From commit b63f65aea0:
I used tmpfiles.d instead of activation snippets to create the logs.
It's good enough for upstream and other distros; it's probably good
enough for us.
The "reboot-wtmp" subtest fails because it it assumes that there is a
reboot record even on the initial boot. This is only the case if wtmp is
created within the activation script, but the implementation now uses
tmpfiles.d, so the creation of the file is done at a much later stage.
Apart from that, if you think about the state after the installation as
"first boot", using the term "reboot" wouldn't probably make sense
either.
So in our subtest, we now reboot the machine and check the wtmp record
afterwards as we did before.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @edolstra, @jameysharp, @Mic92
The socket activation I added to the rspamd module doesn't actually work
and can't be made to work without changes to rspamd.
See: #47421
See: rspamd/rspamd#2035
The test failed on Hydra in one instance because a request to the
server was sent before indexing was finished.
Retry the request until it succeeds (or times out).
The test failed in one run on Hydra, logs look like
dhcpcd changed ipv6 routing at just the wrong time.
Disable dhcpcd. It's not needed, the test uses static IPs anyway.
Test didn't run because it tried to create a VM with 4096M RAM
but qemu-system-i386 has a hard 2047M memory limit.
- reduce memory to 2047M on i686.
- increase timeout 300s -> 1800s because the tests are much slower
on i686 and timed out.
The `pkgs.yabar` package is relatively old (2016-04) and contains
several issues fixed on master. `yabar-unstable` containsa recent master
build with several fixes and a lot of new features (I use
`yabar-unstable` for some time now and had no issues with it).
In the upstream bugtracker some bugs could be fixed on ArchLinux by
simply installing `yabar-git` (an AUR package which builds a recent
master).
To stabilize the module, the option `programs.yabar.package` now
defaults to `pkgs.yabar-unstable` and yields a warning with several
linked issues that are known on `pkgs.yabar`.
The test has been refactored as well to ensure that `yabar` actually
starts (and avoid non-deterministic random success) and takes a
screenshot of a very minimalistic configuration on IceWM.
Fixes#46899
This attempts to improve stability of the test by using existing
services for miniupnpd and transmission.
It also uses explicit addresses for the network interfaces so that the
external IP addresses are valid internet addresses (thus fixing
validation problems from upnpc).
Also disable eth0 from being used to transfer torrents over without that
being the intention.
A sporadic failure occured on Hydra because a request was sent
to smtpd after the systemd unit was started, but before the daemon
was actually listening. Fix by checking for open ports first.
A sporadic failure occured on Hydra because a request was sent
to the daemon after the systemd unit was started, but before the
daemon was actually listening. Fix by checking for open port first.
Generated reverse path filtering rules for the macvlan interface
seem to be incorrect, causing the test to fail - sometimes or always,
depending on the dhcpcd version used.
- Disable reverse path checking temporarily to avoid blocking the channel
- Print more diagnostic information for debugging
The switch to lightdm as default display manager in #30890
broke eval of the flatpak test. Since the test uses the
auto display manager (lightdm), gdm must now be explicitly disabled.
Since 1b11fdd0df the test VM
depends on some extra packages to build the system to be installed.
This broke the installer test as it tried to download/build these
packages in a sandbox.
Switch from slim to lightdm as the display-manager.
If plasma5 is used as desktop-manager use sdddm.
If gnome3 is used as desktop-manager use gdm.
Based on #12516
The wallpaper used is *structurally compatible* with the other one,
meaning that the logo is at the same location, and not bigger.
It has one drawback: the logo is brighter, which clashes with the grub
usage. This is to be fixed with new options in grub.
The test sporadically failed on hydra when a request was made
before the service was actually listening on its port.
Explicitly wait for the port to open.
Since matrix-synapse 0.33.0 underscores in server names are rejected
by server name validation, causing the test to fail:
valueError: Server name 'server_sqlite' contains invalid characters
Relevant upstream change:
546bc9e28b
- wait for node to listen before starting munin-cron
- increase timeout for munin-cron startup
- disable a failing plugin to remove irrelevant error message
This bumps Hydra to the latest revision available. As Hydra doesn't have
a release model (and therefore no tags) ATM, the derivation will pin
against the actual git revision and the date of the commit in the
derivation name.
Additionally the following changes have been made:
* Dropped `postUnpack` phase. It is useful when working with the Hydra
source (and no dirty changes shall be used in `release.nix`, but is has
no use in `nixpkgs`).
* Added myself as maintainer to have more folks available in case of
future breakage.
* Implemented support for Nix 2.0 and `unstable` (currently 2.1):
Since 1672bcd230447f1ce0c3291950bdd9a662cee974 in NixOS/nix the
evaluator differentiates between `settings` and `evalSettings`.
Previously `restrictEval` in `hydra-eval-jobs.cc` has been set in
`settings`, this doesn't work anymore in Nix 2.1 and is therefore
incompatible to Nix 2.0 on an API level.
To resolve this, the flag `isGreaterNix20` parses the version string
of `pkgs.nix` and applies a patch if nix.version<=2.0.
Furthermore the Hydra build with Nix 2.1 requires `boost` as build input
which is not needed for Nix 2.0. To avoid unnecessary increase in the
closure size this library will only used as build input for
nix.version>2.0.
* Fixed the NixOS test for `hydra`:
disabled binary cache to allow sandbox builds (otherwise it would
query `cache.nixos.org` during the Hydra build inside the test).
Additionally the trivial.nix jobset required simplification (as done
in NixOS/hydra, e.g. tests/api-test.nix) as bash is not available in
the build sandbox as builder (even when adding pkgs.bash to
systemPackages).
The easiest workaround to confirm a the functionality of a jobset
without importing nixpkgs is to use the default shell /bin/sh which
is mounted from `pkgs.busybox` into the build env
(https://github.com/NixOS/nixpkgs/pull/44841#discussion_r209751972) in the
VM and a named pipe to create $out.
Closes#44044
Since a9d69a74d6, the passphrase prompt
now no longer starts with "Enter passphrase for" but now it's just
"Passphrase for", which causes the luksroot installer test to fail.
I've tested this on a x86_64-linux machine and the test now succeeds.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @oxij, @samueldr
Issue: #29441
The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).
Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.
This allows the web files to be owned by root without patching.
- based on module originally written by @srhb
- complies with available options in cfssl v1.3.2
- uid and gid 299 reserved in ids.nix
- added simple nixos test case
Fixes#30891
* Upgrade `graphite-web`, `carbon` and `whisper` from 1.0.2 -> 1.1.3.
* Replaced the deprecated `pythonPackages.graphite_influxdb` with
`pythonPackages.influxgraph.`
* Renamed `pythonPackages.graphite_web` to `pythonPackages.graphite-web`
to be consistent with the Python package name.
* Replaced the unmaintained `pythonPackages.graphite_pager` with
`pythonPackages.graphitepager`
* Moved all new packages from `python-packages.nix` to
`pkgs/development/python-modules`
Since 4f6df27aee, nix.useSandbox defaults
to true which causes the Nix build within the containers-imperative test
to fail while trying to hardlink files into the chroot:
link("/nix/store/foo", "/nix/store/bar.drv.chroot/nix/store/foo")
= -1 EPERM (Operation not permitted)
The reason this happens is that the hosts store is mounted using 9p and
an overlayfs is mounted on top, so even if we would disable the tmpfs
for the upper directory the hardlink would still cross filesystem
boundaries, which then fails with the above error code.
I haven't yet seen any other test which fails in a similar way, which
might be because building within VM tests is not very common and the
installer tests build in a separate store, so they're not affected.
Signed-off-by: aszlig <aszlig@nix.build>
Issue: https://github.com/NixOS/nix/issues/2324
Cc: @aristidb, @edolstra, @chaoflow, @kampfschlaefer
* The ELK stack is upgraded to 6.3.2.
* `elasticsearch6`, `logstash6` and `kibana6` now come with X-Pack which is
a suite of additional features. These are however licensed under the unfree
"Elastic License".
* Fortunately they also provide OSS versions which are now packaged
under: `elasticsearch6-oss`, `logstash6-oss` and `kibana6-oss`.
Note that the naming of the attributes is consistent with upstream.
* The test `nix-build nixos/tests/elk.nix -A ELK-6` will test the OSS
version by default. You can also run the test on the unfree ELK using:
`NIXPKGS_ALLOW_UNFREE=1 nix-build nixos/tests/elk.nix -A ELK-6 --arg enableUnfree true`
This reverts commit 095fe5b43d.
Pointless renames considered harmful. All they do is force people to
spend extra work updating their configs for no benefit, and hindering
the ability to switch between unstable and stable versions of NixOS.
Like, what was the value of having the "nixos." there? I mean, by
definition anything in a NixOS module has something to do with NixOS...
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.
Misc...
- qtikz: use libsForQt5.callPackage
This ensures we get the right poppler.
- rewrites:
docbook5_xsl -> docbook_xsl_ns
docbook_xml_xslt -> docbook_xsl
diffpdf: fixup
In 0c7c1660f7 I have set allowSubstitutes
to false, which avoided the substitution of the certificates.
Unfortunately substitution may still happen later when the certificate
is merged with the CA bundle. So the merged CA bundle might be
substituted from a binary cache but the certificate itself is built
locally, which could result in a different certificate in the bundle.
So instead of adding just yet another workaround, I've now hardcoded all
the certificates and keys in a separate file. This also moves
letsencrypt.nix into its own directory so we don't mess up
nixos/tests/common too much.
This was long overdue and should finally make the dependency graph for
the ACME test more deterministic.
Signed-off-by: aszlig <aszlig@nix.build>
Since e95f17e272, Go packages no longer
contain the source tree, however Boulder seems to need that as it
generates a few files during build.
Ideally we would only pick the files that are needed and put it into a
separate output, but I currently don't have time for this so I'm marking
this with XXX to get back to it later.
Signed-off-by: aszlig <aszlig@nix.build>