Commit Graph

562 Commits

Author SHA1 Message Date
Bas van Dijk
308c09d41f wordpress: security upgrade: 4.7.2 -> 4.7.3 & other improvements (#23837)
* Moved the wordpress sources derivation to the attribute pkgs.wordpress. This
  makes it easier to override.

* Also introduce the `package` option for the wordpress virtual host config which
  defaults to pkgs.wordpress.

* Also fixed the test in nixos/tests/wordpress.nix.
2017-03-14 16:11:51 +01:00
Jörg Thalheim
41625dcab6
pump.io: fix tests
fixes #23568
2017-03-12 16:01:07 +01:00
Profpatsch
22c265182f networking/bonds: fix examples
After the change of the bonding options, the examples were not quite correct.
The diff is over-the top because the new `let` needs everything indented.

Also add a small docstring to the `networkd` attr in the networking test.
2017-03-08 04:54:17 +01:00
Fernando J Pando
9f062c2c0b buildbot: 0.9.3 -> 0.9.4
- adds jwt
- adds module tests
- master.cfg as path in module
- fix systemd worker config
- builds on darwin
- tested on nixos
2017-03-07 00:45:37 +01:00
Joachim Schiele
f8ad48ea1d nixos/tests/leaps.nix: fixed race condition 2017-03-06 21:33:21 +01:00
Thomas Tuegel
60817e4715
nixos/tests/trac: fix renaming warning 2017-03-03 07:26:51 -06:00
Thomas Tuegel
e7b0b2bb66
nixos/tests/phabricator: fix renaming warning 2017-03-03 07:26:17 -06:00
Thomas Tuegel
dcee54c935
nixos/tests/plasma5: fix test name 2017-03-03 07:25:45 -06:00
Thomas Tuegel
0da421ce17
nixos/tests: fix Plasma 5 test 2017-03-02 07:01:42 -06:00
Nikolay Amiantov
a6c6d08430 samba test: fix race condition 2017-03-01 03:16:35 +03:00
Dan Peebles
6018cf4a69 amazon-init.service: fix starting services at startup
We now make it happen later in the boot process so that multi-user
has already activated, so as to not run afoul of the logic in
switch-to-configuration.pl. It's not my favorite solution, but at
least it works. Also added a check to the VM test to catch the failure
so we don't break in future.

Fixes #23121
2017-02-27 16:51:36 +00:00
Tomasz Czyż
0b27c74eb2 pgjwt: init at 0.0.1 (#22644) 2017-02-26 11:14:32 +01:00
Jörg Thalheim
5b14e91717 Merge pull request #22822 from Mic92/iputils
iputils: 20151218 -> 20161105
2017-02-22 00:37:13 +01:00
aszlig
5af8b120a6
nixos/tests/taskserver: Add test for manual config
This subtest actually serves two purposes:

  1. Test manual PKI configuration
  2. Test changing of configuration files

In order to only test manual PKI configuration it would have been enough
to just add another server with a manual config.

But as the switch from automatic PKI config to manual config is probably
one of the most fundamental changes in configuration, so it serves
*very* well to also check whether changes in the NixOS configuration
actually have an impact in the real system.

So instead of adding another server, we now create a dummy "newServer"
machine, which is the new configuration for "server" and use
switch-to-configuration to switch "server" to the config of "newServer".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-02-17 19:46:01 +01:00
Jörg Thalheim
fd78ff23f7
replace ping6 with ping
reason: after the upgrade of iputils from 20151218 to 20161105
functionality of ping6 and tracepath6 was merged into ping and tracepath.

Ping is now mostly a drop-in replacment for ping6, except that selecting a
specific interface is done by encoding it into the address (ex.: fe80::1%eth0)
rather then specifing it with the `-I` flag.
2017-02-17 16:04:49 +01:00
Profpatsch
9debdaf512 networking.bonds: add support for arbitrary driverOptions
Until now the four attributes available very selectively provided a small
subset, while copying upstream documentation.

We make driver options an arbitrary key-value set and point to kernel
documentation, which is always up-to-date. This way every option can be set.
The four already existing options are deprecated with a warning.
2017-02-16 21:24:40 +01:00
Ian-Woo Kim
b7a24e0a2b nixos-container: added test for port forwarding ( nixos/tests/containers-portforward.nix ) 2017-02-15 05:12:46 +01:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Graham Christensen
96d767de62
pam_oath: require OATH and pam_unix credentials to be valid 2017-02-12 18:27:11 -05:00
Graham Christensen
3cec7d10df
kdm: drop service 2017-02-11 13:55:09 -05:00
Graham Christensen
b12564cc1b
nixos: update default cases from KDM/KDE4 to SDDM/KDE5 2017-02-09 21:52:00 -05:00
Joachim Fasting
28b5cc7dca
grsecurity test: adapt to changes in tinycc outputs 2017-02-09 16:23:04 +01:00
aszlig
cd10e3c4ff
nixos/tests/chromium: Run tests as normal user
The tests have failed because Chromium has started up displaying the
following error message in a dialog window:

  Chromium can not be run as root.

  Please start Chromium as a normal user. If you need to run as root for
  development, rerun with the --no-sandbox flag.

So let's run as user "alice" and pass all commands using the small
helper function "ru" (to keep it short, it's for "Run as User").

Tested it by running the "stable" test on x86_64-linux.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: @globin
2017-02-07 07:36:56 +01:00
Nikolay Amiantov
6812c7001c nfs tests: fix nfs server unit name 2017-02-05 12:41:21 +03:00
Damien Cassou
58dc8e3024
Remove myself from maintainers 2017-01-31 11:00:14 +01:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer
025555d7f1
More fixes and improvements 2017-01-26 00:05:40 -08:00
Robin Gloster
5de731c853
tests.bittorrent: use a file instead of a directory
nixUnstable.src is a directory, which made cp fail without -r
2017-01-26 02:44:05 +01:00
Robin Gloster
b79fa22b7a
tests.installer: rely on swap.target in tests
fixes #5258
2017-01-25 17:00:13 +01:00
Franz Pletz
2d9152d509
nixos/tests/nat: add test for conntrack helper autoloading 2017-01-25 01:14:05 +01:00
Franz Pletz
8322a12ef2
firewall: disable conntrack helper autoloading by default
This was disabled in the Linux kernel since 4.7 and poses a security risk
if not configured properly.

https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=486dcf43da7815baa615822f3e46883ccca5400f
2017-01-25 01:14:04 +01:00
Charles Strahan
d298a961f1 Merge pull request #21416 from cstrahan/mesos-1.1.0
mesos: 1.0.1 -> 1.1.0
2017-01-21 19:05:18 -05:00
Nikolay Amiantov
70a6628848 Merge pull request #21882 from abbradar/dhcp6
DHCPv6 improvements
2017-01-15 19:53:33 +03:00
Nikolay Amiantov
86755d923b networking test: test IPv6 with RA and DHCPv6 2017-01-15 19:53:17 +03:00
Maarten Hoogendoorn
9f892de069 kubernetes vm test: make dig and netcat available
Dig could not be found in the test cases. Adding it as a global package
fixes this.
2017-01-15 13:28:16 +01:00
Antoine Eiche
165089f9d7 nixos/glance: add test
The test starts the glance service, creates a nixos image and ensures Glance
list it.

Note the test also starts the Keystone service since it is required
by Glance.
2016-12-31 09:36:57 +01:00
Charles Strahan
7ebcada020
mesos: 1.0.1 -> 1.1.0 2016-12-29 20:09:46 -05:00
Graham Christensen
bf659128a0
openssh: test that startWhenNeeded works 2016-12-29 17:04:52 -05:00
Eelco Dolstra
bb0ce819b3
nixos/tests/gnome3.nix: Speed up test
It turns out that "journalctl -f | grep -m 1 pattern" will block for
one more line after "pattern" appears, which can take a long time.
2016-12-29 16:23:31 +01:00
Jörg Thalheim
c23032a8b1 docker: update service units from upstream
All the new options in detail:

Enable docker in multi-user.target make container created with restart=always
to start. We still want socket activation as it decouples dependencies between
the existing of /var/run/docker.sock and the docker daemon. This means that
services can rely on the availability of this socket. Fixes #11478 #21303

  wantedBy = ["multi-user.target"];

This allows us to remove the postStart hack, as docker reports on its own when
it is ready.

  Type=notify

The following will set unset some limits because overhead in kernel's ressource
accounting was observed. Note that these limit only apply to containerd.
Containers will have their own limit set.

  LimitNPROC=infinity
  LimitCORE=infinity
  TasksMax=infinity

Upgrades may require schema migrations. This can delay the startup of dockerd.

  TimeoutStartSec=0

Allows docker to create its own cgroup subhierarchy to apply ressource limits on
containers.

  Delegate=true

When dockerd is killed, container should be not affected to allow
`live restore` to work.

  KillMode=process
2016-12-23 21:39:38 +01:00
Eelco Dolstra
2c03037450
Work around slowness in the KDE 5 test
The use of unionfs-fuse (57a0f140643cde409022e297ed05e05f8d34d778)
slows down the KDE 5 test enough that it hits Hydra timeouts. (E.g. on
my laptop it went from ~5 min to ~30 min.) So disable it for the KDE
test.

http://hydra.nixos.org/build/45127422
(cherry picked from commit 3fcbcf25568cd629644a680562f47762d1ae15b2)
2016-12-21 19:30:35 -05:00
Bjørn Forsman
3fb785b0ad nixos: unbreak prometheus test
target_groups was renamed to static_configs in d459916504
("prometheus service: rename values to match prometheus 1.0 naming.").
Catch up.
2016-12-20 23:26:51 +01:00
aszlig
02a9da65c9
nixos: Disable OCR for tests that do not use it
Found out during testing of the Tesseract upgrade the kde5 and sddm
tests don't actually use OCR, so let's disable support for it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @ttuegel
2016-12-19 22:25:42 +01:00
Antoine Eiche
086e5d09a1 nixos/keystone: add test in release.nix 2016-12-16 20:53:32 +01:00
Antoine Eiche
a932f68d9c nixos/keystone: secrets can be read from files
A secret can be stored in a file. It is written at runtime in the
configuration file.
Note it is also possible to write them in the nix store for dev
purposes.
2016-12-16 20:53:32 +01:00
Antoine Eiche
415c9ff90b nixos/keystone: init at liberty version
This commit introduces a nixos module for the Openstack Keystone
service. It also provides a optional bootstrap step that creates some
basic initial resources (tenants, endpoints,...).

The provided test starts Keystone by enabling bootstrapping and checks
if user creation works well.

This commit is based on initial works made by domenkozar.
2016-12-16 20:53:32 +01:00
Joachim Fasting
64a64c6b14
grsecurity test: refactoring 2016-12-13 15:12:11 +01:00
montag451
ea5551b551 containers: fix broken /etc/hosts entries when localAddress contains a netmask 2016-12-12 09:20:28 +01:00