1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Commit graph

313 commits

Author SHA1 Message Date
aszlig 78b4b90d6c
Merge pull request #39526 (improve dhparams)
This introduces an option that allows us to turn off stateful generation
of Diffie-Hellman parameters, which in some way is still "stateful" as
the generated DH params file is non-deterministic.

However what we can avoid with this is to have an increased surface for
failures during system startup, because generation of the parameters is
done during build-time.

Aside from adding a NixOS VM test it also restructures the type of the
security.dhparams.params option, so that it's a submodule.

A new defaultBitSize option is also there to allow users to set a
system-wide default.

I added a release notes entry that described what has changed and also
included a few notes for module developers using this module, as the
first usage already popped up in NixOS/nixpkgs#39507.

Thanks to @Ekleog and @abbradar for reviewing.
2018-05-08 02:09:46 +02:00
Uli Baum c3eefe801a fleet: remove package, module, test
deprecated and unmaintained upstream
2018-05-05 00:28:16 +02:00
Uli Baum f039bf9abc panamax: remove packages, module and test
was broken and depends on (deprecated) fleet
packages: panamax_api, panamax_ui
2018-05-05 00:27:15 +02:00
Julien Langlois 519b64592d hitch: init at 1.4.8 + service + test (#39358)
Add the Hitch TLS reverse proxy as an option for TLS termination.
2018-05-01 10:36:36 +01:00
Maximilian Bosch e12cc85b07
nixos/osquery: add test
Some time ago I fixed the broken package `osquery` (see #39336).
I had to test the package manually by starting the daemon locally,
however this doesn't ensure that the module is still functional.

In order to cover the package *and* the integration with the NixOS
module I thought that adding a testcase might be the best idea.

The current testcase does the following things:

* Starts an `osqueryd` service in a test machine with customized logger
  path and PID file

* Ensures that the `osqueryd.service` unit is running

* Checks if the customized flags (`pidfile`, `logger_path`) are applied
  to `osquery`.

* Performs a simple test query against the `etc_hosts` database to check
  if the basic funcitonality of `osquery` (storing system information into
  a database) works fine.
2018-04-30 16:49:38 +02:00
Graham Christensen 0ff0d138e4
nixos docs: Add a makefile for hacking on the nixos docs 2018-04-28 04:00:55 -04:00
aszlig 4de774a63b
nixos/dhparams: Add a VM test
We're going to make changes to the dhparams module so we really want to
make sure we don't break it, so having a NixOS VM test is to make sure
we don't blow things up and can iterate on it.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Ekleog
2018-04-26 08:04:45 +02:00
Matthew Justin Bauer e4d2d32a32
Merge pull request #33679 from flokli/deluge-module
Deluge: use mkEnableOption, add test
2018-04-25 14:54:34 -05:00
Matthew Justin Bauer e4717c902f
Merge pull request #27958 from LumiGuide/strongswan-swanctl
nixos: add the strongswan-swanctl service
2018-04-21 15:47:39 -05:00
Matthew Justin Bauer 1a1f26ab3f
Merge pull request #37786 from woffs/fixing-quagga
quagga service: fix service and re-enable test
2018-04-17 10:12:11 -05:00
Tuomas Tynkkynen 333a24a628 nixos/release.nix: Add SD images for ARMv6 + ARMv7
These don't have affect the default Hydra setup (you need to pass
the relevant system in the supportedSystem list) but let's add it for
completeness and convenience.
2018-04-16 20:39:51 +03:00
Daiderd Jordan d538fc06e2
docker-tools: add a test for permissions issues with AUFS/overlay
docker# [   11.054736] d24d6cdd57c9[763]: /bin/bash: error while loading
shared libraries: libreadline.so.7: cannot open shared object file:
Permission denied
docker# /bin/bash: error while loading shared libraries:
libreadline.so.7: cannot open shared object file: Permission denied
docker: exit status 127
docker: output:
error: command `docker run --rm -u 1000:1000 bash /bin/bash --version'
did not succeed (exit code 127)
command `docker run --rm -u 1000:1000 bash /bin/bash --version' did not
succeed (exit code 127)
2018-04-14 14:11:14 +02:00
Florian Klink fe840cd333 deluge: add test 2018-04-13 10:30:22 +02:00
Maximilian Bosch 50a34e55b2
nixos/iftop: add module
This patch is heavily inspired by bd0d8ed807 which added
a setcap wrapper for `mtr` in order to allow running `mtr` without
`sudo`. The need for the capability `cap_net_raw` that can be registered using
`setcap` has been documented in the Arch Wiki: https://wiki.archlinux.org/index.php/Capabilities#iftop

A simple testcase has been added which starts two machines, one with a
setcap wrapper for `iftop`, one without. Both testcases monitor the
bandwidth usage of the machine using the options `-t -s 1` once, the
machine with setcap wrapper is expected to succeed, the `iftop` on the
machine without setcap wrapper is expected to return a non-zero exit
code.
2018-04-07 15:06:51 +02:00
Corey O'Connor d0d05024d1 nixos/transmission: add basic nixos test 2018-04-05 22:07:49 +02:00
Charles Strahan 5c066e2bba
Merge pull request #37218 from cstrahan/kube-test-fix
nixos: kubernetes fixes
2018-04-04 19:14:48 -04:00
Tuomas Tynkkynen 181e0675da nixos/release.nix: Add Hydra job for AArch64 SD image
Based on how ISO images are added to the release.
2018-04-02 15:18:25 +03:00
Charles Strahan 709b6f664e
nixos: kubernetes fixes
* Fix reference CNI plugins
  * The plugins were split out of the upstream cni repo around version
    0.6.0

* Fix RBAC and DNS tests
  * Fix broken apiVersion fields
  * Change plugin linking to look in ${package}/bin rather than
    ${package.plugins}

* Initial work towards a working e2e test
  * Test still fails, but at least the expression evaluates now

Continues @srhb's work in #37199

Fixes #37199
2018-03-30 17:33:45 -04:00
Frank Doepper 66deb3aa29 quagga service: fix service and re-enable test
adding quagga to quaggavty
reverting 8a18e1f
2018-03-25 21:26:45 +02:00
Robin Gloster 76ea0e1b2e
Merge pull request #32960 from florianjacob/prosody-0.10
Prosody 0.10.0
2018-03-22 14:12:57 +01:00
Robin Gloster faaf32a0ee
prosody: add test to release.nix 2018-03-22 03:46:02 +01:00
John Ericson b9a720c524 Merge remote-tracking branch 'upstream/master' into fix-cross-jobs 2018-03-19 21:47:56 -04:00
John Ericson 192f4144b2 release-lib: Filter supportedSystems with meta.platforms-style patterns
Instead of intersecting system strings, we filter with the sort of
patterns used in `meta.platforms`.

Indicating this change `forTheseSystems` has been renamed to
`forMatchingSystems`, since the given list is now patterns to match, and
not the systems themselves. [Just as with `meta.platforms`, systems
strings are also supported for backwards compatibility.]

This is more flexible, and makes the `forMatchingSystems` and
packagePlatforms` cases more analogous.
2018-03-19 21:32:28 -04:00
Maximilian Bosch 4f225f96d5
xautolock: implement basic test to confirm functionality 2018-03-13 21:04:44 +01:00
Vladimír Čunát eab479a5f0
nixos release: more evaluation fixes
... if missing x86 in supportedSystems
2018-03-07 17:29:02 +01:00
Vladimír Čunát 7e968a47cd
18.03 -> 18.09
I don't have a name ready :-(  so I have to fill it later.
2018-03-05 19:47:39 +01:00
Franz Pletz 0f78afdf25
Merge pull request #32248 from awakesecurity/parnell/fetchdocker
Support fetching docker images from V2 registries
2018-03-04 17:10:27 +00:00
Vladimír Čunát 2069a2a002
Merge #35454: nixos/pump.io: remove 2018-03-04 10:49:25 +01:00
Jörg Thalheim 6749f6e26e
Merge pull request #36249 from Ekleog/openldap-module-declarative-contents
Openldap module declarative contents
2018-03-03 19:00:13 +00:00
Jörg Thalheim b2acbe58b2 nixos/openldap: add test 2018-03-03 18:53:52 +00:00
aszlig 88530e02b6
systemd: Update to latest NixOS branch
Updated to the latest version of the nixos-v237 branch, which fixes two
things:

  * Make sure that systemd looks in /etc for configuration files.
    https://github.com/NixOS/systemd/pull/15
  * Fix handling of the x-initrd.mount option.
    https://github.com/NixOS/systemd/pull/16

I've added NixOS VM tests for both to ensure we won't run into
regressions. The newly added systemd test only tests for that and is by
no means exhaustive, but it's a start.

Personally I only wanted to fix the former issue, because that's the one
I've been debugging. After sending in a pull request for our systemd
fork (https://github.com/NixOS/systemd/pull/17) I got a notice from
@Mic92, that he already fixed this and his fix was even better as it's
even suitable for upstream (so we hopefully can drop that patch
someday).

The reason why the second one came in was simply because it has been
merged before the former, but I thought it would be a good idea to have
tests for that as well.

In addition I've removed the sysconfdir=$out/etc entry to make sure the
default (/etc) is used. Installing is still done to $out, because those
directories that were previously into sysconfdir now get into
factoryconfdir.

Quote from commit NixOS/systemd@98067cc806:

  By default systemd should read all its configuration from /etc.
  Therefore we rely on -Dsysconfdir=/etc in meson as default value.
  Unfortunately this would also lead to installation of systemd's own
  configuration files to `/etc` whereas we are limited to /nix/store. To
  counter that this commit introduces two new configuration variables
  `factoryconfdir` and `factorypkgconfdir` to install systemd's own
  configuration into nix store again, while having executables looking
  up files in /etc.

Tested this change against all of the NixOS VM tests we have in
nixos/release.nix. Between this change and its parent no new tests were
failing (although a lot of them were flaky).

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Mic92, @tk-ecotelecom, @edolstra, @fpletz
Fixes: #35415
Fixes: #35268
2018-03-03 10:39:38 +01:00
lejonet 565f22d27a nixos/ceph: init module (#35299)
All 5 daemon types can be enabled and configured through the module and the module both creates the ceph.conf required but also creates and enables specific services for each daemon, based on the systemd service files that upstream provides.
2018-03-01 11:47:13 +00:00
Shea Levy 4de72b90f3
nixos: nix.sshServe: Support ssh-ng. 2018-02-28 16:55:00 -05:00
Bas van Dijk bd24b3addd nixos: add the strongswan-swanctl service
The strongswan-swanctl systemd service starts charon-systemd. This implements a IKE daemon
very similar to charon, but it's specifically designed for use with systemd. It uses the
systemd libraries for a native integration.

Instead of using starter and an ipsec.conf based configuration, the daemon is directly
managed by systemd and configured with the swanctl configuration backend.

See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd

Note that the strongswan.conf and swantctl.conf configuration files are automatically
generated based on NixOS options under services.strongswan-swanctl.strongswan and
services.strongswan-swanctl.swanctl respectively.
2018-02-28 10:41:54 +01:00
Rodney Lorrimar 21dcead5f0
nixos/pump.io: remove
This would probably be better maintained in a separate repo as an
external NixOS module which gets imported into user's configuration.
2018-02-27 12:52:51 +00:00
Frederik Rietdijk 05623d202c
Merge pull request #35061 from lopsided98/buildbot-update
buildbot: 0.9.15.post1 -> 1.0.0
2018-02-27 07:43:46 +00:00
volth 7e4c8db475
nixos/tests: add forgotten xrdp.nix 2018-02-26 19:55:07 +00:00
Jan Tojnar 3b512ca185
Merge pull request #35065 from jtojnar/fwupd-1.0.5
fwupd: 1.0.5 update & cleanups
2018-02-23 17:22:47 +01:00
Profpatsch 186c765398 rabbitmq: 3.6.10 -> 3.6.15 (and various improvements)
- split outputs (doc, man, out)
- a new runtime dependency on getconf
- fix up SCRIPTS_DIR in wrapper
- clean output folder of stray doc files
- add license & maintainer

Tested with `nixos/tests/rabbitmq.nix`, inside a docker image and manually.
2018-02-22 17:04:20 +01:00
Jan Tojnar d4075700d6
Revert "nixos tests: disable fwupd for now"
This reverts commit 11fc2bad56.
2018-02-22 13:18:23 +01:00
Jörg Thalheim 57ad5dc844
Merge pull request #35078 from Mic92/powerdns
powerdns: 4.0.5 -> 4.1.1
2018-02-20 21:49:41 +00:00
Will Dietz 1bf5fae96b release: only run novacomd test on x86_64-linux
novacom and novacomd build on aarch64, but the daemon
fails to start with something like:

novacomd[547]: unhandled level 2 translation fault (11) at 0x00000000, esr 0x92000046

So, uh, nevermind that then.
2018-02-20 13:47:50 -06:00
Will Dietz 09e261c2f4 nixos/release: Add novacomd
This is unlikely to break and is a cheap test.
I'd like to be notified if it stops working.

If this ever blocks anything and I've been notified
you have my blessing to remove this as I doubt
many folks depend on it.
2018-02-20 12:39:14 -06:00
Jan Malakhovski 2e6b796761 nixos: rename config.system.nixos* -> config.system.nixos.* 2018-02-18 12:56:30 +00:00
Jörg Thalheim ba27be7955 nixos/powerdns: add test 2018-02-17 16:43:41 +00:00
Jörg Thalheim b087ba6080 nixos/buildbot: also run test on hydra 2018-02-17 10:09:40 +00:00
Vladimír Čunát 11fc2bad56
nixos tests: disable fwupd for now
See https://github.com/NixOS/nixpkgs/pull/32751/files#r168736256
2018-02-16 12:42:57 +01:00
Jan Tojnar c6283e6e06
Merge pull request #32751 from jtojnar/fwupd-1.0.2
fwupd: 1.0.1 → 1.0.4
2018-02-15 01:18:38 +01:00
Jan Tojnar 201cc158cb
nixos/fwupd: add test 2018-02-15 01:11:13 +01:00
Jan Tojnar 9857545446
Merge pull request #34979 from jtojnar/gjs-1.50.4
gnome3.gjs: 1.50.2 → 1.50.4
2018-02-14 23:10:07 +01:00