1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 07:00:43 +00:00
Commit graph

896 commits

Author SHA1 Message Date
Nikolay Amiantov 9c1c424e52 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:51:39 +03:00
Nikolay Amiantov cc52eff6c6 Revert "cups service: fix client sockets"
This reverts commit cf4c077343.
2018-02-23 18:47:43 +03:00
Nikolay Amiantov cf4c077343 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:43:51 +03:00
Frederik Rietdijk d328ba753e
Merge pull request #35243 from FRidh/postgis
postgis: get rid of composableDerivation
2018-02-22 16:49:56 +00:00
Eelco Dolstra d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0 2018-02-22 17:28:51 +01:00
Vladimír Čunát 1cacfe357b
nixos.tests.boot-stage1: fix missing libelf 2018-02-22 04:04:49 +01:00
Jörg Thalheim 57ad5dc844
Merge pull request #35078 from Mic92/powerdns
powerdns: 4.0.5 -> 4.1.1
2018-02-20 21:49:41 +00:00
Frederik Rietdijk b2f53c76f8 postgis: get rid of composableDerivation
In this change composableDerivation is removed in favor of
stdenv.mkDerivation.
2018-02-20 22:17:16 +01:00
Will Dietz f32139cf78 nixos: Add basic test of novacomd 2018-02-20 11:03:49 -06:00
Michael Raskin 10b3f7d356
Merge pull request #27688 from rnhmjoj/routes
nixos/networking-interfaces: make static routes configurable
2018-02-19 14:12:58 +00:00
Vladimír Čunát 8b1cf100cd
Merge #35169: nixos/tests: fix ipv6 test failure 2018-02-19 11:38:16 +01:00
rnhmjoj a1dc3abf90
nixos/tests: fix test failure due to preferTempAddress changes 2018-02-19 11:31:20 +01:00
Frederik Rietdijk 6e1c714c99
Merge pull request #35084 from dotlambda/home-assistant
nixos/home-assistant: test MQTT configuration
2018-02-18 16:08:56 +00:00
Robert Schütz 772b72a8d7 nixos/home-assistant: test MQTT configuration 2018-02-17 20:43:55 +01:00
rnhmjoj edc4a1f3e7
nixos/tests: fix random failures of privacy test 2018-02-17 18:07:04 +01:00
Jörg Thalheim ba27be7955 nixos/powerdns: add test 2018-02-17 16:43:41 +00:00
rnhmjoj e239c1e582
nixos/tests: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj c1bed05e34
nixos/networking-interfaces: rename IP addresses/routes options 2018-02-17 14:01:24 +01:00
rnhmjoj f41111c4da
nixos/tests: add test for static routes 2018-02-17 14:01:23 +01:00
Jörg Thalheim 431c004fbd
Merge pull request #35048 from nlewo/test.dockerTools
nixos.test.dockerTools: add more tests
2018-02-17 10:05:25 +00:00
Joachim F 7bf049a54c
Merge pull request #34492 from rnhmjoj/privacy
nixos/networking-interfaces: add preferTempAddress option
2018-02-17 08:41:23 +00:00
Antoine Eiche f9bb73f4aa nixos.test.dockerTools: add more tests 2018-02-16 18:24:48 +01:00
Tim Steinbach 87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Jan Tojnar c6283e6e06
Merge pull request #32751 from jtojnar/fwupd-1.0.2
fwupd: 1.0.1 → 1.0.4
2018-02-15 01:18:38 +01:00
Jan Tojnar 201cc158cb
nixos/fwupd: add test 2018-02-15 01:11:13 +01:00
Jan Tojnar 9857545446
Merge pull request #34979 from jtojnar/gjs-1.50.4
gnome3.gjs: 1.50.2 → 1.50.4
2018-02-14 23:10:07 +01:00
Jan Tojnar 7713889556
nixos/gjs: add test 2018-02-14 22:43:59 +01:00
Sam Parkinson 16fa6f59f7
nixos/plotinus: add module to enable plotinus 2018-02-14 22:25:12 +01:00
Profpatsch 1545f9062e nixos/tests: add simple dockerTools test 2018-02-14 06:36:14 +01:00
Parnell Springmeyer 0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-02-13 17:28:45 -06:00
markuskowa bf53dc68c2 nixos/rdma-core: add module for soft RoCE and test (#34607) 2018-02-10 07:52:03 +00:00
Franz Pletz 3748f3aac8
Merge pull request #32582 from Ma27/yabar-module
yabar: add module
2018-02-09 18:43:59 +00:00
symphorien 0146074560 nixos/tests: add predictable-interface-names.nix (#34305) 2018-02-09 18:40:39 +00:00
Andreas Rammhold 04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Brian Olsen 908fc5e14b
nixos/rspamd: options for worker configuration and socket activation 2018-02-09 06:19:03 +01:00
Eelco Dolstra f64a4af328
Fix comments 2018-02-07 19:32:41 +01:00
Eelco Dolstra df117acab7
ISO images: Initialize the Nix database with correct NAR hashes/sizes
The boot test now runs "nix verify" to ensure that all hashes are
correct.
2018-02-07 16:54:23 +01:00
Eelco Dolstra 5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes 2018-02-07 15:49:02 +01:00
David McFarland e591f11c25 nixos/tests: add matrix-synapse test 2018-02-04 21:22:55 -04:00
Sarah Brofeldt bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Brian Olsen 27ee0b9099
nixos/tests: add basic tests for services.rspamd 2018-02-03 20:07:15 +01:00
Frederik Rietdijk db58049f75
Merge pull request #34494 from dotlambda/home-assistant
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
aszlig 2a09b4275c
nixos/tests/make-test.nix: Fix eval error
Regression introduced by 943592f698.

The lib attribute isn't in scope here, so we need to use pkgs.lib
instead for isFunction.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @shlevy
2018-02-02 17:44:08 +01:00
Shea Levy 43f647e5b4
Merge branch 'dynamic-function-args' 2018-02-02 09:41:16 -05:00
Robert Schütz 78c2ca326e home-assistant: compute extraComponents from config 2018-02-02 09:48:50 +01:00
rnhmjoj 4050c30da2
nixos/tests: add test for temporary IPv6 addresses 2018-02-01 16:29:36 +01:00
Jörg Thalheim 57d72d4140
Merge pull request #34442 from rnhmjoj/virtual
Fix virtualType for network-interfaces-scripted
2018-02-01 10:35:13 +00:00
Frederik Rietdijk d30735f889
Merge pull request #34188 from dotlambda/home-assistant
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Shea Levy 943592f698
Add setFunctionArgs lib function.
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Robert Schütz 0604c078a8 home-assistant: add NixOS test 2018-01-31 12:34:58 +01:00
rnhmjoj f1cacaf97c
nixos/tests: add test for virtual interfaces 2018-01-31 05:52:22 +01:00
Tuomas Tynkkynen 3be9d4610f nixos/tests: Drop unnecessary qemu-flags.nix include
None of these files are using anything from there.
2018-01-30 16:57:27 +02:00
Jörg Thalheim 8a5f77ffbc nixos/borgbackup: add test
We had problems to get borg's own test suite running.
This test is intended to perform a quick smoke test to see whether we
have missed not any important dependency necessary to create backups
with borg.

tested with:

$ nix-build nixos/release.nix -A tests.borgbackup.x86_64-linux
2018-01-29 14:14:57 +00:00
Tuomas Tynkkynen d085af7b7d nixos/tests: Fix statsd test evaluation
Fixes:

error: anonymous function at nixos/tests/statsd.nix:1:25 called with unexpected argument ‘system’, at nixos/tests/make-test.nix:5:41
2018-01-26 23:29:53 +02:00
Jörg Thalheim dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
Leon Schuermann f297ddb5c9 sudo: define extra rules in Nix language (#33905) 2018-01-17 14:56:08 +00:00
Sarah Brofeldt ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Jörg Thalheim 91ec1f784a
Merge pull request #33755 from srhb/keymap-test-disable-xterm-dm
nixos/tests/keymap: disable xterm DM
2018-01-13 17:03:53 +00:00
Sarah Brofeldt 4488e7c435 nixos/tests/keymap: disable xterm DM 2018-01-11 20:12:49 +01:00
Parnell Springmeyer e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-01-10 10:13:49 -08:00
rnhmjoj 4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
This reverts commit 5dc2853981.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Joachim Fasting 5dc2853981 nixos/dnscrypt-proxy: remove
The upstream project ceased.

See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Maximilian Bosch dbc414a8a5
yabar: add module
To make the configuration of `yabar` more pleasant and easier to
validate, a NixOS module will be quite helpful.

An example config could look like this:

```
{
  programs.yabar = {
    enable = true;
    bars.top.indicators.exec = "YA_DATE";
  };
}
```

The module adds a user-controlled systemd service which runs `yabar` after
starting up X.
2018-01-04 09:58:21 +01:00
Casey Ransom f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Bas van Dijk 803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Markus Kowalewski b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Florian Klink 0543dc77b1 nixos/tests/virtualbox: remove mknod /dev/vda1 call
With devtmpfs introduced in 0d27df280f it is
created automatically.

See https://github.com/NixOS/nixpkgs/pull/32983#issuecomment-353703083
2017-12-23 03:16:18 +00:00
Jörg Thalheim 5687f61b19
Merge pull request #32637 from makefu/pkgs/openstack/nuke
nuke openstack (again)
2017-12-15 10:06:23 -08:00
makefu 71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
Franz Pletz 0f18f4af88
nixos/tests/jenkins: check if jenkins is available 2017-12-14 16:03:24 +01:00
Linus Heckemann e4b32222a3 nixos/tests: correct comment in radicale.nix (#32574)
The secrets are in fact also stored unhashed, as part of the .drv file
which produces the htpasswd.
2017-12-11 22:09:23 +00:00
Peter Hoeg e5715d9464 cups: 2.2.2 -> 2.2.6 2017-12-07 07:22:39 +00:00
Maximilian Bosch af75b48b51 services.statsd: add simple test 2017-12-04 16:56:16 +01:00
Daiderd Jordan 6a20b88cec
vault: add nixos test 2017-12-04 12:59:52 +01:00
Parnell Springmeyer 6c9de3f600
hocker: Don't check package and wrap the binaries with PATH to nix 2017-12-02 09:20:22 -06:00
Parnell Springmeyer c1eb962516
fetchdocker: Integration test exercising hocker and fetchdocker
This change adds a simple integration test exercising the fetchdocker
Nix code and hocker utilities for the simple `hello-world` docker
container. We exercise:

- Fetching the docker image configuration json
- Fetching the docker image layers
- Building a compositor script
- Loading the `hello-world` docker image into docker using the
  compositor script and `docker load`
- Running that loaded container
2017-12-01 21:06:16 -06:00
Tuomas Tynkkynen dc5cd7800a tests/initrd-network-ssh: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Joachim F 822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Vladimír Čunát 474c1ce799
nixos.tests.installer.swraid: increase drive size
The latest staging caused this test not to fit anymore.
I'm all for keeping closure sizes under control,
but I don't think *this* is a good place.
2017-11-25 07:46:28 +01:00
Bjørn Forsman aedba5c2af nixos: run parted with --script option (3rd)
Doh, should have included this in previous commit.

Ref. 0ff4bb5f87
("nixos: run parted with --script option").
2017-11-19 22:55:12 +01:00
Bjørn Forsman bf338ab9ee nixos: run parted with --script option (2nd)
Ref. 0ff4bb5f87
("nixos: run parted with --script option")
2017-11-19 22:50:24 +01:00
Franz Pletz bdbaaad7de
Merge pull request #29269 from Moredread/test_crypt_with_keyfile
Test opening encrypted filesystem with keyfile
2017-11-19 20:30:59 +01:00
obadz edcf51a359
Merge pull request #31805 from gleber/make-switch-to-configuration-pure
nixos/system: make switch-to-configuration script pure
2017-11-19 19:03:52 +00:00
Franz Pletz f367bb4d6d
Merge pull request #31569 from gleber/add-mutable-users-test
nixos/tests: add a test for config.users.mutableUsers.
2017-11-19 19:54:28 +01:00
Gleb Peregud 2f6148c743 nixos/system: make switch-to-configuration script pure.
Fixes #28443

Fixed few invocations to `systemctl` to have an absolute path. Additionally add
LOCALE_ARCHIVE so that perl stops spewing warning messages.
2017-11-19 19:42:54 +01:00
Gleb Peregud 1dd0379ba8 nixos/tests: Add a test for config.users.mutableUsers.
It's in preparation to add an assertion for #4990.
2017-11-19 19:11:19 +01:00
Franz Pletz 71b8437e2c
nixos/tests: add couchdb test 2017-11-19 17:39:36 +01:00
Franz Pletz 00056e76d0
nixos/tests/acme: update terms of service to fix test 2017-11-17 16:05:13 +01:00
Orivej Desh 963204e6ee
Merge pull request #31753 from mbld/show-ip
nixos-container: Make show-ip work together with ipv4 + netmask
2017-11-17 00:32:56 +00:00
Orivej Desh f79e3e237f
Merge pull request #31618 from adisbladis/zfs-tests
Add basic ZFS tests
2017-11-16 20:00:16 +00:00
Martin Bornhold 25b71e18f5 nixos-container: Modify existing test to cover show-ip command
Modified the existing test to check that the 'nixos-container show-ip' command
can handle ipv4 addresses with submask in CIDR notation.
2017-11-16 20:25:45 +01:00
Parnell Springmeyer cb11bf73a5 nixos/nghttpx: add module for the nghttpx proxy server (#31680)
* nghttpx: Add a new NixOS module for the nghttpx proxy server

This change also adds a global `uid` and `gid` for a `nghttpx` user
and group as well as an integration test.

* nixos/nghttpx: fix building manual
2017-11-16 18:21:02 +00:00
Tuomas Tynkkynen cbccb1edf5
nixos installer tests: Add UEFI Grub test
Fixed merge conflict. Closes #22923.
2017-11-14 11:30:28 +01:00
adisbladis 59e4599723
Add basic ZFS tests 2017-11-14 14:34:19 +08:00
aszlig f6ae3948bc
tests/boot-stage1: Fix build of kcanary module
In bfe9c928c1 the default kernel has been
updated to version 4.14 and the declarations for allow_signal() and
signal_pending() are no longer exposed via kthread.h, so let's actually
use the right header files.

I've added a condition for kernel 4.10 and upwards to include the
linux/sched/signal.h header file, because that got introduced in version
4.10. Even if the declaration would still reside in kthread.h (I haven't
checked) for version 4.10 it won't hurt and the compilation will still
succeed.

Tested against kernel 4.9 and 4.14 and the build now succeeds.

Signed-off-by: aszlig <aszlig@nix.build>
2017-11-14 04:36:19 +01:00
Sarah Brofeldt 58d07e2d6b php: Add nixos test to ensure php-pcre works in httpd 2017-11-12 08:05:27 +01:00
Sarah Brofeldt 294bb6daea nixos/tests/gitlab.nix: Unbreak config, still times out 2017-11-06 14:52:33 +01:00
Tim Steinbach 97f172a1d5
Merge pull request #31146 from NeQuissimus/kafka_updates
Kafka: Update + Tests
2017-11-04 11:06:32 -04:00
Bas van Dijk c894327215 postage: replaced by pgmanage-10.0.2
postage is no longer maintained and has been replaced by the identical pgmanage. See:

https://github.com/workflowproducts/postage#postage-has-been-replaced-with-pgmanage

The following error is raised when a user enables the deprecated `services.postage.enable` option:

Failed assertions:
- services.postage is deprecated in favor of pgmanage. They have the same options so just substitute postage for pgmanage.
2017-11-03 00:14:00 +01:00
Tim Steinbach beefaff2c1
kafka: Add tests 2017-11-02 15:10:33 -04:00
Tim Steinbach d27cf320cf
zookeeper: Add simple test 2017-11-02 14:09:56 -04:00
Bas van Dijk cb4b9b1cc1 owncloud: fix some but not all errors
* Don't set timezone when it's null

* Don't create the postgres role because the postgresqsl service
  already does that.

* Fix documentation

* Add a test suite
2017-10-31 23:03:33 +01:00
Bas van Dijk 04b2460eb6 graphite: fix the graphiteApi service 2017-10-31 15:49:59 +01:00
Tuomas Tynkkynen 2f3786e7ef nixos/tests/gitolite: Don't build during evaluation
Noticed in https://hydra.nixos.org/jobset/nixos/release-17.09#tabs-errors:

````
hydra-eval-jobs returned exit code 1:
building path(s) '/nix/store/wxcbjli7m98yymnxrxkf6pigr7a05zad-id_ed25519.pub'
building '/nix/store/gyig2d7cry98647h0grfilq26cpc1wy8-id_ed25519.pub.drv'...
````

Issue #29774
2017-10-21 23:45:37 +03:00
Peter Simons 757a759005 Merge pull request #30166 from LumiGuide/graphite-1.0.2
Fix graphite crash by upgrading from 0.9.15 -> 1.0.2
2017-10-18 12:58:55 +01:00
Bjørn Forsman 774d05878a nixos/tests: unbreak prometheus test
Commit 271d3f7a43 ("prometheus service: globalConfig.labels is obsolete")
removed globalConfig.labels. Update the test config accordingly.
2017-10-16 20:31:49 +02:00
Bjørn Forsman 10e79d43f6 nixos/tests: add gitolite test 2017-10-16 19:22:07 +02:00
Bjørn Forsman 943730ff9b nixos/tests: add basic test for services.atd 2017-10-16 19:08:19 +02:00
Bjørn Forsman 0ff4bb5f87 nixos: run parted with --script option
-s, --script: never prompts for user intervention

Sometimes the NixOS installer tests fail when they invoke parted, e.g.
https://hydra.nixos.org/build/62513826/nixlog/1. But instead of exiting
right there, the tests hang until the Nix builder times out (and kills
the build). With this change the tests would instead fail immediately,
which is preferred.

While at it, use "parted --script" treewide, so nobody gets build
timeout due to parted error (or misuse). (Only nixos/ use it, and only
non-interactive.)

A few instances already use the short option "-s", convert them to long
option "--short".
2017-10-14 15:29:02 +02:00
Lancelot SIX 4ea954477f Merge pull request #30321 from RemiDesgrange/add-postgis-2.4.0
Add postgis 2.4.0
2017-10-14 10:13:53 +02:00
Rémi Desgrange 8dcaa5b313 postgis: add v2.4.0
Add postgis 2.4.0

doesn't remove v2.3.1. There are some big change in 2.4 that people may
don't want. see https://postgis.net/docs/release_notes.html#idm41021

fix test call

modify following recommandation of lsix
2017-10-13 09:45:25 +02:00
aszlig 20487112ed
nixos: Fix output path generation of runInMachine
Regression introduced by a02bb00156.

The fix is done by disabling writableStore, because the latter will set
up an overlayfs on the Nix store within the VM, which in turn will
discard all the outputs of the resulting output path.

However in runInMachine we actually *want* the contents of the generated
path and also don't want a writable store within the VM (except of
course for $out, which is writable anyway).

I've added a small regression test to verifify the output in
nixos/tests/run-in-machine.nix to make sure this won't break again in
the future.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 20:08:11 +02:00
Jörg Thalheim 62922af208 Merge pull request #29994 from bachp/minio-update
minio: 20170613 -> 2017-09-29T19-16-56Z
2017-10-08 12:12:32 +01:00
Pascal Bach 1983e6c8cc minio: 20170613 -> 2017-09-29T19-16-56Z
The test was updated as minio now needs at least 1 GiB of free disk,
otherwise it won't start.
2017-10-08 12:24:29 +02:00
Bas van Dijk 5b8ff5ed49 graphite: 0.9.15 -> 1.0.2
Fixes: #29961

Also added the option:

  services.graphite.web.extraConfig

for configuring graphite_web.
2017-10-08 03:03:22 +02:00
WilliButz 3539e16cfa
nixos/tests: clean up pgjwt test
- removed unneeded initscript
- use default postgres version for the test
2017-10-04 13:04:49 +02:00
Joachim F 0625110d1a Merge pull request #29927 from WilliButz/fix-pgjwt-test
nixos/tests: fix pgjwt test
2017-10-04 10:57:43 +00:00
Ruben Maher 06e15e59f9 nixos/krb5: complete rewrite
The `krb5` service was a bit lacking.

Addresses NixOS/nixpkgs#11268, partially addresses NixOS/nixpkgs#29623.
2017-10-02 14:30:19 +10:30
WilliButz 7d09fc6ea7
nixos/tests: rewrite pgjwt test
- now using the test contained in the pgjwt source repo
- also compatible with the new `superUser` option of the
  `postgresql` service
2017-10-01 20:12:58 +02:00
Jan Tojnar dfdfb97f0f nixos/tests/gnome3-gdm: Increase memory limit
The test was failing on x86_64 prematurely due to memory being exhausted.

See also 3b9f0c6a46
2017-09-28 17:20:23 +02:00
Robin Gloster d05b0b6b70
mesos test: fix python handling
Still does not succeed but advances further

(cherry picked from commit 30d09f717a)
2017-09-28 01:15:41 +02:00
Rodney Lorrimar 56eba66f77 mysqlBackup service: let it work with default settings
* Grants enough privileges to the configured user so that it can run
  mysqldump.

* Adds a nixos test.

* Use systemd timers instead of a cronjob (by @fadenb).

* Creates a new user for backups by default, instead of using mysql
  user.

* Ensures that backup user has write permissions on backup location.

* Write backup to a temporary file before renaming so that a failed
  backup won't overwrite the previous backup, and so that the backup
  location will never contain a partial backup.

Breaking changes:

 * Renamed period to calendar to reflect the change in how to
   configure the backup time.

 * A failed backup will no longer result in cron sending an e-mail --
   users' monitoring systems must be updated.

Resolves #24728
2017-09-27 18:44:49 +02:00
Silvan Mosberger a8c97ad23e nixos/radicale: fix default version (#29743) 2017-09-25 10:18:42 +00:00
Matej Cotman 6ef8cad2a7 kubernetes: fix tests 2017-09-24 11:44:25 +02:00
Jaka Hudoklin 7dfeac88ac kubernetes module: flannel support, minor fixes
- add flannel support
- remove deprecated authorizationRBACSuperAdmin option
- rename from deprecated poratalNet to serviceClusterIpRange
- add nodeIp option for kubelet
- kubelet, add br_netfilter to kernelModules
- enable firewall by default
- enable dns by default on node and on master
- disable iptables for docker by default on nodes
- dns, restart on failure
- update tests

and other minor changes
2017-09-24 11:44:25 +02:00
Matej Cotman 8e14e978c8 kubernetes: fix minor issues 2017-09-24 11:44:25 +02:00
Matej Cotman 7f9d1a7aaf kubernetes: add tests 2017-09-24 11:44:25 +02:00
Joachim Fasting bccaf63067
nixos/hardened test: add failing test-case for deferred mounts 2017-09-22 23:53:27 +02:00
aszlig a75265924f
nixos/tests/virtualbox: Fix netcat invocation
This is a backwards-incompatibility in netcat-openbsd introduced due to
bumping the netcat version to 1.130 in
a72ba661ac.

Version 1.130 no longer exits on EOF but now needs to be passed the -N
flag in order to exit on EOF.

The upstream change reads[1] like this:

  Don't shutdown nc(1)'s network socket when stdin closes. Matches
  *Hobbit*'s original netcat and GNU netcat; revert to old behaviour
  with the new -N flag if needed. After much discussion with otto
  deraadt tedu and Martin Pelikan.  ok deraadt@

Here is the diff of this change:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/netcat.c.diff?r1=1.110&r2=1.111&f=h

[1]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/netcat.c?rev=1.111&content-type=text/x-cvsweb-markup

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-21 03:49:46 +02:00
Franz Pletz 406c7a0731 Merge pull request #29521 from aneeshusa/ease-radicale-upgrade
Ease radicale upgrade
2017-09-18 23:13:53 +02:00
WilliButz 9198ad65ef tests: add initrd-network-ssh test
starts two VMs:
- one with dropbear listening from initrd,
  waiting for a file
- another connecting via ssh, creating the file
2017-09-18 19:51:46 +02:00
Aneesh Agrawal 28c2cea847 radicale: Test migration functionality
This also provides an example of how to migrate.
2017-09-18 09:11:36 -07:00
WilliButz 0b2d9bbbd2 nixos/tests: add grafana test (#29531) 2017-09-18 16:59:50 +02:00
Franz Pletz b179908414
nixos/networking: network is online if default gw set
Previously services depending on network-online.target would wait until
dhcpcd times out if it was enabled and a static network address
configuration was used. Setting the default gateway statically is enough
for the networking to be considered online.

This also adjusts the relevant networking tests to wait for
network-online.target instead of just network.target.
2017-09-18 14:51:38 +02:00
Maximilian Güntner 44475cae27 tests: ipfs: enable autoMount tests 2017-09-18 00:05:35 -07:00
aszlig 3ba2095a42
nixos/dovecot: Fix createMailUser implementation
This option got introduced in 7904499542
and it didn't check whether mailUser and mailGroup are null, which they
are by default.

Now we're only creating the user if createMailUser is set in conjunction
with mailUser and the group if mailGroup is set as well.

I've added a NixOS VM test so that we can verify whether dovecot works
without any additional options set, so it serves as a regression test
for issue #29466 and other issues that might come up with future changes
to the Dovecot service.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #29466
Cc: @qknight, @abbradar, @ixmatus, @siddharthist
2017-09-17 04:57:20 +02:00
Joachim F 8ceb209830 Merge pull request #29462 from joachifm/trivial-misc-tests
nixos/tests: move kernel-params & sysctl test to misc
2017-09-16 19:51:58 +00:00
Joachim Fasting 586d04c588
nixos/tests: expand hardened tests 2017-09-16 13:14:07 +02:00
Joachim Fasting ffd56ba4f6
nixos/tests: move kernel-params test to misc 2017-09-16 12:45:28 +02:00
Joachim Fasting c85cf60c83
nixos/tests: move sysctl test to misc 2017-09-16 12:45:23 +02:00
aszlig b5fbb4f362
nixos/tests/acme: Use overridePythonAttrs
Quoting from @FRidh:

  Note overridePythonAttrs exists since 17.09. It overrides the call to
  buildPythonPackage.

While it's not strictly necessary to do this, because postPatch ends up
in drvAttrs anyway, it's probably better to use overridePythonAttrs so
we don't run into problems when the underlying implementation of
buildPythonPackage changes.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-14 23:18:52 +02:00
André-Patrick Bubel 58374fbaf3
Test opening encrypted filesystem with keyfile
Checks for regression of missing cryptsetup, when no luks device without
keyfile is configured
2017-09-14 04:20:15 +02:00
aszlig 01fffd94e5
nixos/tests/acme: Patch certifi with cacert
Since 67651d80bc the requests package now
depends on certifi, which in turn provides the CA root certificates that
we need to replace.

It might also be a good idea to actually patch certifi with our version
of cacert by default so that if we want to override and/or add something
we only need to do it once.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @fpletz, @k0ral, @FRidh
2017-09-13 23:16:43 +02:00
aszlig bda38317eb
nixos/tests/letsencrypt: Fix nginx options
The enableSSL option has been deprecated in
a912a6a291, so we switch to using onlySSL.

I've also explicitly disabled enableACME, because this is the default
and we don't actually want to have ACME enabled for a host which runs an
actual ACME server.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:40 +02:00
aszlig 11b3ae74e1
nixos/tests: Add a basic test for ACME
The test here is pretty basic and only tests nginx, but it should get us
started to write tests for different webservers and different ACME
implementations.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:37 +02:00
aszlig b3162a1074
nixos/tests: Add common modules for letsencrypt
These modules implement a way to test ACME based on a test instance of
Letsencrypt's Boulder service. The service implementation is in
letsencrypt.nix and the second module (resolver.nix) is a support-module
for the former, but can also be used for tests not involving ACME.

The second module provides a DNS server which hosts a root zone
containing all the zones and /etc/hosts entries (except loopback) in the
entire test network, so this can be very useful for other modules that
need DNS resolution.

Originally, I wrote these modules for the Headcounter deployment, but
I've refactored them a bit to be generally useful to NixOS users. The
original implementation can be found here:

https://github.com/headcounter/deployment/tree/89e7feafb/modules/testing

Quoting parts from the commit message of the initial implementation of
the Letsencrypt module in headcounter/deployment@95dfb31110:

    This module is going to be used for tests where we need to
    impersonate an ACME service such as the one from Letsencrypt within
    VM tests, which is the reason why this module is a bit ugly (I only
    care if it's working not if it's beautiful).

    While the module isn't used anywhere, it will serve as a pluggable
    module for testing whether ACME works properly to fetch certificates
    and also as a replacement for our snakeoil certificate generator.

Also quoting parts of the commit where I have refactored the same module
in headcounter/deployment@85fa481b34:

    Now we have a fully pluggable module which automatically discovers
    in which network it's used via the nodes attribute.

    The test environment of Boulder used "dns-test-srv", which is a fake
    DNS server that's resolving almost everything to 127.0.0.1. On our
    setup this is not useful, so instead we're now running a local BIND
    name server which has a fake root zone and uses the mentioned node
    attribute to automatically discover other zones in the network of
    machines and generate delegations from the root zone to the
    respective zones with the primaryIPAddress of the node.

    ...

    We want to use real letsencrypt.org FQDNs here, so we can't get away
    with the snakeoil test certificates from the upstream project but
    now roll our own.

    This not only has the benefit that we can easily pass the snakeoil
    certificate to other nodes, but we can (and do) also use it for an
    nginx proxy that's now serving HTTPS for the Boulder web front end.

The Headcounter deployment tests are simulating a production scenario
with real IPs and nameservers so it won't need to rely on
networking.extraHost. However in this implementation we don't
necessarily want to do that, so I've added auto-discovery of
networking.extraHosts in the resolver module.

Another change here is that the letsencrypt module now falls back to
using a local resolver, the Headcounter implementation on the other hand
always required to add an extra test node which serves as a resolver.

I could have squashed both modules into the final ACME test, but that
would make it not very reusable, so that's the main reason why I put
these modules in tests/common.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:33 +02:00
Tim Steinbach 84e34d4d5d
tests: xmonad less dependent on timings 2017-09-09 10:07:34 -04:00
Tim Steinbach 024b501907
tests: Fix hibernate 2017-09-06 22:01:48 -04:00
Tim Steinbach 7faad2dce8 Merge pull request #29040 from NeQuissimus/tests_sys
More basic system tests
2017-09-06 15:04:10 -04:00