1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 15:11:35 +00:00
Commit graph

800 commits

Author SHA1 Message Date
aszlig b3162a1074
nixos/tests: Add common modules for letsencrypt
These modules implement a way to test ACME based on a test instance of
Letsencrypt's Boulder service. The service implementation is in
letsencrypt.nix and the second module (resolver.nix) is a support-module
for the former, but can also be used for tests not involving ACME.

The second module provides a DNS server which hosts a root zone
containing all the zones and /etc/hosts entries (except loopback) in the
entire test network, so this can be very useful for other modules that
need DNS resolution.

Originally, I wrote these modules for the Headcounter deployment, but
I've refactored them a bit to be generally useful to NixOS users. The
original implementation can be found here:

https://github.com/headcounter/deployment/tree/89e7feafb/modules/testing

Quoting parts from the commit message of the initial implementation of
the Letsencrypt module in headcounter/deployment@95dfb31110:

    This module is going to be used for tests where we need to
    impersonate an ACME service such as the one from Letsencrypt within
    VM tests, which is the reason why this module is a bit ugly (I only
    care if it's working not if it's beautiful).

    While the module isn't used anywhere, it will serve as a pluggable
    module for testing whether ACME works properly to fetch certificates
    and also as a replacement for our snakeoil certificate generator.

Also quoting parts of the commit where I have refactored the same module
in headcounter/deployment@85fa481b34:

    Now we have a fully pluggable module which automatically discovers
    in which network it's used via the nodes attribute.

    The test environment of Boulder used "dns-test-srv", which is a fake
    DNS server that's resolving almost everything to 127.0.0.1. On our
    setup this is not useful, so instead we're now running a local BIND
    name server which has a fake root zone and uses the mentioned node
    attribute to automatically discover other zones in the network of
    machines and generate delegations from the root zone to the
    respective zones with the primaryIPAddress of the node.

    ...

    We want to use real letsencrypt.org FQDNs here, so we can't get away
    with the snakeoil test certificates from the upstream project but
    now roll our own.

    This not only has the benefit that we can easily pass the snakeoil
    certificate to other nodes, but we can (and do) also use it for an
    nginx proxy that's now serving HTTPS for the Boulder web front end.

The Headcounter deployment tests are simulating a production scenario
with real IPs and nameservers so it won't need to rely on
networking.extraHost. However in this implementation we don't
necessarily want to do that, so I've added auto-discovery of
networking.extraHosts in the resolver module.

Another change here is that the letsencrypt module now falls back to
using a local resolver, the Headcounter implementation on the other hand
always required to add an extra test node which serves as a resolver.

I could have squashed both modules into the final ACME test, but that
would make it not very reusable, so that's the main reason why I put
these modules in tests/common.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:33 +02:00
Tim Steinbach 84e34d4d5d
tests: xmonad less dependent on timings 2017-09-09 10:07:34 -04:00
Tim Steinbach 024b501907
tests: Fix hibernate 2017-09-06 22:01:48 -04:00
Tim Steinbach 7faad2dce8 Merge pull request #29040 from NeQuissimus/tests_sys
More basic system tests
2017-09-06 15:04:10 -04:00
Tim Steinbach a54b2e3ba2 Merge pull request #29002 from NeQuissimus/docker_edge_module_test
docker: Package in module, tests
2017-09-06 15:03:56 -04:00
Tim Steinbach 0857e4c84d Merge pull request #28989 from NeQuissimus/tests_xmonad
Add XMonad test
2017-09-06 15:03:41 -04:00
Tim Steinbach b4ccef2163
tests: Add environment 2017-09-05 19:05:37 -04:00
Tim Steinbach 3e2975e892
tests: Add kernelParams 2017-09-05 19:04:43 -04:00
Tim Steinbach 04b0f3255f
tests: Add sysctl 2017-09-05 19:03:54 -04:00
Franz Pletz 1bed4773f5
postgresql92: remove last references 2017-09-05 18:20:56 +02:00
Jörg Thalheim 3558ed8bfd Merge pull request #28988 from NeQuissimus/tests_kernel_basic
Add basic kernel tests
2017-09-05 16:38:50 +01:00
Tim Steinbach 656ec9de0e
Add basic kernel tests 2017-09-05 10:38:07 -04:00
Tim Steinbach 380ed98bd7
docker: Add test for docker-edge, check for proper versions in tests 2017-09-04 19:02:44 -04:00
Michele Catalano 4ea1d49643 nexus: Add module for nexus.
Add also myself as maintainer
Add simple test of the nexus service
2017-09-04 22:32:02 +02:00
Tim Steinbach e153fa84a5
Add XMonad test 2017-09-04 14:03:20 -04:00
Philipp Steinpass d784b83005 nixos/hydra postgresql: Fix #27314 and add test case 2017-09-02 23:07:42 +02:00
Jan Tojnar 3b9f0c6a46
gnome3 tests: fix by providing more memory
/cc #28053.
2017-09-01 07:51:05 +02:00
Vladimír Čunát 6b95cf646c
Merge: fixups to staging merge
None are large rebuilds; most are on staging already.
2017-08-30 21:17:17 +02:00
Franz Pletz e3a8f58a21 Merge pull request #28746 from mguentner/ipfstest
tests: fix ipfs test, test actual networking functionality
2017-08-30 18:50:40 +02:00
Maximilian Güntner a1302eab3a
tests: fix ipfs test, test actual networking functionality 2017-08-30 15:28:50 +02:00
Franz Pletz 7d1d019650 Merge pull request #27826 from Infinisil/radicale
radicale: update to version 2
2017-08-30 02:17:34 +02:00
Franz Pletz 3e18f32f68 Merge pull request #28465 from danbst/reloadable-containers
Reloadable containers
2017-08-30 02:01:46 +02:00
Vladimír Čunát dc93744273
rogue: omit from the installation media
At least for now.  It would increase the ISO size by ~10 MB,
after the fixup in the parent commit.
2017-08-29 16:15:15 +02:00
Tuomas Tynkkynen b471e125c2 nixos/tests/installer: Add stdenvNoCC to extraDependencies
The installer tests are failing after 505e94256e
due to `nixos-rebuild switch` in the installed system trying to build
stdenvNoCC.

Seems that previously, stdenvNoCC wasn't in the installed
system either, but all the direct dependencies for the build were
(I don't really understand why, for that matter), so the building
actually went fine and everything worked.

But now gcc is also a direct build dependency due to allowedRequisites
containing gcc (even though it doesn't become a runtime dependency)
which doesn't get to the installed system.

All in all, let's ensure stdenvNoCC actually gets to the installed
system. It's after all necessary in almost any NixOS config build.
2017-08-24 02:07:56 +03:00
danbst 63f8122cd9 nixos tests: add test for declarative containers, that container config changes
are applied on `nixos-rebuild switch` invocations.
2017-08-23 12:43:07 +03:00
Tuomas Tynkkynen 0488cb1802 tests/installer: Rename simpleUefiGummiboot -> simpleUefiSystemdBoot
It hasn't been called Gummiboot for ages.
2017-08-19 08:46:48 +02:00
Silvan Mosberger e16a0988bc
radicale: 1.1.4 -> 2.1.2
This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which
also includes the needed command for migrating to 2.x

The module is adjusted to the version change, defaulting to radicale2 if
stateVersion >= 17.09 and radicale1 otherwise. It also now uses
ExecStart instead of the script service attribute. Some missing dots at
the end of sentences were also added.

I added a paragraph in the release notes on how to update to a newer
version.
2017-08-13 17:23:43 +02:00
Franz Pletz 59fa868b01
tests.plasma5: fix hash 2017-08-12 00:55:32 +02:00
Robin Gloster 350a6c3726
tests.plasma5: fix eval 2017-08-11 21:53:17 +02:00
Franz Pletz 9f7f85a3cd
nixos/tests/nginx: fix name 2017-08-11 17:37:14 +02:00
Robin Gloster b18b70c74d
nixos.tests.nat: fix 2017-08-04 17:52:42 +02:00
Markus Mueller 1793c96be2
tests/nat: Use switch-to-configuration in test case 2017-08-03 21:16:14 +02:00
Linus Heckemann a0d464033c nixos/timezone: support imperative timezone configuration (#26608)
Fixes #26469.
2017-07-31 15:55:24 +01:00
Frederik Rietdijk 29f91c107f Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-23 11:23:43 +02:00
Thomas Tuegel 4b14212914
nixos/tests/keymap: use SLIM theme from nixos/tests/slim 2017-07-22 17:43:28 -05:00
Franz Pletz 226964861f Merge pull request #27405 from rvl/postgresql-xml
postgresql: fix nixos tests and add xml support
2017-07-20 20:31:38 +02:00
Rodney Lorrimar 0b027720af nixos tests: run postgresql tests with postgres user 2017-07-19 22:13:02 +01:00
aszlig b618843860
nixos/taskserver: Fix manual PKI management
The helper tool had a very early check whether the automatically created
CA key/cert are available and thus it would abort if the key was
unavailable even though we don't need or even want to have the CA key.

Unfortunately our NixOS test didn't catch this, because it was just
switching from a configuration with an automatically created CA to a
manual configuration without deleting the generated keys and certs.

This is done now in the tests and it's also fixed in the helper tool.

Reported-by: @jpotier
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-16 20:38:15 +02:00
Christian Kögler e8a8f1233a snapper: add nixos module
fixes #27154
2017-07-16 10:06:42 +01:00
Rodney Lorrimar 502a272ee7 postgresql: enable XML functions
I suspect these functions aren't widely used, but they are enabled in
PostgreSQL on Ubuntu and Arch.
2017-07-15 14:58:17 +01:00
Rodney Lorrimar 39ef4d2fe9 nixos tests: fix postgresql tests
1. Needs to call makeTest or else nothing happens when you run
   `nix-build nixos/tests/postgresql.nix`.

2. Tests run as root, so there needs to be a corresponding user in
   PostgreSQL.
2017-07-15 14:54:42 +01:00
Vladimír Čunát 0be14a588f
nixos tests.misc: unblock a man-page test
I'm not sure what's wrong, but the pages look OK.  Discussion:
https://github.com/NixOS/nixpkgs/pull/27061#issuecomment-314330032
2017-07-11 08:55:55 +02:00
Pascal Bach 0fb8456b13 minio service: add additional config options
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Tim Steinbach fbbf926ce9
ammonite: add test 2017-07-04 21:36:30 -04:00
Graham Christensen b0a4c2c33f
nixos: installer.nix test: test ZFS install use case 2017-06-28 19:45:20 -04:00
Pascal Bach aa66c9ad37 minio service: add inital service
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
aszlig bcaf2f6dbe
nixos/tests/sddm: Fix detecting login screen
Tesseract seems to have a hard time detecting the "ALICE FOOBAR" text,
so let's match on "Select your user and enter password" instead.

Ran the test on x86_64-linux and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 06:26:08 +02:00
Joachim F 631ec734eb Merge pull request #26460 from romildo/fix.nixos-artwork
nixos-artwork: add more wallpapers
2017-06-13 23:20:52 +01:00
Bas van Dijk 2444eab485 ELK: update kibana and the elastic beats to 5.4 (#26252)
* Add kibana5 and logstash5
* Upgrade the elastic beats to 5.4
* Make sure all elastic products use the same version
  (see elk5Version)
* Add a test for the ELK stack
2017-06-13 22:36:08 +02:00
romildo aa8018103c nixos-artwork: add more wallpapers
Restructure the nixos-artwork to make it easy to selectively
incorporate other components from upstream without needing to download
the full package.

Until now only the Gnome_Dark wallpaper was included. Add other
wallpapers available in the package repository.
2017-06-07 18:00:58 -03:00
Graham Christensen 225a230716 Merge pull request #23173 from nlewo/test/cloudinit
Cloudinit test
2017-06-05 18:34:06 -04:00
montag451 f0ca6f9290 nixos/tests: add tests for the LDAP stack 2017-05-27 02:51:46 +02:00
Vladimír Čunát bba5b1c434
plasma5 tests: fix by using older fontconfig-penultimate
enable = false; didn't help, but downgrading did.  It's a mystery to me.
Discussion: https://github.com/NixOS/nixpkgs/commit/c9f8fb4d127a
2017-05-24 14:56:43 +02:00
Antoine Eiche 7b80f4c344 nixos/cloudinit: add cloudinit test
An iso containing metadatas is created and attached as a cdrom to the
qemu VM used for this test.

The cloudinit service is enabled. The test case ensures the root
authorized_keys file is populated and the cloudinit write_file module is
working well.
2017-05-23 20:51:05 +02:00
Joachim Fasting 252dcd62f3
OVMF: separate output for ovmf binaries
OVMF{,CODE,VARS}.fd are now available in a dedicated fd output, greatly
reducing the closure in the common case where only those files are used (a
few MBs versus several hundred MBs for the full OVMF).

Note: it's unclear why `dontPatchELF` is now necessary for the build to
pass (on my end, at any rate) but it doesn't make much sense to run this
fixup anyway,

Note: my reading of xen's INSTALL suggests that --with-system-ovmf should
point directly to the OVMF binary.  As such, the previous invocation was
incorrect (it pointed to the root of the OVMF tree).  In any case, I have
only built xen with `--with-system-ovmf`, I have not tested it.

Fixes https://github.com/NixOS/nixpkgs/issues/25854
Closes https://github.com/NixOS/nixpkgs/pull/25855
2017-05-20 12:33:48 +02:00
Frederik Rietdijk 9e48fc3268 Merge pull request #24131 from nand0p/buildbot-0.9.5
buildbot: 0.9.4 -> 0.9.5
2017-05-03 07:56:29 +02:00
Michael Raskin 1c8d388201 Merge pull request #23865 from volth/xrdp-tests
xrdp: init at 0.9.2
2017-04-30 22:35:48 +02:00
Michael Raskin 929ae39dbe Merge pull request #22683 from aneeshusa/add-nixos-test-for-radicale
Add nixos test for radicale
2017-04-30 18:51:46 +02:00
Joachim Fasting a1678269f9
nixos/hardened profile: disable user namespaces at runtime 2017-04-30 15:17:27 +02:00
Joachim Fasting ffa83edf4a
nixos/tests: add tests for exercising various hardening features
This test exercises the linux_hardened kernel along with the various
hardening features (enabled via the hardened profile).

Move hidepid test from misc, so that misc can go back to testing a vanilla
configuration.
2017-04-30 12:05:42 +02:00
Joachim Fasting ab4fa1cce4
tree-wide: prune some dead grsec leaves
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
volth dad760061e xrdp: init at 0.9.1 2017-04-29 17:23:35 +00:00
Graham Christensen 5dd731b801
mysql test: test replication persists between slave stop / start cycle 2017-04-25 18:51:49 -04:00
Graham Christensen da0ef84c0c
mysql test: use OpenPort check over blind sleep 2017-04-25 18:51:46 -04:00
aszlig dc87b5587e
nixos: Add a VM test for the SLiM display manager
This is currently our default display manager, so I'm adding this to the
"tested" job as well to ensure we don't ship broken revisions where X is
most likely not working.

The test uses a custom SLiM theme that's specifically tailored for good
OCR results (mainly white background and black fonts without anything
else), because our default NixOS theme has a very small contrast between
background and fonts in some places.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-04-23 19:25:27 +02:00
Joachim Fasting 1b3300bf01
nixos/tests/misc: check hidepid mount via /proc/mounts 2017-04-23 11:00:46 +02:00
Fernando J Pando 4ac06ea6a1 buildbot: 0.9.4 -> 0.9.5
- adds distro dependency
- buildbot nodaemon in service module
- fakerepo for module tests
- service module parameter fixup
- tested on nixos
- tested on darwin
2017-04-21 10:32:36 -04:00
Dan Peebles d990aa7163 Refactor nixos-install to separate out filesystem build logic
The key distinction I'm drawing is that there's a component that deals
with the store of the machine being built, and another component for
the store building it. The inner part of it assumes nothing from the
builder (doesn't need chroot or root powers) so it can run comfortably
inside a Nix build, as well as nixos-rebuild. I have some upcoming work
that will use that to significantly speed up and streamline image builds
for NixOS, especially on virtualized hosts like EC2, but it's also a
reasonable speedup on native hosts.
2017-04-16 16:09:41 +00:00
aszlig 5d5c0d590f
Revert "sddm: Fix test."
This reverts commit 0a6a06346a.

The commit replaced the text to search for from ALICE to BOB, because
our OCR detection only caught "BOB FOOBAR" but missed "ALICE FOOBAR"
completely.

With the improvements to our OCR system this no longer is the case and
the test passes successfully with this reverted.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @shlevy
2017-04-11 03:21:58 +02:00
Aneesh Agrawal 8f4d778509 radicale: Add aneeshusa as maintainer 2017-04-10 20:04:17 -04:00
Aneesh Agrawal a3143b18e0 radicale: Also run NixOS test on Python 3 2017-04-10 20:04:17 -04:00
Aneesh Agrawal 189479a4ba radicale: Add NixOS test with Python 2
Includes testing bcrypt authentication.
2017-04-10 20:04:17 -04:00
Tomasz Czyż e57cf5efd1 Merge branch 'master' into postgresql-tests 2017-04-07 10:28:58 +01:00
Shea Levy 0a6a06346a sddm: Fix test.
For whatever reason, the OCR code is not detecting ALICE but is BOB.

OCR output from login screen (blank lines omitted):

> Session none + icewm
> 08:41 <
> Thursday, April 6, 2017
> BOB FOOBAR
> Select your user and enter password
2017-04-06 04:44:47 -04:00
Graham Christensen c7453084ef
docker: test for socket permissions 2017-04-03 09:05:41 -04:00
Tuomas Tynkkynen affce1e246 nixos hibernate test: Use waitForOpenPort
There was one confusing recent failure of this:

http://cache.nixos.org/log/myla8bc17j8spmifdxmrz9jswxwsf5w6-vm-test-run-hibernate.drv

I don't have any real ideas on what could cause the problem but there is
at least one theoretical one: the system starts hibernating before the
listener process manages to open the TCP port for listening, and it can't
open it after resuming because not enough pages from the netcat binary
have been paged in (and as the 9p filesystem holding it is now toast,
they can't be loaded anymore).
2017-04-02 02:33:21 +03:00
Robin Gloster ce953d0bc9
panomatic: remove 2017-03-30 16:23:33 +02:00
Joachim Fasting 543f5263d2
nixos/dnscrypt-proxy test: exercise plugin loading 2017-03-30 13:36:06 +02:00
aszlig ee39d4b98a
nixos/tests/virtualbox: Fix @shell@ expansion
This has surfaced since f803270b7e.

The commit bumped bash to version 4.4, which caused to change the order
of --subst-var flags in substituteAll, which this test was relying on,
because it added a @shell@ to boot.initrd.postMountCommands.

Our substituter is currently working a bit like this:

original.replace('@var1@', 'val1').replace('@var2@', 'val2')...

Unfortunately, this means that if @var2@ occurs within @var1@ it is
replaced by the new value, so the order of the substvars actually
matter. I highly doubt that we want a behaviour like this and I'm
wondering why it didn't occur to me as a problem while writing the
initial implementation of the VirtualBox tests.

Whether to get rid of this and disallowing substitution of substvars
within substvars is another topic which I think needs discussion in a
different place.

As for now, I'm using stdenv.shell, because the closure size of this
should fit within the initrd, so it's fine especially because it's just
a test.

Tested with the net-hostonlyif and systemd-detect-virt tests and they
both succeed with this change.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: @globin on IRC
2017-03-27 04:53:17 +02:00
Arnold Krille 68729958e8
network-interfaces: reload bridges on conf changes
And adopt the tests to add an interface and remove it again.

It should work when deactivating rstp, it will not work when activating
rstp for the first bridge as then the userspace daemon is not yet
available. But once one bridge is active with stp, it should work with
the reload for any further bridge.

Fixes #21745. Also see #22547.
2017-03-26 18:47:43 +02:00
Thomas Tuegel 352e335f3d
nixos/sddm: test automatic and manual login 2017-03-24 10:39:13 -05:00
Thomas Tuegel 27ba56f1e0
nixos/plasma5: also test SDDM theme 2017-03-24 09:45:57 -05:00
Thomas Tuegel ae1034ea96
nixos/sddm: improve test
Disable SDDM auto-login to improve testing for SDDM themes. See #24246.
2017-03-23 19:20:27 -05:00
Jörg Thalheim b4169bb8dd
munin: fix tests by replacing cron with systemd timer 2017-03-22 00:16:36 +01:00
Franz Pletz fff8cc79df Merge pull request #23279 from mbbx6spp/make-nginx-module-less-gross
nginx service: add commonHttpConfig option
2017-03-20 19:03:20 +01:00
Michael Raskin 14a3412048 nixos: tests: firefox: make more comprehensive
Run Firefox inside an XTerm, it doesn't crash mysteriously this way.
Also try opening developer tools and checking that Firefox doesn't
crash in the process.
2017-03-15 17:25:57 +01:00
Bas van Dijk 308c09d41f wordpress: security upgrade: 4.7.2 -> 4.7.3 & other improvements (#23837)
* Moved the wordpress sources derivation to the attribute pkgs.wordpress. This
  makes it easier to override.

* Also introduce the `package` option for the wordpress virtual host config which
  defaults to pkgs.wordpress.

* Also fixed the test in nixos/tests/wordpress.nix.
2017-03-14 16:11:51 +01:00
Jörg Thalheim 41625dcab6
pump.io: fix tests
fixes #23568
2017-03-12 16:01:07 +01:00
Profpatsch 22c265182f networking/bonds: fix examples
After the change of the bonding options, the examples were not quite correct.
The diff is over-the top because the new `let` needs everything indented.

Also add a small docstring to the `networkd` attr in the networking test.
2017-03-08 04:54:17 +01:00
Fernando J Pando 9f062c2c0b buildbot: 0.9.3 -> 0.9.4
- adds jwt
- adds module tests
- master.cfg as path in module
- fix systemd worker config
- builds on darwin
- tested on nixos
2017-03-07 00:45:37 +01:00
Joachim Schiele f8ad48ea1d nixos/tests/leaps.nix: fixed race condition 2017-03-06 21:33:21 +01:00
Thomas Tuegel 60817e4715
nixos/tests/trac: fix renaming warning 2017-03-03 07:26:51 -06:00
Thomas Tuegel e7b0b2bb66
nixos/tests/phabricator: fix renaming warning 2017-03-03 07:26:17 -06:00
Thomas Tuegel dcee54c935
nixos/tests/plasma5: fix test name 2017-03-03 07:25:45 -06:00
Thomas Tuegel 0da421ce17
nixos/tests: fix Plasma 5 test 2017-03-02 07:01:42 -06:00
Nikolay Amiantov a6c6d08430 samba test: fix race condition 2017-03-01 03:16:35 +03:00
Susan Potter 251b9ca0e7
nginx service: add commonHttpConfig option 2017-02-28 09:36:56 -06:00
Dan Peebles 6018cf4a69 amazon-init.service: fix starting services at startup
We now make it happen later in the boot process so that multi-user
has already activated, so as to not run afoul of the logic in
switch-to-configuration.pl. It's not my favorite solution, but at
least it works. Also added a check to the VM test to catch the failure
so we don't break in future.

Fixes #23121
2017-02-27 16:51:36 +00:00
Tomasz Czyż 0b27c74eb2 pgjwt: init at 0.0.1 (#22644) 2017-02-26 11:14:32 +01:00
Jörg Thalheim 5b14e91717 Merge pull request #22822 from Mic92/iputils
iputils: 20151218 -> 20161105
2017-02-22 00:37:13 +01:00
Tomasz Czyż ab22a08039 test all postgresql versions, test server restart (#1735) 2017-02-21 22:48:39 +00:00
aszlig 5af8b120a6
nixos/tests/taskserver: Add test for manual config
This subtest actually serves two purposes:

  1. Test manual PKI configuration
  2. Test changing of configuration files

In order to only test manual PKI configuration it would have been enough
to just add another server with a manual config.

But as the switch from automatic PKI config to manual config is probably
one of the most fundamental changes in configuration, so it serves
*very* well to also check whether changes in the NixOS configuration
actually have an impact in the real system.

So instead of adding another server, we now create a dummy "newServer"
machine, which is the new configuration for "server" and use
switch-to-configuration to switch "server" to the config of "newServer".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-02-17 19:46:01 +01:00
Jörg Thalheim fd78ff23f7
replace ping6 with ping
reason: after the upgrade of iputils from 20151218 to 20161105
functionality of ping6 and tracepath6 was merged into ping and tracepath.

Ping is now mostly a drop-in replacment for ping6, except that selecting a
specific interface is done by encoding it into the address (ex.: fe80::1%eth0)
rather then specifing it with the `-I` flag.
2017-02-17 16:04:49 +01:00
Profpatsch 9debdaf512 networking.bonds: add support for arbitrary driverOptions
Until now the four attributes available very selectively provided a small
subset, while copying upstream documentation.

We make driver options an arbitrary key-value set and point to kernel
documentation, which is always up-to-date. This way every option can be set.
The four already existing options are deprecated with a warning.
2017-02-16 21:24:40 +01:00
Ian-Woo Kim b7a24e0a2b nixos-container: added test for port forwarding ( nixos/tests/containers-portforward.nix ) 2017-02-15 05:12:46 +01:00
Parnell Springmeyer 9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Graham Christensen 96d767de62
pam_oath: require OATH and pam_unix credentials to be valid 2017-02-12 18:27:11 -05:00
Graham Christensen 3cec7d10df
kdm: drop service 2017-02-11 13:55:09 -05:00
Graham Christensen b12564cc1b
nixos: update default cases from KDM/KDE4 to SDDM/KDE5 2017-02-09 21:52:00 -05:00
Joachim Fasting 28b5cc7dca
grsecurity test: adapt to changes in tinycc outputs 2017-02-09 16:23:04 +01:00
aszlig cd10e3c4ff
nixos/tests/chromium: Run tests as normal user
The tests have failed because Chromium has started up displaying the
following error message in a dialog window:

  Chromium can not be run as root.

  Please start Chromium as a normal user. If you need to run as root for
  development, rerun with the --no-sandbox flag.

So let's run as user "alice" and pass all commands using the small
helper function "ru" (to keep it short, it's for "Run as User").

Tested it by running the "stable" test on x86_64-linux.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: @globin
2017-02-07 07:36:56 +01:00
Nikolay Amiantov 6812c7001c nfs tests: fix nfs server unit name 2017-02-05 12:41:21 +03:00
Damien Cassou 58dc8e3024
Remove myself from maintainers 2017-01-31 11:00:14 +01:00
Parnell Springmeyer 4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer 025555d7f1
More fixes and improvements 2017-01-26 00:05:40 -08:00
Robin Gloster 5de731c853
tests.bittorrent: use a file instead of a directory
nixUnstable.src is a directory, which made cp fail without -r
2017-01-26 02:44:05 +01:00
Robin Gloster b79fa22b7a
tests.installer: rely on swap.target in tests
fixes #5258
2017-01-25 17:00:13 +01:00
Franz Pletz 2d9152d509
nixos/tests/nat: add test for conntrack helper autoloading 2017-01-25 01:14:05 +01:00
Franz Pletz 8322a12ef2
firewall: disable conntrack helper autoloading by default
This was disabled in the Linux kernel since 4.7 and poses a security risk
if not configured properly.

https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=486dcf43da7815baa615822f3e46883ccca5400f
2017-01-25 01:14:04 +01:00
Charles Strahan d298a961f1 Merge pull request #21416 from cstrahan/mesos-1.1.0
mesos: 1.0.1 -> 1.1.0
2017-01-21 19:05:18 -05:00
Nikolay Amiantov 70a6628848 Merge pull request #21882 from abbradar/dhcp6
DHCPv6 improvements
2017-01-15 19:53:33 +03:00
Nikolay Amiantov 86755d923b networking test: test IPv6 with RA and DHCPv6 2017-01-15 19:53:17 +03:00
Maarten Hoogendoorn 9f892de069 kubernetes vm test: make dig and netcat available
Dig could not be found in the test cases. Adding it as a global package
fixes this.
2017-01-15 13:28:16 +01:00
Antoine Eiche 165089f9d7 nixos/glance: add test
The test starts the glance service, creates a nixos image and ensures Glance
list it.

Note the test also starts the Keystone service since it is required
by Glance.
2016-12-31 09:36:57 +01:00
Charles Strahan 7ebcada020
mesos: 1.0.1 -> 1.1.0 2016-12-29 20:09:46 -05:00
Graham Christensen bf659128a0
openssh: test that startWhenNeeded works 2016-12-29 17:04:52 -05:00
Eelco Dolstra bb0ce819b3
nixos/tests/gnome3.nix: Speed up test
It turns out that "journalctl -f | grep -m 1 pattern" will block for
one more line after "pattern" appears, which can take a long time.
2016-12-29 16:23:31 +01:00
Jörg Thalheim c23032a8b1 docker: update service units from upstream
All the new options in detail:

Enable docker in multi-user.target make container created with restart=always
to start. We still want socket activation as it decouples dependencies between
the existing of /var/run/docker.sock and the docker daemon. This means that
services can rely on the availability of this socket. Fixes #11478 #21303

  wantedBy = ["multi-user.target"];

This allows us to remove the postStart hack, as docker reports on its own when
it is ready.

  Type=notify

The following will set unset some limits because overhead in kernel's ressource
accounting was observed. Note that these limit only apply to containerd.
Containers will have their own limit set.

  LimitNPROC=infinity
  LimitCORE=infinity
  TasksMax=infinity

Upgrades may require schema migrations. This can delay the startup of dockerd.

  TimeoutStartSec=0

Allows docker to create its own cgroup subhierarchy to apply ressource limits on
containers.

  Delegate=true

When dockerd is killed, container should be not affected to allow
`live restore` to work.

  KillMode=process
2016-12-23 21:39:38 +01:00
Eelco Dolstra 2c03037450
Work around slowness in the KDE 5 test
The use of unionfs-fuse (57a0f14064)
slows down the KDE 5 test enough that it hits Hydra timeouts. (E.g. on
my laptop it went from ~5 min to ~30 min.) So disable it for the KDE
test.

http://hydra.nixos.org/build/45127422
(cherry picked from commit 3fcbcf2556)
2016-12-21 19:30:35 -05:00
Bjørn Forsman 3fb785b0ad nixos: unbreak prometheus test
target_groups was renamed to static_configs in d459916504
("prometheus service: rename values to match prometheus 1.0 naming.").
Catch up.
2016-12-20 23:26:51 +01:00
aszlig 02a9da65c9
nixos: Disable OCR for tests that do not use it
Found out during testing of the Tesseract upgrade the kde5 and sddm
tests don't actually use OCR, so let's disable support for it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @ttuegel
2016-12-19 22:25:42 +01:00
Antoine Eiche 086e5d09a1 nixos/keystone: add test in release.nix 2016-12-16 20:53:32 +01:00
Antoine Eiche a932f68d9c nixos/keystone: secrets can be read from files
A secret can be stored in a file. It is written at runtime in the
configuration file.
Note it is also possible to write them in the nix store for dev
purposes.
2016-12-16 20:53:32 +01:00
Antoine Eiche 415c9ff90b nixos/keystone: init at liberty version
This commit introduces a nixos module for the Openstack Keystone
service. It also provides a optional bootstrap step that creates some
basic initial resources (tenants, endpoints,...).

The provided test starts Keystone by enabling bootstrapping and checks
if user creation works well.

This commit is based on initial works made by domenkozar.
2016-12-16 20:53:32 +01:00
Joachim Fasting 64a64c6b14
grsecurity test: refactoring 2016-12-13 15:12:11 +01:00
montag451 ea5551b551 containers: fix broken /etc/hosts entries when localAddress contains a netmask 2016-12-12 09:20:28 +01:00
montag451 4889c271ca Add macvlan support for declarative containers 2016-12-12 07:34:28 +01:00
Franz Pletz 69bee1b361 Merge pull request #20770 from mguentner/more_ipfs
services: IPFS: add test and more config parameters
2016-12-04 01:46:09 +01:00
Graham Christensen d5cb4d8734
ecryptfs test: use TTY output to stabilize test 2016-12-02 19:36:27 -05:00
Graham Christensen b28d21fd50 Merge pull request #20808 from grahamc/fancy-test-tty
login test: Create and use direct reads of the TTY contents.
2016-11-30 11:27:49 -05:00
Graham Christensen cb74fd75d7
login test: Create and use direct reads of the TTY contents. 2016-11-30 00:17:18 -05:00
Maximilian Güntner f7c099bd8c
tests: added basic ipfs test
$getter can be used once ipfs supports private/local networks
and or internet gets routed to the VMs

Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-11-28 15:33:58 +01:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Jaka Hudoklin 3b500d37f5 Merge pull request #19023 from offlinehacker/kube-update
WIP: kubernetes update package and module
2016-11-24 23:10:01 +01:00
Frederik Rietdijk 25a9889f0e blivet test: use python2 2016-11-24 22:28:03 +01:00
Christian Kampka 35ecef2c6d containers module: Add tmpfs options (#20557)
Allows one or more directories to be mounted as a read-only file system.

This makes it convenient to run volatile containers that do not retain
application state.
2016-11-22 02:11:33 +01:00
Jaka Hudoklin 5bc7ae7adb kubernetes module: support for kubernetes 1.4 2016-11-17 02:46:31 +01:00
Joachim Fasting 999ac3056d
cjdns test: fix typo
Noticed by @vcunat
daf3ba426b (commitcomment-19820962)
2016-11-15 01:57:30 +01:00
Joachim Fasting f059c7f754
Revert "cjdns test: exercise host builder logic"
This reverts commit daf3ba426b.

This is an alternative to 0ba3d429a7,
which disables the test outright.  Briefly, exercising builders which
rely on import-from-derivation can cause Hydra jobsets to time out.
2016-11-12 13:09:17 +01:00
aszlig 4e7eb75a79
nixos/tests/chromium: Fix popup detection
Sometimes it happens that the "Type to search or enter a URL to
navigate" popup doesn't show, but all we need to know at this time is
whether Chromium has finished starting up.

So checking for the "startup done" page is a better option here.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-09 09:41:10 +01:00
Joachim Schiele 47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Joachim F 32715b8314 Merge pull request #17445 from joachifm/dnscrypt-proxy-update-list
dnscrypt-proxy service: auto-updated resolver list
2016-11-05 18:23:48 +01:00
Joachim Fasting 806e652e51
dnscrypt-proxy test: simplification 2016-11-05 17:45:02 +01:00
Joachim Fasting daf3ba426b
cjdns test: exercise host builder logic 2016-11-04 13:45:04 +01:00
Tim Steinbach 04b22dd935 Merge pull request #19982 from sternenseemann/netcat
Make netcat-openbsd the default netcat
2016-11-02 19:44:29 -04:00
Bjørn Forsman 2f8ac21e1b nixos: remove test-config-examples.sh (obsolete)
This file has been non-functional for over two years, since
commit f002a27a80 ("Remove obsolete directory") removed
.../doc/config-examples/.
2016-11-02 22:46:19 +01:00
sternenseemann e2372502d3 netcat: make netcat-openbsd the default netcat (#19411)
The motivation for this change is the following: As gnu-netcat,
e. g. does not support ipv6, it is not suitable as default netcat.

This commit also fixes all obvious build issues caused by this change.
2016-10-30 15:06:04 +01:00
Alexander Ried bb8b48c794 mpich: remove unused test 2016-10-29 07:33:28 +02:00
Joachim Fasting c86fe2224e virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
The test complains[1][2] that

   Failed to start message bus: Failed to bind socket "/run/dbus/system_bus_socket": No such file or directory

In 639e5401ff, the dbus socket dir is set
to `/run/dbus`; in the test vm `/var/run/dbus` is used, but the standard
`/run -> /var/run` link is typically not created until stage 2 init, not
in the minimal init used here.  Thus, dbus fails to run within the test
environment .  Fix by changing `/var/run/dbus` to simply `/run/dbus`.

[1]: https://hydra.nixos.org/build/42534725
[2]: https://hydra.nixos.org/build/42523834
2016-10-26 03:00:54 +02:00
Graham Christensen 6c7a605714
hound: init module 2016-10-15 13:54:59 -04:00
Robin Gloster dabcd7d4c8 dockerRegistry module: re-init with new underlying software 2016-10-12 14:05:09 +02:00
Joachim F 1997761725 Merge pull request #19367 from cransom/smokeping-fix
smokeping module: fix missing js, broken alerts
2016-10-10 16:06:39 +02:00
Jörg Thalheim 89e4d72fc8 Merge pull request #19128 from kampfschlaefer/fix_device_wait_in_containers
Fix device wait in containers
2016-10-10 11:40:31 +02:00
aszlig aeec1bc5c8
tests/boot-stage1: Use runCommandCC for kcanary
Since 97bfc2fac9, runCommand doesn't
include a compiler anymore. So let's switch to the new runCommandCC,
which resembles the old state.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-09 14:15:19 +02:00
Casey Ransom 74558c88fb smokeping module: fix missing js, broken alerts
The initial commit accidentally left in some commented code and if you were
using alerts, they simply didn't work.

Smokeping also includes some JS code for the webui allowing you to zoom into
graphs and it was not passed into the homedir. Additionally, generate
static html pages for other webservers to serve the cache directory.

Add additional options to specify sendmail path or mailhost and verify that both
are not set.

Add one extra config hook that allows you to bypass all of the invidual config
stanzas and just hand it a string.
2016-10-08 20:52:45 -04:00
Arnold Krille cc91f274e0 containers: Improve device dependency tracking
Now the tracking works with aggregated devices on aggregated devices.

So container with physical device where the device is put in a bond
which is the basis for a bridge is now handled correctly.
2016-10-08 22:28:49 +02:00
Arnold Krille f0492bd53c containers: Do not wait for udev for network devices
Test that adding physical devices to containers works, find that network setup
then doesn't work because there is no udev in the container to tell systemd
that the device is present.
Fixed by not depending on the device in the container.

Activate the new container test for release

Bonds, bridges and other network devices need the underlying not as
dependency when used inside the container. Because the device is already
there.

But the address configuration needs the aggregated device itself.
2016-10-08 22:09:22 +02:00
Jörg Thalheim 888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash
help2man: fix hash
2016-10-03 19:26:44 +02:00
Joachim F 0906a0f197 Merge pull request #18491 from groxxda/network-interfaces
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Tuomas Tynkkynen 19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Jörg Thalheim 0334b75e12
logstash: fix test
embedded elasticsearch was removed: https://www.elastic.co/blog/logstash-1-4-3-released
2016-10-01 23:18:24 +02:00
Jaka Hudoklin 98a8146428 Merge pull request #19016 from offlinehacker/pkgs/flannel/update/0.6.2
flannel: update, add nixos module, add tests
2016-10-01 17:22:34 +02:00
Jaka Hudoklin feb9fc3aff flannel service: init 2016-10-01 17:08:48 +02:00
Eelco Dolstra 328c2f0081 Add a simple test for Samba 2016-09-30 21:24:18 +02:00
Eelco Dolstra 97bfc2fac9 runCommand: Use stdenvNoCC
This ensures that most "trivial" derivations used to build NixOS
configurations no longer depend on GCC. For commands that do invoke
gcc, there is runCommandCC.
2016-09-29 13:06:43 +02:00
Graham Christensen 4671806183
wordpress: 4.3.1 -> 4.6.1 + add a test 2016-09-26 19:36:07 -04:00
Domen Kožar 30e35d1218 Merge pull request #18622 from rvl/mongodb-test-default-i686
mongodb service: Add test case and fix default storage engine on i686
2016-09-21 14:19:45 +02:00
Domen Kožar 001d314e87 Merge pull request #18574 from ericsagnes/feat/mongodb
MongoDB service: switch configuration format to YAML
2016-09-21 14:19:17 +02:00
Thomas Tuegel d7d74a1922
nixos/tests/kde5: fix test name 2016-09-20 14:53:36 -05:00
Eric Sagnes 9132088dab pump.io test: adapt mongodb extraConf to YAML 2016-09-18 09:30:04 +09:00
Rodney Lorrimar 795a6e7610 mongodb service: add test case 2016-09-17 10:47:36 +01:00
Eric Sagnes 2d2c311304 cadvisor test: fix (#18671)
* influxdb module: add postStart

* cadvisor module: increase TimeoutStartSec

Under high load, the cadvisor module can take longer than the default 90
seconds to start. This change should hopefully fix the test on Hydra.
2016-09-16 22:06:16 +02:00
Eric Sagnes db387a6f0d cadvisor: fix test 2016-09-15 21:28:41 +09:00
aszlig 1781e95577
Merge pull request #18567 (VirtualBox 5.1.6)
This introduces VirtualBox version 5.1.6 along with a few refactored
stuff, notably:

  * Kernel modules and user space applications are now separate
    derivations.
  * If config.pulseaudio doesn't exist in nixpkgs config, the default is
    now to build with PulseAudio modules.
  * A new updater to keep VirtualBox up to date.

All subtests in nixos/tests/virtualbox.nix succeed on my machine and
VirtualBox was reported to be working by @DamienCassou (although with
unrelated audio problems for another fix/branch) and @calbrecht.
2016-09-14 02:20:16 +02:00
aszlig f7563efa6e
nixos/tests/vbox: Add destroyVM for all subtests
One reason why it took me so long for debugging the test failure with
systemd-detect-virt was that simple-cli has succeeded while the former
has not.

This now makes sure we have consistency accross all the subtests and if
problems like the one in the previos commit ever show up again, we will
have just the headless test succeeding and it's more obvious where the
actual problem resides.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-14 02:12:16 +02:00
aszlig 80c2cc350c
nixos/tests/vbox: Disable audio for VBox guests
We don't have (simulated) sound hardware within the qemu VM, neither do
we have it available within VirtualBox that's running within the qemu
VMs.

With sound hardware the VirtualBox UI displays an error dialog, which in
turn causes the VM process to hang on unregister. This in turn has
caused the tests to fail because of the following error:

Cannot unregister the machine '...' while it is locked

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-13 23:17:47 +02:00
Reno Reckling 8ea8659f29 Remove tomcat vm test timing issues
(cherry picked from commit 090f1f0722)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-13 22:46:46 +02:00
Jaka Hudoklin 7a9dd489d6 Merge pull request #18481 from offlinehacker/pkgs/docker/1.12.1
docker: 1.10.3 -> 1.12.1
2016-09-13 15:59:18 +02:00
aszlig 562c7f56f0
nixos/tests/vbox: Make shutdown less noisy
Using waitUntilSucceeds for testing whether the shutdown signalling
files have vanished is quite noisy because it prints two lines for every
try. This is now fixed with a while loop on the guest VM which does the
same check but with only one output for the command that's executed and
another one when the conditions are met.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-13 14:55:52 +02:00
Jaka Hudoklin 5d9c62541a docker module: updates
- logDriver option, use journald for logging by default
- keep storage driver intact by default, as docker has sane defaults
- do not choose storage driver in tests, docker will choose by itself
- use dockerd binary as "docker daemon" command is deprecated and will be
  removed
- add overlay2 to list of storage drivers
2016-09-13 12:51:13 +02:00
Alexander Ried 60a9edbbeb tests.networking: remove network-interfaces.target 2016-09-13 11:19:23 +02:00
Reno Reckling 6ff44c571b mumble: fix failing vm tests
modify tests to not fail if the event handlers are
registered too slowly or if the wrong window is in focus

(cherry picked from commit e087b0d12f)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-13 09:45:08 +02:00
Franz Pletz 5a7e5537aa Merge pull request #18298 from teh/prometheus-service
Prometheus service
2016-09-11 23:18:36 +02:00
Domen Kožar fed3501b07 Remove docker-registry as it's deprecated #18209 2016-09-09 18:50:42 +02:00
Thomas Tuegel e5a79b0eae
nixos/tests/kde5: rename from sddm-kde5 and run by default
(cherry picked from commit 701f02a6ee)
2016-09-09 10:12:38 -05:00
Thomas Tuegel 0fdaae8be4
nixos/tests/sddm-kde5: don't run tests through krunner
(cherry picked from commit 1f510dc7cd)
2016-09-09 10:12:31 -05:00
Rodney Lorrimar 5537503dec nixos/tests/pump.io: Fix systemd unit config
Ref #18209

(cherry picked from commit 3fd603c02f)
2016-09-08 17:06:49 +01:00
Eric Sagnes f39f829441 nixos: unbreak influxdb test (due to new API)
Data from the documentation example[1] was used.

[1] https://docs.influxdata.com/influxdb/v1.0/guides/writing_data/

[Bjørn: change commit message.]
2016-09-08 15:01:10 +02:00