Commit Graph

1682 Commits

Author SHA1 Message Date
Martin Milata
2adb03fdae nixos/wordpress: generate secrets locally
Use /dev/urandom to generate keys and salts instead of downloading them
from https://api.wordpress.org/secret-key/1.1/salt/
2019-09-22 14:33:08 +02:00
Joachim Fasting
eb59755f70
tests/hardened: fix build
Bug introduced by 4ead3d2ec3

For ZHF https://github.com/NixOS/nixpkgs/issues/68361
2019-09-18 15:38:43 +02:00
Antoine R. Dumont (@ardumont)
35fe50352f nixos/minidlna: Allow more configuration options
This commits allows the user to configure:
- more minidlna options
- the ones not yet disclosed in nix (extending the existing minimal subset)
2019-09-17 19:51:33 +02:00
Léo Gaspard
ffaf2661fb
Merge branch 'master' into os-prober-test 2019-09-16 23:21:15 +02:00
WilliButz
cbb6293dce
Merge pull request #68291 from Ma27/bump-hydra
hydra: 2019-05-06 -> 2019-08-30
2019-09-14 13:16:07 +02:00
Maximilian Bosch
ce37a040c2
nixos/hydra: incorporate upstream changes and update test
During the last update, `hydra-notify` was rewritten as a daemon which
listens to postgresql notifications for each build[1]. The module
uses the `hydra-notify.service` unit from upstream's Hydra module and
the VM test ensures that email notifications are sent properly.

Also updated `hydra-init.service` to install `pg_trgm` on a local
database if needed[2].

[1] c7861b85c4
[2] 8a0a5ec3a3
2019-09-14 12:58:42 +02:00
Maximilian Bosch
7f136b5a56
nixos/hydra: fix test
We ship `https://cache.nixos.org` as binary cache by default which
automatically substitutes the test derivation used inside the Hydra
test. However it needs to be built locally to confirm that
`hydra-queue-runner` works properly.

Also inherited the platform name for the test derivation from `system`
to ensure that the build can be tested on each supported platform.

ZHF #68361
2019-09-14 11:48:48 +02:00
Tim Steinbach
c1fae7ccc8
xmonad: Fix test 2019-09-13 15:16:56 -04:00
Christian Kögler
db9b5f5525
nixos: deactivate immutablity for /var/empty in container 2019-09-13 17:33:38 +02:00
Christian Kögler
930ac600d2
nixos-install: ensure activation script is always called
The activation script is needed to get the missing files in etc/ created.
Needed for container manager like systemd-nspawn.
2019-09-13 17:33:34 +02:00
Christian Kögler
65792923af
nixos: added machinectl test 2019-09-13 17:33:11 +02:00
WilliButz
ef394409b2
nixos/tests/mumble: update test to use systemd-journal 2019-09-13 16:49:06 +02:00
WilliButz
ccf00bce12
nixos/tests: add prometheus-rspamd-exporter test 2019-09-11 14:21:36 +02:00
worldofpeace
20f8c3b984 nixosTests.xfce4-14: bump memorySize 2019-09-10 09:16:21 -04:00
worldofpeace
baf36d9afa nixosTests.xfce: bump memorySize 2019-09-10 09:15:56 -04:00
worldofpeace
bbcc947c46 nixosTests.plasma5: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:15:39 -04:00
worldofpeace
0eb814ea88 nixosTests.xfce: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:15:32 -04:00
worldofpeace
17877eaa68 nixosTests.xfce4-14: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:14:54 -04:00
Vladimír Čunát
7e91247596
Merge branch 'staging-next' into staging 2019-09-08 18:28:11 +02:00
Andreas Rammhold
f59b4cb8d5
nixos/tests/login: fix the seat test by loading sound drivers
It turned out that /dev/snd/* always exists even if there are no sound
drivers loaded at all. Loading `snd` and `snd_timer` fixes that
situation. It is probably fair to assume someone that wants to use sound
also enables that in the NixOS configuration.
2019-09-08 17:14:14 +02:00
Frederik Rietdijk
e73f871285 Merge master into staging-next 2019-09-08 14:49:25 +02:00
Florian Klink
2f3b9cd52c
Merge pull request #66274 from talyz/gitlab
nixos/gitlab: Add support for secure secrets and more
2019-09-07 12:52:44 -07:00
Frederik Rietdijk
7e9e5cab45 Merge master into staging-next 2019-09-07 09:53:09 +02:00
Florian Klink
db1f05c763
Merge pull request #66405 from NeQuissimus/virtualbox_6_0_10
virtualbox: 6.0.8 -> 6.0.10
2019-09-06 20:33:35 -07:00
Frederik Rietdijk
9894a70299 Merge staging into staging-next 2019-09-06 22:47:40 +02:00
Frederik Rietdijk
66bc7fc1b3 Merge master into staging-next 2019-09-06 22:46:05 +02:00
WilliButz
9118eb3482
nixos/tests: remove prometheus_1 test 2019-09-06 21:55:24 +02:00
Jan Tojnar
8563088e69
Merge branch 'staging-next' into staging 2019-09-06 16:55:45 +02:00
Jan Tojnar
f9237f3152
Merge branch 'master' into staging-next 2019-09-06 16:55:11 +02:00
talyz
cbdf94c0f3 nixos/gitlab: Add support for storing secrets in files
Add support for storing secrets in files outside the nix store, since
files in the nix store are world-readable and secrets therefore can't
be stored safely there.

The old string options are kept, since they can potentially be handy
for testing purposes, but their descriptions now state that they
shouldn't be used in production. The manual section is updated to use
the file options rather than the string options and the tests now test
both.
2019-09-06 16:54:22 +02:00
adisbladis
0cce8856b2
elk-5: Remove tests
These packages are EOL and are about to be removed
2019-09-06 14:22:14 +01:00
Jan Tojnar
306cc9b311
Merge branch 'staging-next' into staging 2019-09-06 03:21:30 +02:00
Jan Tojnar
cdf426488b
Merge branch 'master' into staging-next
Fixed trivial conflicts caused by removing rec.
2019-09-06 03:20:09 +02:00
Ambroz Bizjak
a97a047419
tests/virtualbox: Clean up unnecessary things.
Always enable the UART because the VirtualBug bug that required running without the UART was fixed in 6.0.10. Stop using an old kernel version because the tests work with the default kernel.

(cherry picked from commit ae93571e8d04cebd69491a789d902d6481e05d3f)
2019-09-05 09:30:05 -04:00
Johan Thomsen
161855c033 ceph: 14.2.1 -> 14.2.3 2019-09-05 14:33:29 +02:00
Vladimír Čunát
e5dece4cbf
Merge branch 'staging-next' into staging 2019-09-05 10:23:46 +02:00
Sarah Brofeldt
11e72e547d
Merge pull request #67563 from johanot/kubernetes-1.15-withmodulerevert
kubernetes: 1.14.3 -> 1.15.3

Also reverts the module systemd dependencies
2019-09-05 07:34:11 +02:00
aszlig
601bed3849
nixos/tests/quake3: Fix evaluation error
In c814d72b51, a bunch of packages were
changed to use the pname attribute, among them were the quake3-demodata
and quake3-pointrelease which we use for the quake3 test.

Fortunately, having pname available means that we no longer need to
match using a prefix, so fixing this eval error also simplifies our
matching.

I directly pushed this to master because the change is non-controversial
and we can't break things that are already broken :-)

Signed-off-by: aszlig <aszlig@nix.build>
2019-09-05 07:00:12 +02:00
Johan Thomsen
00975b5628 Revert "Merge pull request #56789 from mayflower/upstream-k8s-refactor"
This reverts commit 7dc6e77bc2, reversing
changes made to bce47ea9d5.

Motivation for the revert in #67563
2019-09-04 17:37:02 +02:00
Johan Thomsen
fb22d67fa7 ceph: 13.2.4 -> 14.2.1
* remove kinetic
* release note
* add johanot as maintainer

nixos/ceph: create option for mgr_module_path
  - since the upstream default is no longer correct in v14

* fix module, default location for libexec has changed
* ceph: fix test
2019-09-04 16:17:18 +02:00
Kristoffer
85baedaca3 ceph: 12.2.7 -> 13.2.4
* maintain only one version
* ceph-client: init
* include ceph-volume python tool in output

nixos/ceph: extraConfig, fix test, wait for ceph-mgr to become active

* run ceph with disk group permission
* add extraConfig option for the global section
needed per cluster
* clear up how ceph.conf is generated
* fix ceph testcase
2019-09-04 16:01:42 +02:00
Vladimír Čunát
4aad2947f8
Merge branch 'master' into staging-next 2019-09-04 11:00:56 +02:00
Christian Kampka
81d0173023 maintainers: update my maintainer information (#67686) 2019-09-03 22:52:13 +02:00
Silvan Mosberger
ad13ebe029
Merge pull request #55510 from florianjacob/declarative-printers
nixos/printers: declarative configuration
2019-09-03 17:46:53 +02:00
Jan Tojnar
d1f9fcbbbc
libgdata.tests: add installedTests 2019-09-03 16:51:47 +02:00
worldofpeace
42f63ff5a8
Merge pull request #67957 from jtojnar/glib-networking-cleanup
glib-networking: clean up & add installed tests
2019-09-03 10:42:31 -04:00
Jan Tojnar
ecf6f4aeb1
glib-networking: add installed tests 2019-09-03 16:11:38 +02:00
Vladimír Čunát
f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
Florian Klink
f74735c9d7 nixos: remove dependencies on local-fs.target
Since https://github.com/NixOS/nixpkgs/pull/61321, local-fs.target is
part of sysinit.target again, meaning units without
DefaultDependencies=no will automatically depend on it, and the manual
set dependencies can be dropped.
2019-09-01 19:06:38 +02:00
Florian Jacob
18a5d23b55 nixos/printers: declarative configuration 2019-09-01 15:38:30 +02:00
Florian Klink
c00c4b1940 nixos/redis: add test 2019-09-01 14:13:01 +02:00
Jan Tojnar
ee7c590b60 nixos.tests.fontconfig-default-fonts: init
Make sure the fonts.enableDefaultFonts option works.
2019-09-01 00:09:25 -04:00
Frederik Rietdijk
ad1d58c622 Merge staging-next into staging 2019-08-31 10:04:20 +02:00
Frederik Rietdijk
fc74ba8291 Merge master into staging-next 2019-08-31 09:50:38 +02:00
aszlig
d7c7fc4603 nixos/tests/systemd: Fix x-initrd-mount flakiness (#67798)
It turns out that checking for the last mount time of an ext4 file
system isn't a very reliable way to check whether the file system was
properly unmounted.

When creating that test in the first place (88530e02b6),
I was reluctant to inspect the file system when the VM is down and was
searching for a way to check for a clean unmount *after* the file system
was mounted again to make sure we don't need to create a 512 MB raw
image on the host.

Fortunately however, when converting from qcow2, qemu-img actually
writes a sparse file, so for most file systems (that is, file systems
supporting sparse files) this shouldn't waste a lot of disk space.

So when investigating the flakiness, I found that whenever the test is
failing, the unmount of /test-x-initrd-mount was done *before* the final
step during which systemd remounts+unmounts all the remaining file
systems.

I haven't investigated why this is the case, but the test is a
regression test for https://github.com/NixOS/nixpkgs/issues/35268, which
actually didn't unmount the file system *at* *all*, so really all we
need to take care here is whether the unmount has happened and not
*how*.

To make sure that checking the filesystem state is enough for this, I
temporarily replaced the $machine->shutdown call with $machine->crash
and verified that the file system state is "not clean".

Signed-off-by: aszlig <aszlig@nix.build>
Fixes: https://github.com/NixOS/nixpkgs/issues/67555
2019-08-31 00:30:50 -04:00
Arian van Putten
604b7c139f Fix letsencrypt (#60219)
* nixos/acme: Fix ordering of cert requests

When subsequent certificates would be added, they would
not wake up nginx correctly due to target units only being triggered
once. We now added more fine-grained systemd dependencies to make sure
nginx always is aware of new certificates and doesn't restart too early
resulting in a crash.

Furthermore, the acme module has been refactored. Mostly to get
rid of the deprecated PermissionStartOnly systemd options which were
deprecated. Below is a summary of changes made.

* Use SERVICE_RESULT to determine status
This was added in systemd v232. we don't have to keep track
of the EXITCODE ourselves anymore.

* Add regression test for requesting mutliple domains

* Deprecate 'directory' option
We now use systemd's StateDirectory option to manage
create and permissions of the acme state directory.

* The webroot is created using a systemd.tmpfiles.rules rule
instead of the preStart script.

* Depend on certs directly

By getting rid of the target units, we make sure ordering
is correct in the case that you add new certs after already
having deployed some.

Reason it broke before:  acme-certificates.target would
be in active state, and if you then add a new cert, it
would still be active and hence nginx would restart
without even requesting a new cert. Not good!  We
make the dependencies more fine-grained now. this should fix that

* Remove activationDelay option

It complicated the code a lot, and is rather arbitrary. What if
your activation script takes more than activationDelay seconds?

Instead, one should use systemd dependencies to make sure some
action happens before setting the certificate live.

e.g. If you want to wait until your cert is published in DNS DANE /
TLSA, you could create a unit that blocks until it appears in DNS:

```
RequiredBy=acme-${cert}.service
After=acme-${cert}.service
ExecStart=publish-wait-for-dns-script
```
2019-08-29 16:32:59 +02:00
Silvan Mosberger
6233291d95
Merge pull request #64738 from rnhmjoj/magnetico
magnetico: init package and service
2019-08-28 18:39:21 +02:00
rnhmjoj
ea40c66bf5
nixos/magnetico: add test 2019-08-28 14:19:24 +02:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk
5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
worldofpeace
27a4afefbe
Merge pull request #66859 from worldofpeace/xfce4-14-module
nixos/xfce4-14: init
2019-08-27 22:37:03 -04:00
Frederik Rietdijk
98640fd482 Merge master into staging-next 2019-08-27 16:36:47 +02:00
Florian Klink
9a02d9c75e
Merge pull request #66984 from flokli/systemd-cgroup-accounting
nixos/systemd: enable systemd cgroup accounting by default
2019-08-27 11:38:28 +02:00
Aaron Andersen
87fdc06a97
Merge pull request #63634 from aanderse/moodle
moodle: init at 3.7.1
2019-08-26 21:12:44 -04:00
volth
35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Florian Klink
6b075ddc8f nixos/systemd: add cgroup accounting test 2019-08-25 22:26:12 +02:00
Marek Mahut
1a6d3f5bc2 nixos/jormungandr: adding genesis tests 2019-08-25 18:33:13 +02:00
Aaron Andersen
3bd03d2c0a nixos/moodle: init service 2019-08-25 08:12:28 -04:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Jan Tojnar
a8d3aebdce
Merge pull request #67318 from jtojnar/gnome-photos
gnome-photos: 3.32.0 → 3.32.1
2019-08-23 19:49:43 +02:00
Jan Tojnar
c6eb691fb8
gnome-photos: add installed tests 2019-08-23 19:31:14 +02:00
Lassulus
8b12bfcb83
Merge pull request #66215 from ajs124/ejabberd/19.08
ejabberd: 19.05 -> 19.08
2019-08-23 13:27:55 +02:00
Marek Mahut
882e5b0e05
Merge pull request #67213 from mmahut/jormungandr
nixos: adding jormungandr service
2019-08-23 11:07:49 +02:00
Marek Mahut
4aef2212ee
Revert "nixos/containers: add unprivileged option" 2019-08-23 08:24:06 +02:00
Marek Mahut
27acea73b8
Merge pull request #67130 from uvNikita/containers/unprivileged
nixos/containers: add unprivileged option
2019-08-23 08:00:35 +02:00
Jan Tojnar
91b46353a5
Merge pull request #67308 from jtojnar/libxmlb-0.1.11
libxmlb: 0.1.10 → 0.1.11
2019-08-23 02:06:41 +02:00
Jan Tojnar
93f4d6f6ae
nixos/tests/libxmlb: init 2019-08-23 01:34:48 +02:00
Marek Mahut
f4ca6e3dd1
Merge pull request #66722 from mmahut/trezord-emulator
trezord: adding emulator support (plus test)
2019-08-22 23:25:18 +02:00
Marek Mahut
8d0776be66 nixos/tests: adding jormungandr service test 2019-08-22 07:10:16 +02:00
worldofpeace
fd7d31b50e nixosTests.xfce4-14: init
This is pretty much identical to the xfce test we currently have.
2019-08-21 22:04:29 -04:00
Danylo Hlynskyi
855be67358
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads

Fixes: https://github.com/NixOS/nixpkgs/issues/15906
Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476

This add 2 new features: ability to review generated Nginx config
(and NixOS has sophisticated generation!) and reloading
of nginx on config changes. This preserves nginx restart on package
updates.

I've modified nginx test to use this new feature and check reload/restart
behavior.

* rename to enableReload

* add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
2019-08-21 16:52:46 +03:00
Florian Klink
9f237fe444
Merge pull request #45392 from dguibert/dg/wireguard
nixos/wireguard: setup interface with systemd-networkd
2019-08-21 15:48:05 +02:00
Félix Baylac-Jacqué
0528816570 systemd-networkd: add tests
(cherry picked from commit ec073e41a0dc8273cd81cf61fa37004310120af2)
2019-08-21 11:11:28 +02:00
Aaron Andersen
249b4ad942
Merge pull request #66492 from aanderse/extra-subservice-cleanup
nixos/httpd: extraSubservices cleanup
2019-08-20 18:55:08 -04:00
Nikita Uvarov
7e7fc6471e
nixos/containers: add unprivileged option
Fixes #57083.
2019-08-21 00:01:29 +02:00
ajs124
9a0e820f5d nixos/ejabberd: fix test for new release 2019-08-20 11:09:40 +02:00
Matthieu Coudron
0f32b32c95
Merge pull request #63150 from Izorkin/prosody-test
nixos/tests/prosody: update prosody tests
2019-08-20 17:52:58 +09:00
Michael Raskin
0cbeac4f66
Merge pull request #66736 from markuskowa/upd-gluster
glusterfs: 4.0 -> 6.5
2019-08-20 08:08:57 +00:00
Izorkin
89c69bfb79 prosody: fix work after update luadbi packages 2019-08-20 10:24:49 +03:00
Izorkin
bb4816d41c nixos/tests/prosodyMysql: add check work prosody with MySQL database 2019-08-20 10:24:49 +03:00
Izorkin
e328ea9c11 nixos/tests/prosody: checking work prosody through local network 2019-08-20 10:24:48 +03:00
Izorkin
691da63cba nixos/tests: move ejabberd and prosody test to xmpp folder 2019-08-20 10:24:47 +03:00
Marek Mahut
3b6258946f
Merge pull request #64407 from dasJ/icingaweb-test
nixos/icingaweb: Fix module path; Add test
2019-08-19 21:27:16 +02:00
Marek Mahut
94c51859df
Merge pull request #66846 from uvNikita/containers/ephemeral
nixos/containers: add 'ephemeral' option
2019-08-19 20:55:33 +02:00
Florian Klink
93a03177f2
Merge pull request #66482 from flokli/systemd-sysctl
nixos/systemd: install sysctl snippets
2019-08-19 16:32:00 +02:00
Nikita Uvarov
c740f0d400
nixos/containers: add 'ephemeral' option 2019-08-19 15:21:35 +02:00
Aaron Andersen
8227b2f29e
Merge pull request #66399 from mmahut/metabase
metabase: service module and test
2019-08-18 19:49:05 -04:00
Markus Kowalewski
6104ad00a1
nixos/glusterfs: add test 2019-08-18 18:58:00 +02:00
Florian Klink
8e923dfe36 nixosTests.systemd: add fq_codel test 2019-08-18 17:54:26 +02:00
Florian Klink
368be910fc
Merge pull request #66825 from flokli/nixos-systemd-test-dup
nixosTests.systemd: remove duplicate copypasta
2019-08-18 17:54:09 +02:00