WilliButz 94b2848559
Merge pull request #91663 from mweinelt/kea-exporter
prometheus-kea-exporter: init at 0.4.1
2021-05-14 14:38:08 +02:00
Martin Weinelt dd7e1834ca
nixos/tests/prometheus-exporters.kea: init 2021-05-14 14:09:19 +02:00
Michael Lingelbach 46284492f4
nixos/tests/dendrite: init (#121777) 2021-05-14 13:11:22 +02:00
github-actions[bot] bf5d8bb531
Merge master into staging-next 2021-05-14 00:58:11 +00:00
Michael Weiss 940dfa9940
signal-desktop: Fix the database encryption by preloading SQLCipher
AFAIK this is the only reliable way for us to ensure SQLCipher will be
loaded instead of SQLite. It feels like a hack/workaround but according
to the SQLCipher developers [0] "this issue can and should be handled
downstream at the application level: 1. While it may feel like a
workaround, using LD_PRELOAD is a legitimate approach here because it
will substitute the system SQLite with SQLCipher which is the intended
usage model;".

This fixes #108772 for NixOS 20.09 users who upgrade to NixOS 21.05 and
replaces #117555.

For nixos-unstable users this will unfortunately break everything again
so we should add a script to ease the transition (in a separate commit
so that we can revert it for NixOS 21.05).

[0]: https://github.com/sqlcipher/sqlcipher/issues/385#issuecomment-802874340
2021-05-14 02:33:42 +02:00
Maximilian Bosch bfd4c121ff
Merge pull request #122637 from mayflower/prometheus-2.26.0
Prometheus 2.26.0 + exporter updates
2021-05-13 23:05:29 +02:00
Michael Weiss 28a1e9516d
Merge pull request #122627 from primeos/nixos-tests-signal-desktop-db-encryption
nixos/tests/signal-desktop: test if the SQLite DB is (un)encrypted
2021-05-13 21:40:07 +02:00
Michael Weiss 217f268534
nixos/tests/signal-desktop: test if the SQLite DB is (un)encrypted
Well, this should test if the database is encrypted but currently it is
still unencrypted and we need to notice if this behaviour changes in the
future (as it will cause data loss, see e.g. #108772).
Anyway, this doesn't really matter for security reasons but we need this
test to prevent data loss (unfortunately Signal-Desktop and SQLCipher
handle this badly... :o).
2021-05-13 21:18:28 +02:00
Michael Weiss 03808546e5
nixos/tests/sway: test GPG's pinentry pop-up
This test is important to confirm that $WAYLAND_DISPLAY is correctly
imported via "dbus-update-activation-environment --systemd" which is
done by default since #122605 (00e8e5b123).
It ensures that the gnome3-pinentry pop-ups work as expected to avoid
regressions like #119445 (which also broke screen sharing).
2021-05-13 20:51:31 +02:00
github-actions[bot] d8fb37f470
Merge master into staging-next 2021-05-12 06:21:33 +00:00
Robin Gloster b3d30fac67
prometheus-exporter tests: fix eval/deprecation
lnd exporter test still fails but evaluates now
2021-05-11 17:57:47 -05:00
Robin Gloster b3c592bf08
prometheus-json-exporter: 0.2.0 -> 0.3.0 2021-05-10 23:36:39 -05:00
Dominik Xaver Hörl db0294aa60 linux_5_12: init at 5.12.2 2021-05-10 11:43:23 +02:00
github-actions[bot] 1e3d91bd19
Merge master into staging-next 2021-05-10 00:48:32 +00:00
Guillaume Girol fe50cb0ee1
Merge pull request #122301 from Izorkin/update-test-unit-php
nixos/tests/unit-php: require one of users.users.name.{isSystemUser,isNormalUser}
2021-05-09 20:09:29 +00:00
github-actions[bot] 450e66080b
Merge master into staging-next 2021-05-09 18:23:01 +00:00
Félix Baylac-Jacqué 524ff40291
nixosTests.systemd-networkd: remove wireguard kernel module
config.boot.kernelPackages.wireguard evaluates to null on machine
closure having a > 5.6 Linux kernels, hence making the evaluation of
this test fail.

Wireguard is now part of the mainline Linux kernel, we do not need to
to add it via a additional kernel module anymore for this test.
2021-05-09 15:40:19 +02:00
github-actions[bot] bc1f4b790e
Merge master into staging-next 2021-05-09 12:23:16 +00:00
Luke Granger-Brown 491216df02
Merge pull request #122099 from alekna/fix/docker
nixos/docker: ensure ipv4 forwarding is enabled
2021-05-09 12:15:16 +01:00
Michele Guerini Rocco e5452226af
Merge pull request #121791 from dotlambda/sudo-execWheelOnly
nixos/sudo: add option execWheelOnly
2021-05-09 10:04:15 +02:00
Vladimír Čunát 5663b2b2d3
Merge branch 'master' into staging-next
(a trivial conflict in transmission)
2021-05-09 09:31:55 +02:00
Izorkin 506646e48b
nixos/tests/unit-php: require one of users.users.name.{isSystemUser,isNormalUser} 2021-05-09 07:42:02 +03:00
Robert Hensing 8c868f47a8 Revert "nixos/tests/docker-tools*: remove useless formatter"
Annoyed with the interference of the python formatting of
generated code (see #72964), I took matters into my own hands
as maintainer of dockerTools.

Afterwards, I've created a PR, hoping to unstuck the discussion.

@aszlig took notice and thanks to his python ecosystem knowledge,
the testing efforts of @blaggacao and @Ma27, and a sense of
shared suffering and comraderie we were able to change the
situation for the better in #122201.

Now, we have a proper linter that actually helps contributors,
so it's time to turn it back on again.

I'm glad we could make it happen this quickly!

Thanks!

This reverts commit 4035049af3.
2021-05-09 02:57:17 +02:00
aszlig 54bc69637b
nixos/test/virtualbox: Fix linting errors
There were a bunch of unnecessary f-strings in there and I also removed
the "# fmt: on/off" comments, because we no longer use Black and thus
won't need those comments anymore.

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:32 +02:00
aszlig 74bff4e667
nixos/tests/unbound: Remove unused 'json' import
Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:30 +02:00
David Arnold 6ad2e41269
nixos/testing: lint jellyfin test 2021-05-09 02:28:28 +02:00
aszlig 6c0ec527b9
nixos/tests/shadow: Fix linting errors
Linter errors reported:

  6:32 f-string is missing placeholders
  7:26 f-string is missing placeholders
  8:32 f-string is missing placeholders
  30:32 f-string is missing placeholders
  31:26 f-string is missing placeholders
  32:32 f-string is missing placeholders
  48:32 f-string is missing placeholders
  49:26 f-string is missing placeholders
  50:32 f-string is missing placeholders
  76:32 f-string is missing placeholders
  77:26 f-string is missing placeholders
  78:32 f-string is missing placeholders

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:26 +02:00
aszlig e157ad41cb
nixos/tests/printing: Remove unused 'sys' import
Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:23 +02:00
aszlig c066cc3c0b
nixos/tests/networking: Fix str literal comparison
Linter error:

  use ==/!= to compare constant literals (str, bytes, int, float, tuple)

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:20 +02:00
aszlig 62a518b904
nixos/tests/yggdrasil: Fix linting error
Linter error was: f-string is missing placeholders

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:18 +02:00
Maximilian Bosch b782440a62
nixosTests.custom-ca: lint 2021-05-09 02:28:16 +02:00
Maximilian Bosch b4b5dcb669
nixosTests.containers-imperative: lint 2021-05-09 02:28:14 +02:00
Maximilian Bosch fc76a44d0f
nixosTests.containers-custom-pkgs: lint
The new linter basically does

   def testScript
      # ...

before calling `pyflakes`. As this test-script is empty, it would lead
to a syntax-error unless `pass` is added.
2021-05-09 02:28:11 +02:00
Maximilian Bosch 774aba102a
nixosTests.chromium: lint
Note: I didn't execute it entirely because I'd have to build chromium
for this, but the diff appears fine.
2021-05-09 02:28:09 +02:00
Robert Hensing b9e7fb14e2
nixos/tests/nfs: lint 2021-05-09 02:28:07 +02:00
Robert Hensing 06b070ffe7
nixosTests.acme: lint 2021-05-09 02:28:04 +02:00
Robert Schütz 5624aa9f81 nixos/sudo: add option execWheelOnly
By setting the executable's group to wheel and permissions to 4510, we
make sure that only members of the wheel group can execute sudo.
2021-05-08 23:48:00 +02:00
github-actions[bot] 6d46d8a9b9
Merge master into staging-next 2021-05-08 18:22:46 +00:00
Laurynas Alekna 9317570735 nixos/docker: ensure ipv4 forwarding is enabled
Fixes #118656
2021-05-08 18:58:24 +01:00
divanorama b7dea9e494 nixosTests.systemd-confinement: fix script format
https://hydra.nixos.org/build/142591177/nixlog/30

ZHF: #122042
2021-05-08 10:05:15 -07:00
Robert Hensing 3cfb002b07
Merge pull request #122192 from roberth/docker-tools-stimulate-testing
dockerTools testing update
2021-05-08 15:53:17 +02:00
Robert Hensing 4035049af3 nixos/tests/docker-tools*: remove useless formatter 2021-05-08 15:03:20 +02:00
Robert Hensing a67c97a5eb nixos/tests/docker-tools*: Add myself as maintainer where missing
I should have done this when I became maintainer for dockerTools,
but it's the PR reviews that matter.
2021-05-08 15:00:19 +02:00
Martin Weinelt 9651084620 Merge remote-tracking branch 'origin/master' into staging-next 2021-05-08 14:43:43 +02:00
Yorick van Pelt 87f11f84b2
maintainers: add serokell team, move various packages to it 2021-05-08 12:11:48 +02:00
Vladimír Čunát 080cd658ca
Merge #121780: treewide meta.maintainers tweaks 2021-05-08 10:47:08 +02:00
Jan Tojnar 468cb5980b gnome: rename from gnome3
Since GNOME version is now 40, it no longer makes sense to use the old attribute name.
2021-05-08 09:47:42 +02:00
github-actions[bot] b4416b52c5
Merge master into staging-next 2021-05-08 00:46:50 +00:00
Evils 3d043c6939 nixosTests.fancontrol: fix test
and set myself (module author) as maintainer
2021-05-07 11:46:40 -07:00
github-actions[bot] 1ae6d3d02f
Merge master into staging-next 2021-05-07 18:24:29 +00:00
Robin Gloster 29e92116d1
Merge pull request #118037 from mayflower/privacy-extensions-configurable
nixos/network: allow configuring tempaddr for undeclared interfaces
2021-05-07 13:01:29 -05:00
ajs124 cd609e7a1c
Merge pull request #117094 from helsinki-systems/drop/spidermonkey_1_8_5
spidermonkey_1_8_5: drop
2021-05-07 18:55:49 +02:00
Vladimír Čunát 9f054b5e1a
treewide: remove worldofpeace from meta.maintainers
(It was requested by them.)
I left one case due to fetching from their personal repo:
pkgs/desktops/pantheon/desktop/extra-elementary-contracts/default.nix
2021-05-07 15:36:40 +02:00
github-actions[bot] 12193913a1
Merge staging-next into staging 2021-05-07 12:23:21 +00:00
Jan Tojnar 941b15b003
librsvg: register installed tests 2021-05-05 22:20:22 +02:00
github-actions[bot] af9d9374fa
Merge staging-next into staging 2021-05-05 12:23:47 +00:00
Michael Weiss ff5fdec093
Merge pull request #121437 from primeos/nixos-tests-sway
nixos/tests/sway: init
2021-05-05 13:52:51 +02:00
github-actions[bot] dbc1478d23
Merge staging-next into staging 2021-05-05 06:21:29 +00:00
Ben Siraphob a913f3ff49 nixos/tests/wmderland: remove stdenv.lib 2021-05-05 01:43:05 -04:00
github-actions[bot] 4cbb35eba8
Merge staging-next into staging 2021-05-04 18:21:27 +00:00
talyz 8f83860a0a keycloak.tests: Make sure databaseUsername is either ignored...
...or used correctly.
2021-05-04 19:27:08 +02:00
Robert Schütz 762be5c86d nixos/radicale: harden systemd unit 2021-05-04 17:43:26 +02:00
Michael Weiss 957b7a476e
nixos/tests/sway: init
This adds a basic test for Sway. Because Sway is an important part of
the Wayland ecosystem, is stable, and has few dependencies this test
should also be suitable for testing core packages it depends on (e.g.
wayland, wayland-protocols, wlroots, xwayland, mesa, libglvnd, libdrm,
and soon libseat).

The test is modeled after the suggested way of using Sway, i.e. logging
in via a virtual console (tty1) and copying the configuration from
/etc/sway/config (we replace Mod4 (the GNU/Tux key - you've replaced
that evil logo, right? :D) with Mod1 (Alt key) because QEMU monitor's
sendkey command doesn't support the former).

The shell aliases are used to make the sendkey log output shorter.

Co-authored-by: Patrick Hilhorst <git@hilhorst.be>
2021-05-04 16:52:36 +02:00
Robert Schütz 022c5b0922 nixos/radicale: add settings option
The radicale version is no longer chosen automatically based on
system.stateVersion because that gave the impression that old versions
are still supported.
2021-05-04 10:22:05 +02:00
github-actions[bot] 98d7aac597
Merge staging-next into staging 2021-05-04 00:49:43 +00:00
WilliButz a2adfae036
Merge pull request #121599 from Ma27/knot-exporter-patch
prometheus-knot-exporter: add patch to fix stats
2021-05-04 01:02:28 +02:00
Andreas Rammhold 3ec6977d30
Merge pull request #89572 from rissson/nixos/unbound
nixos/unbound: add settings option, deprecate extraConfig
2021-05-03 21:49:24 +02:00
Luke Granger-Brown 62f675eff6
Merge pull request #121558 from sumnerevans/fix-airsonic-service
airsonic: force use of jre8
2021-05-03 20:43:00 +01:00
Luke Granger-Brown 4e98ae6418
Merge pull request #120548 from minijackson/jellyfin-enhanced-test
nixos/tests/jellyfin: enhanced test
2021-05-03 20:38:22 +01:00
Sumner Evans 1ce3067c42
airsonic: add test for module 2021-05-03 13:27:23 -06:00
Marc 'risson' Schmitt 52f6733203
nixos/unbound: deprecate extraConfig in favor of settings
Follow RFC 42 by having a settings option that is
then converted into an unbound configuration file
instead of having an extraConfig option.

Existing options have been renamed or kept if
possible.

An enableRemoteAccess has been added. It sets remote-control setting to
true in unbound.conf which in turn enables the new wrapping of
unbound-control to access the server locally.  Also includes options
'remoteAccessInterfaces' and 'remoteAccessPort' for remote access.

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2021-05-03 21:27:15 +02:00
Minijackson 2ab88a31fe
nixos/tests/jellyfin: enhanced test 2021-05-03 20:48:13 +02:00
github-actions[bot] 5e177b16b1
Merge staging-next into staging 2021-05-03 18:25:49 +00:00
Luke Granger-Brown 049850341e
Merge pull request #121540 from lukegb/postfix-compat
nixos/tests/rspamd: fix OOM flakyness
2021-05-03 17:36:46 +01:00
Luke Granger-Brown 4e06e6e005
Merge pull request #121541 from lukegb/git-test
nixos/tests/gitdaemon: deflake by using systemd-tmpfiles
2021-05-03 17:36:01 +01:00
Luke Granger-Brown 4f9fe889b8
Merge pull request #121548 from lukegb/bios-usb-better
nixos/tests/installer: fix for i686-linux
2021-05-03 17:35:24 +01:00
Martin Weinelt d23610ae65
Merge pull request #121209 from mweinelt/pinnwand 2021-05-03 18:24:45 +02:00
Maximilian Bosch 75c5a703ab
prometheus-knot-exporter: add patch to fix stats
This is a patch I filed against upstream[1] a while ago. As it isn't
merged yet and fixes configurations with all stats enabled in knot
(otherwise it'd crash when sending a request to `localhost:9433`), I
decided that it makes sense to add it to the package directly.

I extended the test to make sure that it only passes with this patch.

[1] https://github.com/ghedo/knot_exporter/pull/6
2021-05-03 17:27:36 +02:00
Florian Klink 9071cb3001
Merge pull request #121416 from primeos/nixos-tests-replace-QEMU_OPTS
nixos/tests: Replace QEMU_OPTS usages with virtualisation.qemu.options
2021-05-03 17:23:49 +02:00
Luke Granger-Brown a0da004326
Merge pull request #121376 from urbas/amazon-init-shell-script-support
nixos/amazon-init: add user-data shell script support
2021-05-03 16:01:26 +01:00
Martin Weinelt b208338c36
nixos/tests/pinnwand: use wait_for_open_port instead of direct sockstat call 2021-05-03 16:52:06 +02:00
Martin Weinelt 7b2bc43dba
nixos/tests/pinnwand: add negative-test for the reaper
The reaper, at this point, should not delete a freshly created paste.
2021-05-03 16:52:05 +02:00
Martin Weinelt f1c32c2809
nixos/tests/pinnwand: show systemd-analyze security
Easy way to revisit the hardening setup of the systemd unit.
2021-05-03 16:52:05 +02:00
ajs124 891a83d948 nixosTests.couchdb: clean up 2021-05-03 15:42:36 +02:00
ajs124 29bcaf04cb couchdb2: drop 2021-05-03 15:41:42 +02:00
github-actions[bot] a4c3a2d732
Merge staging-next into staging 2021-05-03 12:26:48 +00:00
Michele Guerini Rocco e5bbb1cf33
Merge pull request #121539 from lukegb/custom-ca-debug
nixos/tests/custom-ca: fix by setting Content-Type
2021-05-03 10:49:57 +02:00
Luke Granger-Brown d922cad4d6
Merge pull request #119172 from midchildan/package/trafficserver
nixos/trafficserver: init
2021-05-03 09:48:07 +01:00
Luke Granger-Brown b942e0f650 nixos/tests/installer: don't break under i686
Currently, the installer tests just hang after the initial install phase
on i686 because qemu just quits because of the gic parameter.

Fix this by doing x86 things for both x86-64 and i686.
2021-05-03 01:44:54 +00:00
github-actions[bot] afe3fd192f
Merge staging-next into staging 2021-05-03 00:53:51 +00:00
Martin Weinelt d67fc76603
Merge pull request #120536 from mweinelt/mosquitto 2021-05-03 00:41:21 +02:00
Martin Weinelt 1dbb60f562
nixos/tests/home-assistant: update maintainership to home-assistant team 2021-05-03 00:21:25 +02:00
Martin Weinelt 8ab7fc1107
nixos/tests/home-assistant: test capability passing
Configures the emulated_hue component and expects CAP_NET_BIND_SERVICE
to be passed in order to be able to bind to 80/tcp.

Also print the systemd security analysis, so we can spot changes more
quickly.
2021-05-03 00:21:25 +02:00
Luke Granger-Brown f2a91ec2b7 nixos/tests/gitdaemon: deflake by using systemd-tmpfiles
git-daemon won't start up if its project directory (here /git) doesn't
exist. If we try to create it using the test harness, then we're racing
whether we manage to connect to the backdoor vs. the startup speed of
git-daemon.

Instead, use systemd-tmpfiles, which is guaranteed(?) to run before
network.target and thus before git-daemon.service starts.
2021-05-02 21:58:43 +00:00
Luke Granger-Brown a6fb22a689 nixos/tests/rspamd: increase memory
rspamd seems to be consuming more memory now sometimes, causing OOMs in
the test.

Increase the memory given to these VMs to make the tests pass more
reliably.
2021-05-02 21:50:17 +00:00
Luke Granger-Brown da000ae239 nixos/tests/custom-ca: fix by setting Content-Type
This test was failing because Firefox was displaying a download prompt
rather than the page content, presumably because mumble mumble
content-type sniffing.

By explicitly setting a content-type, the test now passes.
2021-05-02 21:38:56 +00:00
Serval 2dfa311e56
v2ray: 4.37.3 -> 4.38.3 2021-05-02 19:39:24 +08:00
Michael Weiss c6325c8325
nixos/tests: Replace QEMU_OPTS usages with virtualisation.qemu.options
See [0]: "QEMU_OPTS is something that should be set by people running VM
tests interactively, to do port forwardings etc.
We really should not poke with it from the test script - that's what
virtualisation.qemu.options is for."

[0]: https://github.com/NixOS/nixpkgs/pull/119615#discussion_r624145020

Co-authored-by: Florian Klink <flokli@flokli.de>
2021-05-01 20:20:29 +02:00
Martin Weinelt 33e867620e
nixos/mosquitto: harden systemd unit
It can still network, it can only access the ssl related files if ssl is
enabled.

✗ PrivateNetwork=                                             Service has access to the host's network                                            0.5
✗ RestrictAddressFamilies=~AF_(INET|INET6)                    Service may allocate Internet sockets                                               0.3
✗ DeviceAllow=                                                Service has a device ACL with some special devices                                  0.1
✗ IPAddressDeny=                                              Service does not define an IP address allow list                                    0.2
✗ RootDirectory=/RootImage=                                   Service runs within the host's root directory                                       0.1
✗ RestrictAddressFamilies=~AF_UNIX                            Service may allocate local sockets                                                  0.1

→ Overall exposure level for mosquitto.service: 1.1 OK 🙂
2021-05-01 19:46:48 +02:00
github-actions[bot] ef6416a6ba
Merge staging-next into staging 2021-05-01 00:54:32 +00:00
Martin Weinelt efb30a191e
Merge pull request #120529 from mweinelt/zigbee2mqtt 2021-04-30 21:59:22 +02:00
Florian Klink 44a0debca7
Merge pull request #121021 from pennae/container-sigterm
nixos/nix-containers: use SIGTERM to stop containers
2021-04-30 21:35:16 +02:00
github-actions[bot] 20ebbe6b59
Merge staging-next into staging 2021-04-30 18:26:34 +00:00
Martin Weinelt f1e7183f69
nixos/tests/zigbee2mqtt: relax DevicePolicy and log systemd-analye security 2021-04-30 19:42:26 +02:00
Michael Weiss 28b8cff301
nixos/tests/cage: Fix the test with wlroots 0.13
See #119615 for more details. The aarch64-linux test failed with
"qemu-system-aarch64: Virtio VGA not available" so I've restricted the
test to x86_64-linux (the virtio paravirtualized 3D graphics driver is
likely only available on very few platforms).
2021-04-30 15:57:04 +02:00
pennae 317a2c9f26 nixos/nix-containers: add tests for early/no-machined container stop 2021-04-30 15:43:27 +02:00
github-actions[bot] b4766e97ee
Merge staging-next into staging 2021-04-30 00:52:06 +00:00