Commit Graph

1116 Commits

Author SHA1 Message Date
aszlig
3e11ff6e0d
nixos/dhparams: Introduce a 'stateful' option
This option allows us to turn off stateful generation of Diffie-Hellman
parameters, which in some way is still stateful as the generated DH
params file is non-deterministic.

However what we can avoid with this is to have an increased surface for
failures during system startup, because generation of the parameters is
done during build-time.

Another advantage of this is that we no longer need to take care of
cleaning up the files that are no longer used and in my humble opinion I
would have preferred that #11505 (which puts the dhparams in the Nix
store) would have been merged instead of #22634 (which we have now).

Luckily we can still change that and this change gives the user the
option to put the dhparams into the Nix store.

Beside of the more obvious advantages pointed out here, this also
effects test runtime if more services are starting to use this (for
example see #39507 and #39288), because generating DH params could take
a long time depending on the bit size which adds up to test runtime.

If we generate the DH params in a separate derivation, subsequent test
runs won't need to wait for DH params generation during bootup.

Of course, tests could still mock this by force-disabling the service
and adding a service or activation script that places pre-generated DH
params in /var/lib/dhparams but this would make tests less readable and
the workaround would have to be made for each test affected.

Note that the 'stateful' option is still true by default so that we are
backwards-compatible with existing systems.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Ekleog, @abbradar, @fpletz
2018-04-26 08:04:50 +02:00
aszlig
761266bd18
nixos/dhparams: Turn params into a submodule
We're going to implement an option which allows us to turn off stateful
handling of Diffie-Hellman parameter files by putting them into the Nix
store.

However, modules now might need a way to reference these files, so we
add a now path option to every param specified, which carries a
read-only value of the path where to find the corresponding DH params
file.

I've also improved the description of security.dhparams.params a bit so
that it uses <warning/> and <note/>.

The NixOS VM test also reflects this change and checks whether the old
way to specify the bit size still works.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Ekleog
2018-04-26 08:04:48 +02:00
aszlig
4de774a63b
nixos/dhparams: Add a VM test
We're going to make changes to the dhparams module so we really want to
make sure we don't break it, so having a NixOS VM test is to make sure
we don't blow things up and can iterate on it.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Ekleog
2018-04-26 08:04:45 +02:00
Matthew Justin Bauer
e4d2d32a32
Merge pull request #33679 from flokli/deluge-module
Deluge: use mkEnableOption, add test
2018-04-25 14:54:34 -05:00
Jan Tojnar
ad589329e7
nixos/release.nix: add tests.gdk-pixbuf 2018-04-25 18:37:44 +02:00
Sarah Brofeldt
25abc29f47
Merge pull request #39473 from xeji/update-keymap-test
nixos/tests/keymap: wait for xdotool to succeed
2018-04-25 11:17:53 +02:00
xeji
6891bda370 nixos/tests/keymap: wait for xdotool to succeed
xdotool failed in rare cases when a window was already created
but not yet decorated by the window manager.
also prevent a (never observed but possible) race condition
2018-04-25 10:16:52 +02:00
Peter Hoeg
45f1205bab
Merge pull request #39304 from peterhoeg/f/ha
home-assistant: add a few knobs and make config YAML
2018-04-25 01:35:12 +00:00
Sarah Brofeldt
65abd2e63f
Merge pull request #39400 from xeji/improve-keymap-tests
nixos/tests/keymap: improve keymap tests
2018-04-24 11:49:53 +02:00
xeji
84a6e18947 nixos/tests/keymap: improve keymap tests
simplify tests, prevent timeouts and non-deterministic failures
2018-04-24 11:13:48 +02:00
Peter Hoeg
b886faa6b6 home-assistant: use remarshal to convert configuration to YAML
HA doesn't mind the configuration being JSON instead of YAML but since YAML is
the official language, use that as it allows users to easily exchange config
data with other parties in the community.
2018-04-23 16:53:13 +08:00
Matthew Justin Bauer
e4717c902f
Merge pull request #27958 from LumiGuide/strongswan-swanctl
nixos: add the strongswan-swanctl service
2018-04-21 15:47:39 -05:00
Jörg Thalheim
dc0653f54f
Merge pull request #38816 from Ekleog/dovecot-lda-test
dovecot module: test dovecot's LDA
2018-04-21 19:55:23 +01:00
Jörg Thalheim
bf6998bdfa
Merge pull request #39297 from xeji/tests/gnome3-gdm
nixos/tests/gnome3-gdm: fix broken test
2018-04-21 11:40:52 +01:00
xeji
4c14202bd1 nixos/tests/gnome3-gdm: fix broken test
test always failed due to multiple bugs
2018-04-21 12:09:30 +02:00
Matthew Justin Bauer
6b11a5ff13
Merge pull request #38979 from xeji/tests-systemd
nixos/tests/systemd: fix broken test
2018-04-20 18:04:12 -05:00
aszlig
a9cd8ef23e
nixos/tests/containers-imperative: Fix eval
The commit c6f7d43678 changed the system
attribute to be below config.nixpkgs.localSystem, but the test still
uses the old attribute.

I have not tested whether the test actually succeeds but just checked
whether evaluation works and it evaluates successfully now.

Signed-off-by: aszlig <aszlig@nix.build>
2018-04-20 12:25:04 +02:00
xeji
9d5af5871d nixos/test/systemd: fix broken test
timing bug resulted in sporadic test failures on hydra
2018-04-16 00:43:33 +02:00
Daiderd Jordan
d538fc06e2
docker-tools: add a test for permissions issues with AUFS/overlay
docker# [   11.054736] d24d6cdd57c9[763]: /bin/bash: error while loading
shared libraries: libreadline.so.7: cannot open shared object file:
Permission denied
docker# /bin/bash: error while loading shared libraries:
libreadline.so.7: cannot open shared object file: Permission denied
docker: exit status 127
docker: output:
error: command `docker run --rm -u 1000:1000 bash /bin/bash --version'
did not succeed (exit code 127)
command `docker run --rm -u 1000:1000 bash /bin/bash --version' did not
succeed (exit code 127)
2018-04-14 14:11:14 +02:00
Tim Steinbach
0625f77256
Fix kernel-copperhead test 2018-04-13 09:02:26 -04:00
Florian Klink
fe840cd333 deluge: add test 2018-04-13 10:30:22 +02:00
Léo Gaspard
4fddb8b9c3
dovecot module: test dovecot's LDA
That's apparently not enough to catch the bug I ran into with the update
to 2.3.1, but at least it will check the LDA appears to work.
2018-04-12 01:35:14 +02:00
Michael Raskin
c78c764547 nixos/tests.chromium: actually notice the tab crash
Argh, debugging NixOS tests takes forever…

(cherry picked from commit 1afb6e790a6a28a4fc5f310a2b0e5e012eb416fd)
2018-04-09 13:21:53 +02:00
Maximilian Bosch
50a34e55b2
nixos/iftop: add module
This patch is heavily inspired by bd0d8ed807 which added
a setcap wrapper for `mtr` in order to allow running `mtr` without
`sudo`. The need for the capability `cap_net_raw` that can be registered using
`setcap` has been documented in the Arch Wiki: https://wiki.archlinux.org/index.php/Capabilities#iftop

A simple testcase has been added which starts two machines, one with a
setcap wrapper for `iftop`, one without. Both testcases monitor the
bandwidth usage of the machine using the options `-t -s 1` once, the
machine with setcap wrapper is expected to succeed, the `iftop` on the
machine without setcap wrapper is expected to return a non-zero exit
code.
2018-04-07 15:06:51 +02:00
Corey O'Connor
d0d05024d1 nixos/transmission: add basic nixos test 2018-04-05 22:07:49 +02:00
Charles Strahan
5c066e2bba
Merge pull request #37218 from cstrahan/kube-test-fix
nixos: kubernetes fixes
2018-04-04 19:14:48 -04:00
Tuomas Tynkkynen
bbc80227ab nixos/tests/openldap: Fix name 2018-04-04 18:26:41 +03:00
Vladimír Čunát
75e4d3f2f0
nixos.tests.containers-imperative: fix impurity failure
I can't claim to fully understand this, but the change seems safe,
and it fixes the test on my machine.
2018-04-02 11:40:46 +02:00
Jörg Thalheim
0526d015b6 nixos/containers-physical_interfaces: use new bond option interface 2018-03-31 19:01:10 +01:00
Charles Strahan
709b6f664e
nixos: kubernetes fixes
* Fix reference CNI plugins
  * The plugins were split out of the upstream cni repo around version
    0.6.0

* Fix RBAC and DNS tests
  * Fix broken apiVersion fields
  * Change plugin linking to look in ${package}/bin rather than
    ${package.plugins}

* Initial work towards a working e2e test
  * Test still fails, but at least the expression evaluates now

Continues @srhb's work in #37199

Fixes #37199
2018-03-30 17:33:45 -04:00
Franz Pletz
9f3718fe1d
Merge pull request #37507 from xeji/p/test-atd
nixos/tests/atd : remove non-deterministic test of batch command
2018-03-28 06:31:50 +00:00
Tuomas Tynkkynen
d27f7942b7 nixos/tests/misc: Fix on aarch64
The psmouse module is for PS/2 mouse only, which doesn't exist outside
x86. But we can test for the mousedev module just as well which is used
for the '-device usb-tablet' emulated by QEMU.
2018-03-25 18:29:21 +03:00
Tuomas Tynkkynen
3131daace1 nixos/tests/installer: Give eval failure on unsupported boot methods 2018-03-24 16:11:31 +02:00
Matthew Justin Bauer
13051370a5
Merge pull request #36459 from NeQuissimus/zfh_openldap
openldap: Fix test
2018-03-23 14:32:43 -05:00
Robin Gloster
76ea0e1b2e
Merge pull request #32960 from florianjacob/prosody-0.10
Prosody 0.10.0
2018-03-22 14:12:57 +01:00
Tuomas Tynkkynen
e58624a877 nixos/tests: Make simpleUefiGrub test work on AArch64
Needs more refactoring for the AArch64 '-enable-kvm' stuff some day...
2018-03-21 23:19:26 +02:00
Florian Jacob
88f06c5ce9 nixos/prosody: add a basic test 2018-03-21 15:33:58 +01:00
xeji
b08560fb0a nixos/tests/atd : remove test of batch command
"batch" executes jobs based on system load.
test was not deterministic.
2018-03-21 00:58:41 +01:00
Robert Schütz
c484079ac7
Merge pull request #36927 from dotlambda/borg-module
nixos/borgbackup: init
2018-03-19 20:30:32 +01:00
Robert Schütz
fdf0f037be nixos/borgbackup: init 2018-03-19 13:12:47 +01:00
Tim Steinbach
3aa3738bb2 vault: Fix test 2018-03-18 19:15:56 +00:00
Tuomas Tynkkynen
ef64208eba Merge commit '3ab2949' from staging into master
Conflicts:
	pkgs/development/compilers/llvm/6/llvm.nix
	pkgs/servers/home-assistant/component-packages.nix
2018-03-15 22:30:56 +02:00
Graham Christensen
1a1abb383a
Merge pull request #36706 from Ma27/xautolock-testcase
xautolock: implement basic test to confirm functionality
2018-03-13 18:55:04 -04:00
Tuomas Tynkkynen
2fec9c6e29 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/development/tools/build-managers/conan/default.nix
2018-03-13 23:04:18 +02:00
aszlig
ba816ee087
nixos/tests/virtualbox: Work around test failures
I've started digging into the actual cause of the problem a week ago but
didn't continue fixing this.

The reason why the tests are failing is because
torvalds/linux/commit/72f5e08dbba2d01aa90b592cf76c378ea233b00b has
remapped the location of the TSS into the CPU entry area and we did
update our default kernel to version 4.14 in NixOS/nixpkgs@88530e02b6.

Back to VirtualBox: The guru meditation happens in
selmRCGuestTssPostWriteCheck, which I think is only a followup error. I
believe the right location couldn't be determined by VirtualBox and thus
the write check function triggers that panic because it's reading from
the wrong location.

So the actual problem *only* surfaces whenever we use software
virtualization, which we do for our tests because we don't have nested
virtualization available.

Our tests are also for testing the functionality of VirtualBox itself
and not certain kernel versions or kernel features, so for the time
being and until this is fixed, let's actually use kernel version 4.9 for
the guests within the VM tests. Kernel 4.9 didn't have the mentioned
change of the TSS location and thus the tests succeed.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @dtzWill
2018-03-13 22:00:56 +01:00
Maximilian Bosch
4f225f96d5
xautolock: implement basic test to confirm functionality 2018-03-13 21:04:44 +01:00
Antoine Eiche
bc1e8f95d4 tests/docker-tools: add onTopOfPulledImage test 2018-03-13 11:59:22 +01:00
WilliButz
ef90ff2d8e grafana: 5.0.0 -> 5.0.1 2018-03-12 23:37:29 +01:00
Franz Pletz
b0fa004fa9
nixos/tests/containers-tmpfs: fix test name 2018-03-12 22:28:27 +01:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Sarah Brofeldt
df3706c47c nixos/tests/acme: use mail-test-srv tls certs from source 2018-03-08 22:50:26 +01:00
Sarah Brofeldt
bd35580860 nixos/tests/acme: go compat update, unvendor pkcs11 2018-03-08 22:50:26 +01:00
Tim Steinbach
5fbf9dbf9b
openldap: Fix test 2018-03-07 18:13:55 -05:00
aszlig
7f26c1b7fb
nixos/tests/keymap: Remove OCR-friendly SLiM theme
The test doesn't use OCR, so we actually don't need an OCR-friendly
theme here.

Signed-off-by: aszlig <aszlig@nix.build>
2018-03-06 04:25:53 +01:00
Franz Pletz
0f78afdf25
Merge pull request #32248 from awakesecurity/parnell/fetchdocker
Support fetching docker images from V2 registries
2018-03-04 17:10:27 +00:00
Vladimír Čunát
2069a2a002
Merge #35454: nixos/pump.io: remove 2018-03-04 10:49:25 +01:00
Jörg Thalheim
6749f6e26e
Merge pull request #36249 from Ekleog/openldap-module-declarative-contents
Openldap module declarative contents
2018-03-03 19:00:13 +00:00
Jörg Thalheim
b2acbe58b2 nixos/openldap: add test 2018-03-03 18:53:52 +00:00
Vladimír Čunát
b70c93f211
Merge branch 'master' into nix-2.0 2018-03-03 18:02:35 +01:00
aszlig
88530e02b6
systemd: Update to latest NixOS branch
Updated to the latest version of the nixos-v237 branch, which fixes two
things:

  * Make sure that systemd looks in /etc for configuration files.
    https://github.com/NixOS/systemd/pull/15
  * Fix handling of the x-initrd.mount option.
    https://github.com/NixOS/systemd/pull/16

I've added NixOS VM tests for both to ensure we won't run into
regressions. The newly added systemd test only tests for that and is by
no means exhaustive, but it's a start.

Personally I only wanted to fix the former issue, because that's the one
I've been debugging. After sending in a pull request for our systemd
fork (https://github.com/NixOS/systemd/pull/17) I got a notice from
@Mic92, that he already fixed this and his fix was even better as it's
even suitable for upstream (so we hopefully can drop that patch
someday).

The reason why the second one came in was simply because it has been
merged before the former, but I thought it would be a good idea to have
tests for that as well.

In addition I've removed the sysconfdir=$out/etc entry to make sure the
default (/etc) is used. Installing is still done to $out, because those
directories that were previously into sysconfdir now get into
factoryconfdir.

Quote from commit NixOS/systemd@98067cc806:

  By default systemd should read all its configuration from /etc.
  Therefore we rely on -Dsysconfdir=/etc in meson as default value.
  Unfortunately this would also lead to installation of systemd's own
  configuration files to `/etc` whereas we are limited to /nix/store. To
  counter that this commit introduces two new configuration variables
  `factoryconfdir` and `factorypkgconfdir` to install systemd's own
  configuration into nix store again, while having executables looking
  up files in /etc.

Tested this change against all of the NixOS VM tests we have in
nixos/release.nix. Between this change and its parent no new tests were
failing (although a lot of them were flaky).

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Mic92, @tk-ecotelecom, @edolstra, @fpletz
Fixes: #35415
Fixes: #35268
2018-03-03 10:39:38 +01:00
Frederik Rietdijk
810dd0f984 Merge remote-tracking branch 'upstream/master' into HEAD 2018-03-01 20:00:42 +01:00
lejonet
565f22d27a nixos/ceph: init module (#35299)
All 5 daemon types can be enabled and configured through the module and the module both creates the ceph.conf required but also creates and enables specific services for each daemon, based on the systemd service files that upstream provides.
2018-03-01 11:47:13 +00:00
Tuomas Tynkkynen
b8b2225f6b Merge remote-tracking branch 'upstream/master' into staging 2018-03-01 06:09:20 +02:00
Shea Levy
4de72b90f3
nixos: nix.sshServe: Support ssh-ng. 2018-02-28 16:55:00 -05:00
Bas van Dijk
ee95cb8169 strongswan-swanctl: fix test 2018-02-28 11:44:00 +01:00
Bas van Dijk
bd24b3addd nixos: add the strongswan-swanctl service
The strongswan-swanctl systemd service starts charon-systemd. This implements a IKE daemon
very similar to charon, but it's specifically designed for use with systemd. It uses the
systemd libraries for a native integration.

Instead of using starter and an ipsec.conf based configuration, the daemon is directly
managed by systemd and configured with the swanctl configuration backend.

See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd

Note that the strongswan.conf and swantctl.conf configuration files are automatically
generated based on NixOS options under services.strongswan-swanctl.strongswan and
services.strongswan-swanctl.swanctl respectively.
2018-02-28 10:41:54 +01:00
Eelco Dolstra
ceb0a28e8c
Don't try hashed mirrors in the installer test 2018-02-27 20:30:06 +01:00
Eelco Dolstra
9e8cf40c7e
nixos/tests/installer.nix: Don't use a writable store
This is no longer needed.
2018-02-27 20:22:14 +01:00
Eelco Dolstra
cc2eeef4ab
Fix installing the Nixpkgs channel on the installation media
And test that it got installed correctly.
2018-02-27 19:58:23 +01:00
Rodney Lorrimar
21dcead5f0
nixos/pump.io: remove
This would probably be better maintained in a separate repo as an
external NixOS module which gets imported into user's configuration.
2018-02-27 12:52:51 +00:00
Nikolay Amiantov
9c1c424e52 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:51:39 +03:00
Nikolay Amiantov
cc52eff6c6 Revert "cups service: fix client sockets"
This reverts commit cf4c077343.
2018-02-23 18:47:43 +03:00
Nikolay Amiantov
cf4c077343 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:43:51 +03:00
Frederik Rietdijk
d328ba753e
Merge pull request #35243 from FRidh/postgis
postgis: get rid of composableDerivation
2018-02-22 16:49:56 +00:00
Eelco Dolstra
d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0 2018-02-22 17:28:51 +01:00
Vladimír Čunát
1cacfe357b
nixos.tests.boot-stage1: fix missing libelf 2018-02-22 04:04:49 +01:00
Jörg Thalheim
57ad5dc844
Merge pull request #35078 from Mic92/powerdns
powerdns: 4.0.5 -> 4.1.1
2018-02-20 21:49:41 +00:00
Frederik Rietdijk
b2f53c76f8 postgis: get rid of composableDerivation
In this change composableDerivation is removed in favor of
stdenv.mkDerivation.
2018-02-20 22:17:16 +01:00
Will Dietz
f32139cf78 nixos: Add basic test of novacomd 2018-02-20 11:03:49 -06:00
Michael Raskin
10b3f7d356
Merge pull request #27688 from rnhmjoj/routes
nixos/networking-interfaces: make static routes configurable
2018-02-19 14:12:58 +00:00
Vladimír Čunát
8b1cf100cd
Merge #35169: nixos/tests: fix ipv6 test failure 2018-02-19 11:38:16 +01:00
rnhmjoj
a1dc3abf90
nixos/tests: fix test failure due to preferTempAddress changes 2018-02-19 11:31:20 +01:00
Frederik Rietdijk
6e1c714c99
Merge pull request #35084 from dotlambda/home-assistant
nixos/home-assistant: test MQTT configuration
2018-02-18 16:08:56 +00:00
Robert Schütz
772b72a8d7 nixos/home-assistant: test MQTT configuration 2018-02-17 20:43:55 +01:00
rnhmjoj
edc4a1f3e7
nixos/tests: fix random failures of privacy test 2018-02-17 18:07:04 +01:00
Jörg Thalheim
ba27be7955 nixos/powerdns: add test 2018-02-17 16:43:41 +00:00
rnhmjoj
e239c1e582
nixos/tests: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj
c1bed05e34
nixos/networking-interfaces: rename IP addresses/routes options 2018-02-17 14:01:24 +01:00
rnhmjoj
f41111c4da
nixos/tests: add test for static routes 2018-02-17 14:01:23 +01:00
Jörg Thalheim
431c004fbd
Merge pull request #35048 from nlewo/test.dockerTools
nixos.test.dockerTools: add more tests
2018-02-17 10:05:25 +00:00
Joachim F
7bf049a54c
Merge pull request #34492 from rnhmjoj/privacy
nixos/networking-interfaces: add preferTempAddress option
2018-02-17 08:41:23 +00:00
Antoine Eiche
f9bb73f4aa nixos.test.dockerTools: add more tests 2018-02-16 18:24:48 +01:00
Tim Steinbach
87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Jan Tojnar
c6283e6e06
Merge pull request #32751 from jtojnar/fwupd-1.0.2
fwupd: 1.0.1 → 1.0.4
2018-02-15 01:18:38 +01:00
Jan Tojnar
201cc158cb
nixos/fwupd: add test 2018-02-15 01:11:13 +01:00
Jan Tojnar
9857545446
Merge pull request #34979 from jtojnar/gjs-1.50.4
gnome3.gjs: 1.50.2 → 1.50.4
2018-02-14 23:10:07 +01:00
Jan Tojnar
7713889556
nixos/gjs: add test 2018-02-14 22:43:59 +01:00
Sam Parkinson
16fa6f59f7
nixos/plotinus: add module to enable plotinus 2018-02-14 22:25:12 +01:00
Profpatsch
1545f9062e nixos/tests: add simple dockerTools test 2018-02-14 06:36:14 +01:00
Parnell Springmeyer
0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-02-13 17:28:45 -06:00
markuskowa
bf53dc68c2 nixos/rdma-core: add module for soft RoCE and test (#34607) 2018-02-10 07:52:03 +00:00
Franz Pletz
3748f3aac8
Merge pull request #32582 from Ma27/yabar-module
yabar: add module
2018-02-09 18:43:59 +00:00
symphorien
0146074560 nixos/tests: add predictable-interface-names.nix (#34305) 2018-02-09 18:40:39 +00:00
Andreas Rammhold
04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Brian Olsen
908fc5e14b
nixos/rspamd: options for worker configuration and socket activation 2018-02-09 06:19:03 +01:00
Eelco Dolstra
f64a4af328
Fix comments 2018-02-07 19:32:41 +01:00
Eelco Dolstra
df117acab7
ISO images: Initialize the Nix database with correct NAR hashes/sizes
The boot test now runs "nix verify" to ensure that all hashes are
correct.
2018-02-07 16:54:23 +01:00
Eelco Dolstra
5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes 2018-02-07 15:49:02 +01:00
David McFarland
e591f11c25 nixos/tests: add matrix-synapse test 2018-02-04 21:22:55 -04:00
Sarah Brofeldt
bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Brian Olsen
27ee0b9099
nixos/tests: add basic tests for services.rspamd 2018-02-03 20:07:15 +01:00
Frederik Rietdijk
db58049f75
Merge pull request #34494 from dotlambda/home-assistant
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
aszlig
2a09b4275c
nixos/tests/make-test.nix: Fix eval error
Regression introduced by 943592f698.

The lib attribute isn't in scope here, so we need to use pkgs.lib
instead for isFunction.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @shlevy
2018-02-02 17:44:08 +01:00
Shea Levy
43f647e5b4
Merge branch 'dynamic-function-args' 2018-02-02 09:41:16 -05:00
Robert Schütz
78c2ca326e home-assistant: compute extraComponents from config 2018-02-02 09:48:50 +01:00
rnhmjoj
4050c30da2
nixos/tests: add test for temporary IPv6 addresses 2018-02-01 16:29:36 +01:00
Jörg Thalheim
57d72d4140
Merge pull request #34442 from rnhmjoj/virtual
Fix virtualType for network-interfaces-scripted
2018-02-01 10:35:13 +00:00
Frederik Rietdijk
d30735f889
Merge pull request #34188 from dotlambda/home-assistant
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Shea Levy
943592f698
Add setFunctionArgs lib function.
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Robert Schütz
0604c078a8 home-assistant: add NixOS test 2018-01-31 12:34:58 +01:00
rnhmjoj
f1cacaf97c
nixos/tests: add test for virtual interfaces 2018-01-31 05:52:22 +01:00
Tuomas Tynkkynen
3be9d4610f nixos/tests: Drop unnecessary qemu-flags.nix include
None of these files are using anything from there.
2018-01-30 16:57:27 +02:00
Jörg Thalheim
8a5f77ffbc nixos/borgbackup: add test
We had problems to get borg's own test suite running.
This test is intended to perform a quick smoke test to see whether we
have missed not any important dependency necessary to create backups
with borg.

tested with:

$ nix-build nixos/release.nix -A tests.borgbackup.x86_64-linux
2018-01-29 14:14:57 +00:00
Tuomas Tynkkynen
d085af7b7d nixos/tests: Fix statsd test evaluation
Fixes:

error: anonymous function at nixos/tests/statsd.nix:1:25 called with unexpected argument ‘system’, at nixos/tests/make-test.nix:5:41
2018-01-26 23:29:53 +02:00
Jörg Thalheim
dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
Leon Schuermann
f297ddb5c9 sudo: define extra rules in Nix language (#33905) 2018-01-17 14:56:08 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Jörg Thalheim
91ec1f784a
Merge pull request #33755 from srhb/keymap-test-disable-xterm-dm
nixos/tests/keymap: disable xterm DM
2018-01-13 17:03:53 +00:00
Sarah Brofeldt
4488e7c435 nixos/tests/keymap: disable xterm DM 2018-01-11 20:12:49 +01:00
Parnell Springmeyer
e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-01-10 10:13:49 -08:00
rnhmjoj
4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
This reverts commit 5dc2853981.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Joachim Fasting
5dc2853981 nixos/dnscrypt-proxy: remove
The upstream project ceased.

See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Maximilian Bosch
dbc414a8a5
yabar: add module
To make the configuration of `yabar` more pleasant and easier to
validate, a NixOS module will be quite helpful.

An example config could look like this:

```
{
  programs.yabar = {
    enable = true;
    bars.top.indicators.exec = "YA_DATE";
  };
}
```

The module adds a user-controlled systemd service which runs `yabar` after
starting up X.
2018-01-04 09:58:21 +01:00
Casey Ransom
f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Bas van Dijk
803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Markus Kowalewski
b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Florian Klink
0543dc77b1 nixos/tests/virtualbox: remove mknod /dev/vda1 call
With devtmpfs introduced in 0d27df280f it is
created automatically.

See https://github.com/NixOS/nixpkgs/pull/32983#issuecomment-353703083
2017-12-23 03:16:18 +00:00
Jörg Thalheim
5687f61b19
Merge pull request #32637 from makefu/pkgs/openstack/nuke
nuke openstack (again)
2017-12-15 10:06:23 -08:00
makefu
71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu
d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
Franz Pletz
0f18f4af88
nixos/tests/jenkins: check if jenkins is available 2017-12-14 16:03:24 +01:00
Linus Heckemann
e4b32222a3 nixos/tests: correct comment in radicale.nix (#32574)
The secrets are in fact also stored unhashed, as part of the .drv file
which produces the htpasswd.
2017-12-11 22:09:23 +00:00
Peter Hoeg
e5715d9464 cups: 2.2.2 -> 2.2.6 2017-12-07 07:22:39 +00:00
Maximilian Bosch
af75b48b51 services.statsd: add simple test 2017-12-04 16:56:16 +01:00
Daiderd Jordan
6a20b88cec
vault: add nixos test 2017-12-04 12:59:52 +01:00
Parnell Springmeyer
6c9de3f600
hocker: Don't check package and wrap the binaries with PATH to nix 2017-12-02 09:20:22 -06:00
Parnell Springmeyer
c1eb962516
fetchdocker: Integration test exercising hocker and fetchdocker
This change adds a simple integration test exercising the fetchdocker
Nix code and hocker utilities for the simple `hello-world` docker
container. We exercise:

- Fetching the docker image configuration json
- Fetching the docker image layers
- Building a compositor script
- Loading the `hello-world` docker image into docker using the
  compositor script and `docker load`
- Running that loaded container
2017-12-01 21:06:16 -06:00
Tuomas Tynkkynen
dc5cd7800a tests/initrd-network-ssh: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Joachim F
822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Vladimír Čunát
474c1ce799
nixos.tests.installer.swraid: increase drive size
The latest staging caused this test not to fit anymore.
I'm all for keeping closure sizes under control,
but I don't think *this* is a good place.
2017-11-25 07:46:28 +01:00
Bjørn Forsman
aedba5c2af nixos: run parted with --script option (3rd)
Doh, should have included this in previous commit.

Ref. 0ff4bb5f87
("nixos: run parted with --script option").
2017-11-19 22:55:12 +01:00
Bjørn Forsman
bf338ab9ee nixos: run parted with --script option (2nd)
Ref. 0ff4bb5f87
("nixos: run parted with --script option")
2017-11-19 22:50:24 +01:00
Franz Pletz
bdbaaad7de
Merge pull request #29269 from Moredread/test_crypt_with_keyfile
Test opening encrypted filesystem with keyfile
2017-11-19 20:30:59 +01:00
obadz
edcf51a359
Merge pull request #31805 from gleber/make-switch-to-configuration-pure
nixos/system: make switch-to-configuration script pure
2017-11-19 19:03:52 +00:00
Franz Pletz
f367bb4d6d
Merge pull request #31569 from gleber/add-mutable-users-test
nixos/tests: add a test for config.users.mutableUsers.
2017-11-19 19:54:28 +01:00
Gleb Peregud
2f6148c743 nixos/system: make switch-to-configuration script pure.
Fixes #28443

Fixed few invocations to `systemctl` to have an absolute path. Additionally add
LOCALE_ARCHIVE so that perl stops spewing warning messages.
2017-11-19 19:42:54 +01:00
Gleb Peregud
1dd0379ba8 nixos/tests: Add a test for config.users.mutableUsers.
It's in preparation to add an assertion for #4990.
2017-11-19 19:11:19 +01:00
Franz Pletz
71b8437e2c
nixos/tests: add couchdb test 2017-11-19 17:39:36 +01:00
Franz Pletz
00056e76d0
nixos/tests/acme: update terms of service to fix test 2017-11-17 16:05:13 +01:00
Orivej Desh
963204e6ee
Merge pull request #31753 from mbld/show-ip
nixos-container: Make show-ip work together with ipv4 + netmask
2017-11-17 00:32:56 +00:00
Orivej Desh
f79e3e237f
Merge pull request #31618 from adisbladis/zfs-tests
Add basic ZFS tests
2017-11-16 20:00:16 +00:00
Martin Bornhold
25b71e18f5 nixos-container: Modify existing test to cover show-ip command
Modified the existing test to check that the 'nixos-container show-ip' command
can handle ipv4 addresses with submask in CIDR notation.
2017-11-16 20:25:45 +01:00
Parnell Springmeyer
cb11bf73a5 nixos/nghttpx: add module for the nghttpx proxy server (#31680)
* nghttpx: Add a new NixOS module for the nghttpx proxy server

This change also adds a global `uid` and `gid` for a `nghttpx` user
and group as well as an integration test.

* nixos/nghttpx: fix building manual
2017-11-16 18:21:02 +00:00
Tuomas Tynkkynen
cbccb1edf5
nixos installer tests: Add UEFI Grub test
Fixed merge conflict. Closes #22923.
2017-11-14 11:30:28 +01:00
adisbladis
59e4599723
Add basic ZFS tests 2017-11-14 14:34:19 +08:00
aszlig
f6ae3948bc
tests/boot-stage1: Fix build of kcanary module
In bfe9c928c1 the default kernel has been
updated to version 4.14 and the declarations for allow_signal() and
signal_pending() are no longer exposed via kthread.h, so let's actually
use the right header files.

I've added a condition for kernel 4.10 and upwards to include the
linux/sched/signal.h header file, because that got introduced in version
4.10. Even if the declaration would still reside in kthread.h (I haven't
checked) for version 4.10 it won't hurt and the compilation will still
succeed.

Tested against kernel 4.9 and 4.14 and the build now succeeds.

Signed-off-by: aszlig <aszlig@nix.build>
2017-11-14 04:36:19 +01:00
Sarah Brofeldt
58d07e2d6b php: Add nixos test to ensure php-pcre works in httpd 2017-11-12 08:05:27 +01:00
Sarah Brofeldt
294bb6daea nixos/tests/gitlab.nix: Unbreak config, still times out 2017-11-06 14:52:33 +01:00
Tim Steinbach
97f172a1d5
Merge pull request #31146 from NeQuissimus/kafka_updates
Kafka: Update + Tests
2017-11-04 11:06:32 -04:00
Bas van Dijk
c894327215 postage: replaced by pgmanage-10.0.2
postage is no longer maintained and has been replaced by the identical pgmanage. See:

https://github.com/workflowproducts/postage#postage-has-been-replaced-with-pgmanage

The following error is raised when a user enables the deprecated `services.postage.enable` option:

Failed assertions:
- services.postage is deprecated in favor of pgmanage. They have the same options so just substitute postage for pgmanage.
2017-11-03 00:14:00 +01:00
Tim Steinbach
beefaff2c1
kafka: Add tests 2017-11-02 15:10:33 -04:00
Tim Steinbach
d27cf320cf
zookeeper: Add simple test 2017-11-02 14:09:56 -04:00
Bas van Dijk
cb4b9b1cc1 owncloud: fix some but not all errors
* Don't set timezone when it's null

* Don't create the postgres role because the postgresqsl service
  already does that.

* Fix documentation

* Add a test suite
2017-10-31 23:03:33 +01:00
Bas van Dijk
04b2460eb6 graphite: fix the graphiteApi service 2017-10-31 15:49:59 +01:00
Tuomas Tynkkynen
2f3786e7ef nixos/tests/gitolite: Don't build during evaluation
Noticed in https://hydra.nixos.org/jobset/nixos/release-17.09#tabs-errors:

````
hydra-eval-jobs returned exit code 1:
building path(s) '/nix/store/wxcbjli7m98yymnxrxkf6pigr7a05zad-id_ed25519.pub'
building '/nix/store/gyig2d7cry98647h0grfilq26cpc1wy8-id_ed25519.pub.drv'...
````

Issue #29774
2017-10-21 23:45:37 +03:00
Peter Simons
757a759005 Merge pull request #30166 from LumiGuide/graphite-1.0.2
Fix graphite crash by upgrading from 0.9.15 -> 1.0.2
2017-10-18 12:58:55 +01:00
Bjørn Forsman
774d05878a nixos/tests: unbreak prometheus test
Commit 271d3f7a43 ("prometheus service: globalConfig.labels is obsolete")
removed globalConfig.labels. Update the test config accordingly.
2017-10-16 20:31:49 +02:00
Bjørn Forsman
10e79d43f6 nixos/tests: add gitolite test 2017-10-16 19:22:07 +02:00
Bjørn Forsman
943730ff9b nixos/tests: add basic test for services.atd 2017-10-16 19:08:19 +02:00
Bjørn Forsman
0ff4bb5f87 nixos: run parted with --script option
-s, --script: never prompts for user intervention

Sometimes the NixOS installer tests fail when they invoke parted, e.g.
https://hydra.nixos.org/build/62513826/nixlog/1. But instead of exiting
right there, the tests hang until the Nix builder times out (and kills
the build). With this change the tests would instead fail immediately,
which is preferred.

While at it, use "parted --script" treewide, so nobody gets build
timeout due to parted error (or misuse). (Only nixos/ use it, and only
non-interactive.)

A few instances already use the short option "-s", convert them to long
option "--short".
2017-10-14 15:29:02 +02:00
Lancelot SIX
4ea954477f Merge pull request #30321 from RemiDesgrange/add-postgis-2.4.0
Add postgis 2.4.0
2017-10-14 10:13:53 +02:00
Rémi Desgrange
8dcaa5b313 postgis: add v2.4.0
Add postgis 2.4.0

doesn't remove v2.3.1. There are some big change in 2.4 that people may
don't want. see https://postgis.net/docs/release_notes.html#idm41021

fix test call

modify following recommandation of lsix
2017-10-13 09:45:25 +02:00
aszlig
20487112ed
nixos: Fix output path generation of runInMachine
Regression introduced by a02bb00156.

The fix is done by disabling writableStore, because the latter will set
up an overlayfs on the Nix store within the VM, which in turn will
discard all the outputs of the resulting output path.

However in runInMachine we actually *want* the contents of the generated
path and also don't want a writable store within the VM (except of
course for $out, which is writable anyway).

I've added a small regression test to verifify the output in
nixos/tests/run-in-machine.nix to make sure this won't break again in
the future.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 20:08:11 +02:00
Jörg Thalheim
62922af208 Merge pull request #29994 from bachp/minio-update
minio: 20170613 -> 2017-09-29T19-16-56Z
2017-10-08 12:12:32 +01:00
Pascal Bach
1983e6c8cc minio: 20170613 -> 2017-09-29T19-16-56Z
The test was updated as minio now needs at least 1 GiB of free disk,
otherwise it won't start.
2017-10-08 12:24:29 +02:00
Bas van Dijk
5b8ff5ed49 graphite: 0.9.15 -> 1.0.2
Fixes: #29961

Also added the option:

  services.graphite.web.extraConfig

for configuring graphite_web.
2017-10-08 03:03:22 +02:00
WilliButz
3539e16cfa
nixos/tests: clean up pgjwt test
- removed unneeded initscript
- use default postgres version for the test
2017-10-04 13:04:49 +02:00
Joachim F
0625110d1a Merge pull request #29927 from WilliButz/fix-pgjwt-test
nixos/tests: fix pgjwt test
2017-10-04 10:57:43 +00:00
Ruben Maher
06e15e59f9 nixos/krb5: complete rewrite
The `krb5` service was a bit lacking.

Addresses NixOS/nixpkgs#11268, partially addresses NixOS/nixpkgs#29623.
2017-10-02 14:30:19 +10:30
WilliButz
7d09fc6ea7
nixos/tests: rewrite pgjwt test
- now using the test contained in the pgjwt source repo
- also compatible with the new `superUser` option of the
  `postgresql` service
2017-10-01 20:12:58 +02:00
Jan Tojnar
dfdfb97f0f nixos/tests/gnome3-gdm: Increase memory limit
The test was failing on x86_64 prematurely due to memory being exhausted.

See also 3b9f0c6a46
2017-09-28 17:20:23 +02:00
Robin Gloster
d05b0b6b70
mesos test: fix python handling
Still does not succeed but advances further

(cherry picked from commit 30d09f717aa94a78105bff22da548b904887b394)
2017-09-28 01:15:41 +02:00
Rodney Lorrimar
56eba66f77 mysqlBackup service: let it work with default settings
* Grants enough privileges to the configured user so that it can run
  mysqldump.

* Adds a nixos test.

* Use systemd timers instead of a cronjob (by @fadenb).

* Creates a new user for backups by default, instead of using mysql
  user.

* Ensures that backup user has write permissions on backup location.

* Write backup to a temporary file before renaming so that a failed
  backup won't overwrite the previous backup, and so that the backup
  location will never contain a partial backup.

Breaking changes:

 * Renamed period to calendar to reflect the change in how to
   configure the backup time.

 * A failed backup will no longer result in cron sending an e-mail --
   users' monitoring systems must be updated.

Resolves #24728
2017-09-27 18:44:49 +02:00
Silvan Mosberger
a8c97ad23e nixos/radicale: fix default version (#29743) 2017-09-25 10:18:42 +00:00
Matej Cotman
6ef8cad2a7 kubernetes: fix tests 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
7dfeac88ac kubernetes module: flannel support, minor fixes
- add flannel support
- remove deprecated authorizationRBACSuperAdmin option
- rename from deprecated poratalNet to serviceClusterIpRange
- add nodeIp option for kubelet
- kubelet, add br_netfilter to kernelModules
- enable firewall by default
- enable dns by default on node and on master
- disable iptables for docker by default on nodes
- dns, restart on failure
- update tests

and other minor changes
2017-09-24 11:44:25 +02:00
Matej Cotman
8e14e978c8 kubernetes: fix minor issues 2017-09-24 11:44:25 +02:00
Matej Cotman
7f9d1a7aaf kubernetes: add tests 2017-09-24 11:44:25 +02:00
Joachim Fasting
bccaf63067
nixos/hardened test: add failing test-case for deferred mounts 2017-09-22 23:53:27 +02:00
aszlig
a75265924f
nixos/tests/virtualbox: Fix netcat invocation
This is a backwards-incompatibility in netcat-openbsd introduced due to
bumping the netcat version to 1.130 in
a72ba661ac.

Version 1.130 no longer exits on EOF but now needs to be passed the -N
flag in order to exit on EOF.

The upstream change reads[1] like this:

  Don't shutdown nc(1)'s network socket when stdin closes. Matches
  *Hobbit*'s original netcat and GNU netcat; revert to old behaviour
  with the new -N flag if needed. After much discussion with otto
  deraadt tedu and Martin Pelikan.  ok deraadt@

Here is the diff of this change:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/netcat.c.diff?r1=1.110&r2=1.111&f=h

[1]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/netcat.c?rev=1.111&content-type=text/x-cvsweb-markup

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-21 03:49:46 +02:00
Franz Pletz
406c7a0731 Merge pull request #29521 from aneeshusa/ease-radicale-upgrade
Ease radicale upgrade
2017-09-18 23:13:53 +02:00
WilliButz
9198ad65ef tests: add initrd-network-ssh test
starts two VMs:
- one with dropbear listening from initrd,
  waiting for a file
- another connecting via ssh, creating the file
2017-09-18 19:51:46 +02:00
Aneesh Agrawal
28c2cea847 radicale: Test migration functionality
This also provides an example of how to migrate.
2017-09-18 09:11:36 -07:00
WilliButz
0b2d9bbbd2 nixos/tests: add grafana test (#29531) 2017-09-18 16:59:50 +02:00
Franz Pletz
b179908414
nixos/networking: network is online if default gw set
Previously services depending on network-online.target would wait until
dhcpcd times out if it was enabled and a static network address
configuration was used. Setting the default gateway statically is enough
for the networking to be considered online.

This also adjusts the relevant networking tests to wait for
network-online.target instead of just network.target.
2017-09-18 14:51:38 +02:00
Maximilian Güntner
44475cae27 tests: ipfs: enable autoMount tests 2017-09-18 00:05:35 -07:00
aszlig
3ba2095a42
nixos/dovecot: Fix createMailUser implementation
This option got introduced in 7904499542
and it didn't check whether mailUser and mailGroup are null, which they
are by default.

Now we're only creating the user if createMailUser is set in conjunction
with mailUser and the group if mailGroup is set as well.

I've added a NixOS VM test so that we can verify whether dovecot works
without any additional options set, so it serves as a regression test
for issue #29466 and other issues that might come up with future changes
to the Dovecot service.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #29466
Cc: @qknight, @abbradar, @ixmatus, @siddharthist
2017-09-17 04:57:20 +02:00
Joachim F
8ceb209830 Merge pull request #29462 from joachifm/trivial-misc-tests
nixos/tests: move kernel-params & sysctl test to misc
2017-09-16 19:51:58 +00:00
Joachim Fasting
586d04c588
nixos/tests: expand hardened tests 2017-09-16 13:14:07 +02:00
Joachim Fasting
ffd56ba4f6
nixos/tests: move kernel-params test to misc 2017-09-16 12:45:28 +02:00
Joachim Fasting
c85cf60c83
nixos/tests: move sysctl test to misc 2017-09-16 12:45:23 +02:00
aszlig
b5fbb4f362
nixos/tests/acme: Use overridePythonAttrs
Quoting from @FRidh:

  Note overridePythonAttrs exists since 17.09. It overrides the call to
  buildPythonPackage.

While it's not strictly necessary to do this, because postPatch ends up
in drvAttrs anyway, it's probably better to use overridePythonAttrs so
we don't run into problems when the underlying implementation of
buildPythonPackage changes.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-14 23:18:52 +02:00
André-Patrick Bubel
58374fbaf3
Test opening encrypted filesystem with keyfile
Checks for regression of missing cryptsetup, when no luks device without
keyfile is configured
2017-09-14 04:20:15 +02:00
aszlig
01fffd94e5
nixos/tests/acme: Patch certifi with cacert
Since 67651d80bc the requests package now
depends on certifi, which in turn provides the CA root certificates that
we need to replace.

It might also be a good idea to actually patch certifi with our version
of cacert by default so that if we want to override and/or add something
we only need to do it once.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @fpletz, @k0ral, @FRidh
2017-09-13 23:16:43 +02:00
aszlig
bda38317eb
nixos/tests/letsencrypt: Fix nginx options
The enableSSL option has been deprecated in
a912a6a291, so we switch to using onlySSL.

I've also explicitly disabled enableACME, because this is the default
and we don't actually want to have ACME enabled for a host which runs an
actual ACME server.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:40 +02:00
aszlig
11b3ae74e1
nixos/tests: Add a basic test for ACME
The test here is pretty basic and only tests nginx, but it should get us
started to write tests for different webservers and different ACME
implementations.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:37 +02:00
aszlig
b3162a1074
nixos/tests: Add common modules for letsencrypt
These modules implement a way to test ACME based on a test instance of
Letsencrypt's Boulder service. The service implementation is in
letsencrypt.nix and the second module (resolver.nix) is a support-module
for the former, but can also be used for tests not involving ACME.

The second module provides a DNS server which hosts a root zone
containing all the zones and /etc/hosts entries (except loopback) in the
entire test network, so this can be very useful for other modules that
need DNS resolution.

Originally, I wrote these modules for the Headcounter deployment, but
I've refactored them a bit to be generally useful to NixOS users. The
original implementation can be found here:

https://github.com/headcounter/deployment/tree/89e7feafb/modules/testing

Quoting parts from the commit message of the initial implementation of
the Letsencrypt module in headcounter/deployment@95dfb31110:

    This module is going to be used for tests where we need to
    impersonate an ACME service such as the one from Letsencrypt within
    VM tests, which is the reason why this module is a bit ugly (I only
    care if it's working not if it's beautiful).

    While the module isn't used anywhere, it will serve as a pluggable
    module for testing whether ACME works properly to fetch certificates
    and also as a replacement for our snakeoil certificate generator.

Also quoting parts of the commit where I have refactored the same module
in headcounter/deployment@85fa481b34:

    Now we have a fully pluggable module which automatically discovers
    in which network it's used via the nodes attribute.

    The test environment of Boulder used "dns-test-srv", which is a fake
    DNS server that's resolving almost everything to 127.0.0.1. On our
    setup this is not useful, so instead we're now running a local BIND
    name server which has a fake root zone and uses the mentioned node
    attribute to automatically discover other zones in the network of
    machines and generate delegations from the root zone to the
    respective zones with the primaryIPAddress of the node.

    ...

    We want to use real letsencrypt.org FQDNs here, so we can't get away
    with the snakeoil test certificates from the upstream project but
    now roll our own.

    This not only has the benefit that we can easily pass the snakeoil
    certificate to other nodes, but we can (and do) also use it for an
    nginx proxy that's now serving HTTPS for the Boulder web front end.

The Headcounter deployment tests are simulating a production scenario
with real IPs and nameservers so it won't need to rely on
networking.extraHost. However in this implementation we don't
necessarily want to do that, so I've added auto-discovery of
networking.extraHosts in the resolver module.

Another change here is that the letsencrypt module now falls back to
using a local resolver, the Headcounter implementation on the other hand
always required to add an extra test node which serves as a resolver.

I could have squashed both modules into the final ACME test, but that
would make it not very reusable, so that's the main reason why I put
these modules in tests/common.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-09-13 23:16:33 +02:00
Tim Steinbach
84e34d4d5d
tests: xmonad less dependent on timings 2017-09-09 10:07:34 -04:00
Tim Steinbach
024b501907
tests: Fix hibernate 2017-09-06 22:01:48 -04:00
Tim Steinbach
7faad2dce8 Merge pull request #29040 from NeQuissimus/tests_sys
More basic system tests
2017-09-06 15:04:10 -04:00
Tim Steinbach
a54b2e3ba2 Merge pull request #29002 from NeQuissimus/docker_edge_module_test
docker: Package in module, tests
2017-09-06 15:03:56 -04:00
Tim Steinbach
0857e4c84d Merge pull request #28989 from NeQuissimus/tests_xmonad
Add XMonad test
2017-09-06 15:03:41 -04:00
Tim Steinbach
b4ccef2163
tests: Add environment 2017-09-05 19:05:37 -04:00
Tim Steinbach
3e2975e892
tests: Add kernelParams 2017-09-05 19:04:43 -04:00
Tim Steinbach
04b0f3255f
tests: Add sysctl 2017-09-05 19:03:54 -04:00
Franz Pletz
1bed4773f5
postgresql92: remove last references 2017-09-05 18:20:56 +02:00
Jörg Thalheim
3558ed8bfd Merge pull request #28988 from NeQuissimus/tests_kernel_basic
Add basic kernel tests
2017-09-05 16:38:50 +01:00
Tim Steinbach
656ec9de0e
Add basic kernel tests 2017-09-05 10:38:07 -04:00
Tim Steinbach
380ed98bd7
docker: Add test for docker-edge, check for proper versions in tests 2017-09-04 19:02:44 -04:00
Michele Catalano
4ea1d49643 nexus: Add module for nexus.
Add also myself as maintainer
Add simple test of the nexus service
2017-09-04 22:32:02 +02:00
Tim Steinbach
e153fa84a5
Add XMonad test 2017-09-04 14:03:20 -04:00
Philipp Steinpass
d784b83005 nixos/hydra postgresql: Fix #27314 and add test case 2017-09-02 23:07:42 +02:00
Jan Tojnar
3b9f0c6a46
gnome3 tests: fix by providing more memory
/cc #28053.
2017-09-01 07:51:05 +02:00
Vladimír Čunát
6b95cf646c
Merge: fixups to staging merge
None are large rebuilds; most are on staging already.
2017-08-30 21:17:17 +02:00
Franz Pletz
e3a8f58a21 Merge pull request #28746 from mguentner/ipfstest
tests: fix ipfs test, test actual networking functionality
2017-08-30 18:50:40 +02:00
Maximilian Güntner
a1302eab3a
tests: fix ipfs test, test actual networking functionality 2017-08-30 15:28:50 +02:00
Franz Pletz
7d1d019650 Merge pull request #27826 from Infinisil/radicale
radicale: update to version 2
2017-08-30 02:17:34 +02:00
Franz Pletz
3e18f32f68 Merge pull request #28465 from danbst/reloadable-containers
Reloadable containers
2017-08-30 02:01:46 +02:00
Vladimír Čunát
dc93744273
rogue: omit from the installation media
At least for now.  It would increase the ISO size by ~10 MB,
after the fixup in the parent commit.
2017-08-29 16:15:15 +02:00
Tuomas Tynkkynen
b471e125c2 nixos/tests/installer: Add stdenvNoCC to extraDependencies
The installer tests are failing after 505e94256e
due to `nixos-rebuild switch` in the installed system trying to build
stdenvNoCC.

Seems that previously, stdenvNoCC wasn't in the installed
system either, but all the direct dependencies for the build were
(I don't really understand why, for that matter), so the building
actually went fine and everything worked.

But now gcc is also a direct build dependency due to allowedRequisites
containing gcc (even though it doesn't become a runtime dependency)
which doesn't get to the installed system.

All in all, let's ensure stdenvNoCC actually gets to the installed
system. It's after all necessary in almost any NixOS config build.
2017-08-24 02:07:56 +03:00
danbst
63f8122cd9 nixos tests: add test for declarative containers, that container config changes
are applied on `nixos-rebuild switch` invocations.
2017-08-23 12:43:07 +03:00
Tuomas Tynkkynen
0488cb1802 tests/installer: Rename simpleUefiGummiboot -> simpleUefiSystemdBoot
It hasn't been called Gummiboot for ages.
2017-08-19 08:46:48 +02:00
Silvan Mosberger
e16a0988bc
radicale: 1.1.4 -> 2.1.2
This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which
also includes the needed command for migrating to 2.x

The module is adjusted to the version change, defaulting to radicale2 if
stateVersion >= 17.09 and radicale1 otherwise. It also now uses
ExecStart instead of the script service attribute. Some missing dots at
the end of sentences were also added.

I added a paragraph in the release notes on how to update to a newer
version.
2017-08-13 17:23:43 +02:00
Franz Pletz
59fa868b01
tests.plasma5: fix hash 2017-08-12 00:55:32 +02:00
Robin Gloster
350a6c3726
tests.plasma5: fix eval 2017-08-11 21:53:17 +02:00
Franz Pletz
9f7f85a3cd
nixos/tests/nginx: fix name 2017-08-11 17:37:14 +02:00
Robin Gloster
b18b70c74d
nixos.tests.nat: fix 2017-08-04 17:52:42 +02:00
Markus Mueller
1793c96be2
tests/nat: Use switch-to-configuration in test case 2017-08-03 21:16:14 +02:00
Linus Heckemann
a0d464033c nixos/timezone: support imperative timezone configuration (#26608)
Fixes #26469.
2017-07-31 15:55:24 +01:00
Frederik Rietdijk
29f91c107f Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-23 11:23:43 +02:00
Thomas Tuegel
4b14212914
nixos/tests/keymap: use SLIM theme from nixos/tests/slim 2017-07-22 17:43:28 -05:00
Franz Pletz
226964861f Merge pull request #27405 from rvl/postgresql-xml
postgresql: fix nixos tests and add xml support
2017-07-20 20:31:38 +02:00
Rodney Lorrimar
0b027720af nixos tests: run postgresql tests with postgres user 2017-07-19 22:13:02 +01:00
aszlig
b618843860
nixos/taskserver: Fix manual PKI management
The helper tool had a very early check whether the automatically created
CA key/cert are available and thus it would abort if the key was
unavailable even though we don't need or even want to have the CA key.

Unfortunately our NixOS test didn't catch this, because it was just
switching from a configuration with an automatically created CA to a
manual configuration without deleting the generated keys and certs.

This is done now in the tests and it's also fixed in the helper tool.

Reported-by: @jpotier
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-16 20:38:15 +02:00
Christian Kögler
e8a8f1233a snapper: add nixos module
fixes #27154
2017-07-16 10:06:42 +01:00
Rodney Lorrimar
502a272ee7 postgresql: enable XML functions
I suspect these functions aren't widely used, but they are enabled in
PostgreSQL on Ubuntu and Arch.
2017-07-15 14:58:17 +01:00
Rodney Lorrimar
39ef4d2fe9 nixos tests: fix postgresql tests
1. Needs to call makeTest or else nothing happens when you run
   `nix-build nixos/tests/postgresql.nix`.

2. Tests run as root, so there needs to be a corresponding user in
   PostgreSQL.
2017-07-15 14:54:42 +01:00
Vladimír Čunát
0be14a588f
nixos tests.misc: unblock a man-page test
I'm not sure what's wrong, but the pages look OK.  Discussion:
https://github.com/NixOS/nixpkgs/pull/27061#issuecomment-314330032
2017-07-11 08:55:55 +02:00
Pascal Bach
0fb8456b13 minio service: add additional config options
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Tim Steinbach
fbbf926ce9
ammonite: add test 2017-07-04 21:36:30 -04:00
Graham Christensen
b0a4c2c33f
nixos: installer.nix test: test ZFS install use case 2017-06-28 19:45:20 -04:00
Pascal Bach
aa66c9ad37 minio service: add inital service
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
aszlig
bcaf2f6dbe
nixos/tests/sddm: Fix detecting login screen
Tesseract seems to have a hard time detecting the "ALICE FOOBAR" text,
so let's match on "Select your user and enter password" instead.

Ran the test on x86_64-linux and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-22 06:26:08 +02:00
Joachim F
631ec734eb Merge pull request #26460 from romildo/fix.nixos-artwork
nixos-artwork: add more wallpapers
2017-06-13 23:20:52 +01:00
Bas van Dijk
2444eab485 ELK: update kibana and the elastic beats to 5.4 (#26252)
* Add kibana5 and logstash5
* Upgrade the elastic beats to 5.4
* Make sure all elastic products use the same version
  (see elk5Version)
* Add a test for the ELK stack
2017-06-13 22:36:08 +02:00
romildo
aa8018103c nixos-artwork: add more wallpapers
Restructure the nixos-artwork to make it easy to selectively
incorporate other components from upstream without needing to download
the full package.

Until now only the Gnome_Dark wallpaper was included. Add other
wallpapers available in the package repository.
2017-06-07 18:00:58 -03:00
Graham Christensen
225a230716 Merge pull request #23173 from nlewo/test/cloudinit
Cloudinit test
2017-06-05 18:34:06 -04:00
montag451
f0ca6f9290 nixos/tests: add tests for the LDAP stack 2017-05-27 02:51:46 +02:00
Vladimír Čunát
bba5b1c434
plasma5 tests: fix by using older fontconfig-penultimate
enable = false; didn't help, but downgrading did.  It's a mystery to me.
Discussion: https://github.com/NixOS/nixpkgs/commit/c9f8fb4d127a
2017-05-24 14:56:43 +02:00
Antoine Eiche
7b80f4c344 nixos/cloudinit: add cloudinit test
An iso containing metadatas is created and attached as a cdrom to the
qemu VM used for this test.

The cloudinit service is enabled. The test case ensures the root
authorized_keys file is populated and the cloudinit write_file module is
working well.
2017-05-23 20:51:05 +02:00
Joachim Fasting
252dcd62f3
OVMF: separate output for ovmf binaries
OVMF{,CODE,VARS}.fd are now available in a dedicated fd output, greatly
reducing the closure in the common case where only those files are used (a
few MBs versus several hundred MBs for the full OVMF).

Note: it's unclear why `dontPatchELF` is now necessary for the build to
pass (on my end, at any rate) but it doesn't make much sense to run this
fixup anyway,

Note: my reading of xen's INSTALL suggests that --with-system-ovmf should
point directly to the OVMF binary.  As such, the previous invocation was
incorrect (it pointed to the root of the OVMF tree).  In any case, I have
only built xen with `--with-system-ovmf`, I have not tested it.

Fixes https://github.com/NixOS/nixpkgs/issues/25854
Closes https://github.com/NixOS/nixpkgs/pull/25855
2017-05-20 12:33:48 +02:00
Frederik Rietdijk
9e48fc3268 Merge pull request #24131 from nand0p/buildbot-0.9.5
buildbot: 0.9.4 -> 0.9.5
2017-05-03 07:56:29 +02:00
Michael Raskin
1c8d388201 Merge pull request #23865 from volth/xrdp-tests
xrdp: init at 0.9.2
2017-04-30 22:35:48 +02:00
Michael Raskin
929ae39dbe Merge pull request #22683 from aneeshusa/add-nixos-test-for-radicale
Add nixos test for radicale
2017-04-30 18:51:46 +02:00
Joachim Fasting
a1678269f9
nixos/hardened profile: disable user namespaces at runtime 2017-04-30 15:17:27 +02:00
Joachim Fasting
ffa83edf4a
nixos/tests: add tests for exercising various hardening features
This test exercises the linux_hardened kernel along with the various
hardening features (enabled via the hardened profile).

Move hidepid test from misc, so that misc can go back to testing a vanilla
configuration.
2017-04-30 12:05:42 +02:00
Joachim Fasting
ab4fa1cce4
tree-wide: prune some dead grsec leaves
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
volth
dad760061e xrdp: init at 0.9.1 2017-04-29 17:23:35 +00:00
Graham Christensen
5dd731b801
mysql test: test replication persists between slave stop / start cycle 2017-04-25 18:51:49 -04:00
Graham Christensen
da0ef84c0c
mysql test: use OpenPort check over blind sleep 2017-04-25 18:51:46 -04:00
aszlig
dc87b5587e
nixos: Add a VM test for the SLiM display manager
This is currently our default display manager, so I'm adding this to the
"tested" job as well to ensure we don't ship broken revisions where X is
most likely not working.

The test uses a custom SLiM theme that's specifically tailored for good
OCR results (mainly white background and black fonts without anything
else), because our default NixOS theme has a very small contrast between
background and fonts in some places.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-04-23 19:25:27 +02:00
Joachim Fasting
1b3300bf01
nixos/tests/misc: check hidepid mount via /proc/mounts 2017-04-23 11:00:46 +02:00
Fernando J Pando
4ac06ea6a1 buildbot: 0.9.4 -> 0.9.5
- adds distro dependency
- buildbot nodaemon in service module
- fakerepo for module tests
- service module parameter fixup
- tested on nixos
- tested on darwin
2017-04-21 10:32:36 -04:00
Dan Peebles
d990aa7163 Refactor nixos-install to separate out filesystem build logic
The key distinction I'm drawing is that there's a component that deals
with the store of the machine being built, and another component for
the store building it. The inner part of it assumes nothing from the
builder (doesn't need chroot or root powers) so it can run comfortably
inside a Nix build, as well as nixos-rebuild. I have some upcoming work
that will use that to significantly speed up and streamline image builds
for NixOS, especially on virtualized hosts like EC2, but it's also a
reasonable speedup on native hosts.
2017-04-16 16:09:41 +00:00
aszlig
5d5c0d590f
Revert "sddm: Fix test."
This reverts commit 0a6a06346a.

The commit replaced the text to search for from ALICE to BOB, because
our OCR detection only caught "BOB FOOBAR" but missed "ALICE FOOBAR"
completely.

With the improvements to our OCR system this no longer is the case and
the test passes successfully with this reverted.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @shlevy
2017-04-11 03:21:58 +02:00
Aneesh Agrawal
8f4d778509 radicale: Add aneeshusa as maintainer 2017-04-10 20:04:17 -04:00
Aneesh Agrawal
a3143b18e0 radicale: Also run NixOS test on Python 3 2017-04-10 20:04:17 -04:00
Aneesh Agrawal
189479a4ba radicale: Add NixOS test with Python 2
Includes testing bcrypt authentication.
2017-04-10 20:04:17 -04:00
Tomasz Czyż
e57cf5efd1 Merge branch 'master' into postgresql-tests 2017-04-07 10:28:58 +01:00
Shea Levy
0a6a06346a sddm: Fix test.
For whatever reason, the OCR code is not detecting ALICE but is BOB.

OCR output from login screen (blank lines omitted):

> Session none + icewm
> 08:41 <
> Thursday, April 6, 2017
> BOB FOOBAR
> Select your user and enter password
2017-04-06 04:44:47 -04:00
Graham Christensen
c7453084ef
docker: test for socket permissions 2017-04-03 09:05:41 -04:00
Tuomas Tynkkynen
affce1e246 nixos hibernate test: Use waitForOpenPort
There was one confusing recent failure of this:

http://cache.nixos.org/log/myla8bc17j8spmifdxmrz9jswxwsf5w6-vm-test-run-hibernate.drv

I don't have any real ideas on what could cause the problem but there is
at least one theoretical one: the system starts hibernating before the
listener process manages to open the TCP port for listening, and it can't
open it after resuming because not enough pages from the netcat binary
have been paged in (and as the 9p filesystem holding it is now toast,
they can't be loaded anymore).
2017-04-02 02:33:21 +03:00
Robin Gloster
ce953d0bc9
panomatic: remove 2017-03-30 16:23:33 +02:00
Joachim Fasting
543f5263d2
nixos/dnscrypt-proxy test: exercise plugin loading 2017-03-30 13:36:06 +02:00
aszlig
ee39d4b98a
nixos/tests/virtualbox: Fix @shell@ expansion
This has surfaced since f803270b7e.

The commit bumped bash to version 4.4, which caused to change the order
of --subst-var flags in substituteAll, which this test was relying on,
because it added a @shell@ to boot.initrd.postMountCommands.

Our substituter is currently working a bit like this:

original.replace('@var1@', 'val1').replace('@var2@', 'val2')...

Unfortunately, this means that if @var2@ occurs within @var1@ it is
replaced by the new value, so the order of the substvars actually
matter. I highly doubt that we want a behaviour like this and I'm
wondering why it didn't occur to me as a problem while writing the
initial implementation of the VirtualBox tests.

Whether to get rid of this and disallowing substitution of substvars
within substvars is another topic which I think needs discussion in a
different place.

As for now, I'm using stdenv.shell, because the closure size of this
should fit within the initrd, so it's fine especially because it's just
a test.

Tested with the net-hostonlyif and systemd-detect-virt tests and they
both succeed with this change.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: @globin on IRC
2017-03-27 04:53:17 +02:00
Arnold Krille
68729958e8
network-interfaces: reload bridges on conf changes
And adopt the tests to add an interface and remove it again.

It should work when deactivating rstp, it will not work when activating
rstp for the first bridge as then the userspace daemon is not yet
available. But once one bridge is active with stp, it should work with
the reload for any further bridge.

Fixes #21745. Also see #22547.
2017-03-26 18:47:43 +02:00
Thomas Tuegel
352e335f3d
nixos/sddm: test automatic and manual login 2017-03-24 10:39:13 -05:00
Thomas Tuegel
27ba56f1e0
nixos/plasma5: also test SDDM theme 2017-03-24 09:45:57 -05:00
Thomas Tuegel
ae1034ea96
nixos/sddm: improve test
Disable SDDM auto-login to improve testing for SDDM themes. See #24246.
2017-03-23 19:20:27 -05:00
Jörg Thalheim
b4169bb8dd
munin: fix tests by replacing cron with systemd timer 2017-03-22 00:16:36 +01:00