systemd-247 provides a mechanism called LoadCredential for secrets and
it is better than environment file. See the section of Environment=
in the manual of systemd.exec for more information.
Some options in config.yaml need values to be strings, which currently
can be used with environmentFile but not loadCredential. But it's
possible to use loadCredential for those options, e.g. we can
substitute their values in ExecStart, but not in ExecStartPre due to
[1].
[1]: https://github.com/systemd/systemd/issues/19604
Prior to this patch:
$ nix-instantiate --eval -E '
> with import ./. {
> localSystem.config = "aarch64-unknown-linux-musl";
> };
> (nixos {}).config.nixpkgs.localSystem.config
> '
"aarch64-unknown-linux-gnu"
Because only the system triple was being passed through, the Musl part
of the system specification was lost. This patch fixes various
occurrences of NixOS evaluation when a Nixpkgs evaluation is already
available, to pass through the full elaborated system attribute set,
to avoid this loss of precision.
we expose it under settings instead of at the listener toplevel because
mosquitto seems to pick the addresses it will listen on
nondeterministically from the set of addresses configured on the
interface being bound to. encouraging its use by putting it into the
toplevel options for a listener seems inadvisable.
The old attribute is deprecated:
trace: warning: In test `chromium-stable': The `machine' attribute in NixOS
tests (pkgs.nixosTest / make-test-pyton.nix / testing-python.nix / makeTest) is
deprecated. Please use the equivalent `nodes.machine'.
Note: This is only a refactoring.
This allows btrbk instances without a triggering timer by setting
`onCalendar` to `null`.
This is useful for manual-starting only btrbk backup settings.
This will package up the closure of pkgs.hello in a tarball, and will
later on verify machinectl pull-tar properly unpacked it, serving as a
regression test for #108158.
Closes#108158
Initially applied via e7f6370701, then
reverted by 96aaf29234.
Re-applying this patch: the pleroma NixOS test is broken without it.
It was originally impossible to login in toot without having an
interactive shell. I opened https://github.com/ihabunek/toot/pull/180
upstream to fix that and fetch this patch for this test.
The author decided to fix the issue using a slightly different
approach at a3eb5dca24
Because of this upstream fix, our custom patch does not apply anymore.
Using that stdin-based login upstream feature.
Pointing pleroma_ctl to the right RELEASE_COOKIE as well.
Added Nextcloud 23 and set it as the default Nextcloud version for the
NixOS module. Added PHP 8.1 as an option for phpPackage and default for
Nextcloud ≥ 24.
The test would previously error out like this:
> synapse_homeserver[1155]: synapse.config._base.ConfigError: You have
> enabled open registration without any verification. This is a known
> vector for spam and abuse. If you would like to allow public
> registration, please consider adding email, captcha, or token-based
> verification. Otherwise this check can be removed by setting the
> `enable_registration_without_verification` config option to `true`.
- Make tests/lxd.nix use NixOS's lxdMeta & lxdImage to avoid relying on
3rd party containers such as Alpine Linux for testing purposes.
- Merge tests/lxd-image.nix into tests/lxd.nix, since now both have a
similar structure.
- Extract duplicated inline LXD configuration into a separate file,
- Add passthru.lxd-nftables & passthru.lxd-image-server.
This commit implements the following additional test cases for gitlab:
- Creating regular users
- git clone over http and ssh
- git push over ssh
- Forking projects
- Creating and merging Merge Requests
- Opening and closing issues.
Run each browser check as a separate NixOS test.
This fixes a problem in which one browser starts up before the previous
browser is finished exiting, exhausting a resource and causing a
spurious test failure.
As a bonus, splitting the test
* Gives more signal about exactly what's broken in the pass/fail status,
* Makes it easier to quickly diagnose test failures,
* Makes development iteration faster,
* Allows concurrent test execution, which makes the test finish sooner
when parallel builds are enabled.
* Would allow each browser's test to be included in its nixpkgs
passthru.tests, if desired (not done in this commit).
Reviewed-by: rnhmjoj <rnhmjoj@inventati.org>
this commit passes the build dependencies to the
pgadmin nixos test for package and regression testing.
Also added changelog and some clarifying comments.
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
We need to move NixOS containers somewhere else so these don't clash
with Podman, Skopeo & other container software in the libpod &
cri-o/cri-u/libcontainer ecosystems.
The state directory move is not strictly a requirement but is good for
consistency.
Tested on a RPi3 B+ with a 2g swapfile. On that system the test
still sometimes fails, but I suspect this is because it is really
just not powerful enough for this task.
Fixes#170395
