1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-29 17:10:48 +00:00
Commit graph

1132 commits

Author SHA1 Message Date
Joachim Fasting 6a7f02d89d
nixos/hardened: restrict access to nix daemon 2018-11-24 16:06:21 +01:00
Joachim Fasting 62623b60d5
nixos/tests/hardened: fix build by disabling nix.useSandbox 2018-11-24 16:06:18 +01:00
Michael Raskin 5e159d463b
Merge pull request #49228 from Ekleog/rss2email-module
rss2email module: init
2018-11-23 22:30:29 +00:00
Andreas Rammhold 51c3082119 nixos/prometheus: require one alertmanager configuration parameter
This commit adds an assertion that checks that either `configFile` or
`configuration` is configured for alertmanager. The alertmanager config
can not be an empty attributeset. The check executed with `amtool` fails
before the service even has the chance to start. We should probably not
allow a broken alertmanager configuration anyway.

This also introduces a test for alertmanager configuration that piggy
backs on the existing prometheus tests.
2018-11-23 19:45:17 +01:00
Pierre Bourdon 74598ca8d3 nixos.tests.keymap: use new name of the colemak/en-latin9 keymap
Commit f1987fb58f renamed colemak/en-latin9 to
colemak/colemak, but the keymap test wasn't adjusted to refer to the new path.
2018-11-20 04:11:39 +01:00
Pierre Bourdon 08f24cadaa syncthing-relay module: init 2018-11-19 01:09:54 +01:00
Symphorien Gibol 2dbed7e726 nixos/tests/installer.nix: shorten test name to fit length limit
previously one of the tests would fail with

boot-after-install: starting vm
Path length (109) is longer than maximum supported length (108) and will be truncated at /nix/store/0ingn8cwwnl84i374hcl6nafsm2c5m2p-perl-5.28.0/lib/perl5/5.28.0/x86_64-linux-thread-multi/Socket.pm line 872, <__ANONIO__> line 268.
boot-after-install# qemu-system-x86_64: -monitor unix:./monitor: Failed to connect socket ./monitor: No such file or directory
error: QEMU died prematurely
QEMU died prematurely
vde_switch: EOF on stdin, cleaning up and exiting
cleaning up
builder for '/nix/store/zbpxwwxwy7f6z5z3kg4nf5mjqsywzjvx-vm-test-run-installer-filesystemEncryptedWithKeyfile.drv' failed with exit code 4

Shortening the test name fixes the issue.
2018-11-17 22:30:29 +01:00
Léo Gaspard 0483ce0eee
rss2email module: init
Also adding `system-sendmail` package for sharing the code with other
modules or packages needing it.
2018-11-15 23:44:16 +09:00
Linus Heckemann f73afe6ccf
Merge pull request #50356 from mayflower/gitlab-smtp-fix
gitlab: fix smtp setting
2018-11-15 12:13:18 +01:00
Sarah Brofeldt 1b02e6a907 nixos/tests/all-tests.nix: Fix incron test path 2018-11-14 23:51:15 +01:00
Jörg Thalheim 552c223625
nodePackages.statsd: remove
The package/service is broken. Upstream is dead
2018-11-14 18:32:44 +00:00
Robin Gloster 74df0823f3
gitlab: fix smtp setting
fixes #50163
2018-11-14 18:58:45 +01:00
Samuel Dionne-Riel 58c0c2574c
Merge pull request #49840 from markuskowa/fix-pgBackup
nixos/postgresqlBackup: set to umask to 0077
2018-11-14 01:40:38 +00:00
Renaud 56f508833a
Merge pull request #50226 from danieldk/handbrake-1.1.2
handbrake: 1.1.0 -> 1.1.2
2018-11-13 15:38:22 +01:00
aszlig 12d7f9a640
nixos/tests/networking: Fix syntax error
Introduced by 6c68fbd4e1.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Ekleog
2018-11-12 16:18:58 +01:00
Daniël de Kok 40f41772aa tests: handbrake: test transcoding to MKV and MP4. 2018-11-12 08:19:58 +01:00
Léo Gaspard 2986ce16a8
meta.tests: rename into passthru.tests
Nix currently rejects derivations in `meta` values. This works around
that limitation by using `passthru` instead.

Closes https://github.com/NixOS/nixpkgs/issues/50230
2018-11-11 23:11:46 +09:00
Léo Gaspard aade4e577b
tests: disable some broken tests and/or restrict to x86_64 2018-11-11 23:11:46 +09:00
Léo Gaspard 83b27f60ce
tests: split into a separate all-tests.nix file
This will make the list much easier to re-use, eg. for `nixosTests`

The drawback is that this approaches makes the
```
nix-build release.nix -A tests.opensmtpd.x86_64-linux
```
command about twice as slow (3s to 6s): it now has to evaluate `nixpkgs`
once for each architecture, instead of just having the hardcoded list of
tests that allowed to say “ok just evaluate for x86_64-linux”.

On the other hand, complete evaluation of `release.nix` should be much
faster because we no longer import `nixpkgs` for each test: testing with
the following command went from 30s to 18s, and that's just for a few
tests.
```
time nix-instantiate --eval --strict nixos/release.nix -A tests.nat
```
I initially wanted to test on the whole `release.nix`, but there are too
many broken tests and it takes too long to eval them all, especially
compared to the fact that the current implementation breaks some setup.

Given developers can just `nix-build nixos/tests/my-test.nix`, it sounds
like an overall win.
2018-11-11 23:11:46 +09:00
Léo Gaspard 6c68fbd4e1
tests: refactor to carry the package set as an argument
This way, the package set will be possible to pass without re-importing
all the time
2018-11-11 23:11:45 +09:00
Aaron Andersen 24af0bc2b5 nixos/incron: added nixos test to ensure expected behaviour 2018-11-10 20:54:10 -05:00
Franz Pletz 8ba51ef5ec
Merge pull request #49809 from griff/rspamd-workers
nixos/rspamd: Multiple workers, extraConfig priority & postfix integration
2018-11-09 02:55:02 +00:00
Brian Olsen e01605be15
nixos/rspamd: Add options for postfix integration
The `rmilter` module has options for configuring `postfix` to use it but
since that module is deprecated because rspamd now has a builtin worker
that supports the milter protocol this commit adds similar `postfix`
integration options directly to the `rspamd` module.
2018-11-09 01:31:27 +01:00
Renaud 6399b103d8
Merge pull request #49814 from aanderse/gitea
nixos/gitea: fix mysql issue, add mysql socket auth, and add a nixos test
2018-11-08 23:45:46 +01:00
Aaron Andersen 0dde47a58a nixos/gitea: add a nixos test to ensure the initial database migration succeeds so the application can start 2018-11-08 17:31:05 -05:00
Antoine Eiche 50d9f551cb nixos/tests/hydra: set the project visible
If projects are not visible, the are not taken into account by search
queries and it's quite hard to debug!
2018-11-08 08:47:40 +01:00
Timo Kaufmann 6141939d6e
Merge pull request #44439 from Ekleog/meta-tests
[RFC] Use `meta.tests` to link from packages to the tests that test them
2018-11-07 00:05:22 +01:00
Markus Kowalewski a0371d4761
nixos/postgresqlBackup: set to umask to 0077
* Ensure that the backup file is only readable by the owner
* Add file permission test to tests
2018-11-06 21:59:29 +01:00
Franz Pletz 159a5f31bc
Merge pull request #49792 from griff/rspamd-multifile-enable
nixos/rspamd: Fix enable for locals and overrides
2018-11-06 18:25:47 +00:00
Sarah Brofeldt 81de3e39b0
Merge pull request #49516 from johanot/kubedns-to-coredns
nixos/kubernetes: KubeDNS -> CoreDNS
2018-11-06 10:30:49 +01:00
Brian Olsen fba69f388b
nixos/rspamd: Put extraConfig in included files
The lines stored in `extraConfig` and `worker.<name?>.extraConfig`
should take precedent over values from included files but in order to do
this in rspamd UCL they need to be stored in a file that then gets
included with a high priority. This commit uses the overrides option to
store the value of the two `extraConfig` options in `extra-config.inc`
and `worker-<name?>.inc` respectively.
2018-11-06 00:34:23 +01:00
Brian Olsen 3a4459a305
nixos/rspamd: Support multiple workers
When the workers option for rspamd was originally implemented it was
based on a flawed understanding of how workers are configured in rspamd.
This meant that while rspamd supports configuring multiple workers of
the same type, so that different controller workers could have different
passwords, the NixOS module did not support this because it would write
an invalid configuration file if you tried.

Specifically a configuration like the one below:

```
workers.controller = {};
workers.controller2 = {
  type = "controller";
};
```

Would result in a rspamd configuration of:

```
worker {
  type = "controller";
  count = 1;
  .include "$CONFDIR/worker-controller.inc"
}
worker "controller2" {
  type = "controller";
  count = 1;
}
```

While to get multiple controller workers it should instead be:

```
worker "controller" {
  type = "controller";
  count = 1;
  .include "$CONFDIR/worker-controller.inc"
}
worker "controller" {
  type = "controller";
  count = 1;
}
```
2018-11-06 00:26:55 +01:00
Brian Olsen c853b34824
nixos/rspamd: Fix enable for locals and overrides
When implementing #49620 I included an enable option for both the
locals and overrides options but the code writing the files didn't
actually look at enable and so would write the file regardless of its
value. I also set the type to loaOf which should have been attrsOf
since the code was not written to handle the options being lists.

This fixes both of those issues.
2018-11-05 17:50:34 +01:00
Andreas Rammhold c891dac82f
Merge pull request #49283 from aanderse/solr
solr: 4.10.3 -> 7.5.0, refactor service to reflect major changes in version bump
2018-11-04 13:24:15 +01:00
Joachim F 9c44eebbbd
Merge pull request #49620 from griff/rspamd-multifile
nixos/rspamd: Add support for included files
2018-11-03 19:06:02 +00:00
Aaron Andersen 1b725def23 solr: 4.10.3 -> 7.5.0, refactor service to reflect major changes in version bump, NixOS test included 2018-11-03 13:14:13 -04:00
Florian Klink 93f8ff68ea
Merge pull request #49658 from mayflower/gitlab-refactor
gitlab: refactor and fix test
2018-11-03 01:49:23 +01:00
lewo 3fb4eb1c43 nixos/dockerPreloader: preload docker images (#49379)
This module permits to preload Docker image in a VM in order to reduce
OIs on file copies. This module has to be only used in testing
environments, when the test requires several Docker images such as in
Kubernetes tests. In this case,
`virtualisation.dockerPreloader.images` can replace the
`services.kubernetes.kubelet.seedDockerImages` options.

The idea is to populate the /var/lib/docker directory by mounting qcow
files (we uses qcow file to avoid permission issues) that contain images.

For each image specified in
config.virtualisation.dockerPreloader.images:
1. The image is loaded by Docker in a VM
2. The resulting /var/lib/docker is written to a QCOW file

This set of QCOW files can then be used to populate the
/var/lib/docker:
1. Each QCOW is mounted in the VM
2. Symlink are created from these mount points to /var/lib/docker
3. A /var/lib/docker/image/overlay2/repositories.json file is generated
4. The docker daemon is started.
2018-11-03 01:00:53 +01:00
Robin Gloster ec7cb84bf0
gitlab: refactor and fix test 2018-11-02 22:40:21 +01:00
aszlig 73cdd5a476
nixos/tests/chromium: Fix sandbox info matching
As reported by @andir, the regular expressions that match the sandbox
output are no longer matching in the recent Chromium bump as of
bb03fbc2c8.

Instead of a boolean field that determines whether namespace sandboxes
are on, the namespace sandbox is now an enum within "Layer 1 Sandbox".

I've modified the regular expressions accordingly and also ran the test
for the stable branch, which now succeeds.

Signed-off-by: aszlig <aszlig@nix.build>
Issue: https://github.com/NixOS/nixpkgs/issues/49442
Cc: @bendlas, @andir
2018-11-02 10:23:04 +01:00
Brian Olsen 0810d631a4
nixos/rspamd: Add support for included files
By default rspamd will look for multiple files in /etc/rspamd/local.d
and /etc/rspamd/override.d to be included in subsections of the merged
final config for rspamd. Most of the config snippets in the official
rspamd documentation are made to these files and so it makes sense for
NixOS to support them and this is what this commit does.

As part of rspamd 1.8.1 support was added for having custom Lua
rules stored in $LOCAL_CONFDIR/rspamd.local.lua which means that it is
now possible for NixOS to support such rules and so this commit also
adds support for this to the rspamd module.
2018-11-02 01:46:57 +01:00
Vladimír Čunát cc41aefe44
chromium tests: inherit timeout from the package
/cc #49442.  It should decrease the waste of resources due to abortions.
2018-11-01 20:15:27 +01:00
Johan Thomsen 2617b6800d nixos/kubernetes: Replace KubeDNS with CoreDNS 2018-10-31 13:41:04 +01:00
xeji 6efd811062
Merge pull request #49348 from markuskowa/mod-slurm-upgrade
nixos/slurm: add slurmdbd, run daemons as user
2018-10-31 00:16:11 +01:00
Robin Gloster 4c8a198f12 tests/docs: remove remnants of old allowPing default (#49198)
This has been defaulting to true since 16.03, we don't need this code
anymore, also the note in the documentation has been obsolete for quite
a while.
2018-10-30 22:26:43 +01:00
Markus Kowalewski b388beeca3
nixos/slurm: add maintainer to module and test 2018-10-30 19:50:52 +01:00
Markus Kowalewski d2799d1835
nixos/slurm: node/partitionName option -> list
Make the node and partitionname options lists.
There can be more than paratition or set of nodes.

Add changes to release notes
2018-10-30 19:50:52 +01:00
Markus Kowalewski 79c9dbfb40
nixos/slurm: add slurmdbd to module
* New options "services.slurm.dbdserver.[enable,config]"
* Add slurmdbd to test slurm.nix
2018-10-30 19:50:52 +01:00
Alyssa Ross 91c746cacc
postgresql_11: init at 11.0 2018-10-30 14:33:35 +00:00
Alyssa Ross c6c7d55790
postgresql*: use underscores in version numbers 2018-10-30 14:32:21 +00:00