nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-28 01:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
286,871 Commits 241 Branches 124 Tags 7.9 GiB
4e98ae6418
Commit Graph

3396 Commits

Author SHA1 Message Date
Luke Granger-Brown
4e98ae6418
Merge pull request #120548 from minijackson/jellyfin-enhanced-test 
nixos/tests/jellyfin: enhanced test
 2021-05-03 20:38:22 +01:00
Minijackson
2ab88a31fe
nixos/tests/jellyfin: enhanced test 2021-05-03 20:48:13 +02:00
Luke Granger-Brown
049850341e
Merge pull request #121540 from lukegb/postfix-compat 
nixos/tests/rspamd: fix OOM flakyness
 2021-05-03 17:36:46 +01:00
Luke Granger-Brown
4e06e6e005
Merge pull request #121541 from lukegb/git-test 
nixos/tests/gitdaemon: deflake by using systemd-tmpfiles
 2021-05-03 17:36:01 +01:00
Luke Granger-Brown
4f9fe889b8
Merge pull request #121548 from lukegb/bios-usb-better 
nixos/tests/installer: fix for i686-linux
 2021-05-03 17:35:24 +01:00
Martin Weinelt
d23610ae65
Merge pull request #121209 from mweinelt/pinnwand 2021-05-03 18:24:45 +02:00
Florian Klink
9071cb3001
Merge pull request #121416 from primeos/nixos-tests-replace-QEMU_OPTS 
nixos/tests: Replace QEMU_OPTS usages with virtualisation.qemu.options
 2021-05-03 17:23:49 +02:00
Luke Granger-Brown
a0da004326
Merge pull request #121376 from urbas/amazon-init-shell-script-support 
nixos/amazon-init: add user-data shell script support
 2021-05-03 16:01:26 +01:00
Martin Weinelt
b208338c36
nixos/tests/pinnwand: use wait_for_open_port instead of direct sockstat call 2021-05-03 16:52:06 +02:00
Martin Weinelt
7b2bc43dba
nixos/tests/pinnwand: add negative-test for the reaper 
The reaper, at this point, should not delete a freshly created paste.
 2021-05-03 16:52:05 +02:00
Martin Weinelt
f1c32c2809
nixos/tests/pinnwand: show systemd-analyze security 
Easy way to revisit the hardening setup of the systemd unit.
 2021-05-03 16:52:05 +02:00
Michele Guerini Rocco
e5bbb1cf33
Merge pull request #121539 from lukegb/custom-ca-debug 
nixos/tests/custom-ca: fix by setting Content-Type
 2021-05-03 10:49:57 +02:00
Luke Granger-Brown
d922cad4d6
Merge pull request #119172 from midchildan/package/trafficserver 
nixos/trafficserver: init
 2021-05-03 09:48:07 +01:00
Luke Granger-Brown
b942e0f650 nixos/tests/installer: don't break under i686 
Currently, the installer tests just hang after the initial install phase
on i686 because qemu just quits because of the gic parameter.

Fix this by doing x86 things for both x86-64 and i686.
 2021-05-03 01:44:54 +00:00
Martin Weinelt
d67fc76603
Merge pull request #120536 from mweinelt/mosquitto 2021-05-03 00:41:21 +02:00
Martin Weinelt
1dbb60f562
nixos/tests/home-assistant: update maintainership to home-assistant team 2021-05-03 00:21:25 +02:00
Martin Weinelt
8ab7fc1107
nixos/tests/home-assistant: test capability passing 
Configures the emulated_hue component and expects CAP_NET_BIND_SERVICE
to be passed in order to be able to bind to 80/tcp.

Also print the systemd security analysis, so we can spot changes more
quickly.
 2021-05-03 00:21:25 +02:00
Luke Granger-Brown
f2a91ec2b7 nixos/tests/gitdaemon: deflake by using systemd-tmpfiles 
git-daemon won't start up if its project directory (here /git) doesn't
exist. If we try to create it using the test harness, then we're racing
whether we manage to connect to the backdoor vs. the startup speed of
git-daemon.

Instead, use systemd-tmpfiles, which is guaranteed(?) to run before
network.target and thus before git-daemon.service starts.
 2021-05-02 21:58:43 +00:00
Luke Granger-Brown
a6fb22a689 nixos/tests/rspamd: increase memory 
rspamd seems to be consuming more memory now sometimes, causing OOMs in
the test.

Increase the memory given to these VMs to make the tests pass more
reliably.
 2021-05-02 21:50:17 +00:00
Luke Granger-Brown
da000ae239 nixos/tests/custom-ca: fix by setting Content-Type 
This test was failing because Firefox was displaying a download prompt
rather than the page content, presumably because mumble mumble
content-type sniffing.

By explicitly setting a content-type, the test now passes.
 2021-05-02 21:38:56 +00:00
Michael Weiss
c6325c8325
nixos/tests: Replace QEMU_OPTS usages with virtualisation.qemu.options 
See [0]: "QEMU_OPTS is something that should be set by people running VM
tests interactively, to do port forwardings etc.
We really should not poke with it from the test script - that's what
virtualisation.qemu.options is for."

[0]: https://github.com/NixOS/nixpkgs/pull/119615#discussion_r624145020

Co-authored-by: Florian Klink <flokli@flokli.de>
 2021-05-01 20:20:29 +02:00
Martin Weinelt
33e867620e
nixos/mosquitto: harden systemd unit 
It can still network, it can only access the ssl related files if ssl is
enabled.

✗ PrivateNetwork=                                             Service has access to the host's network                                            0.5
✗ RestrictAddressFamilies=~AF_(INET|INET6)                    Service may allocate Internet sockets                                               0.3
✗ DeviceAllow=                                                Service has a device ACL with some special devices                                  0.1
✗ IPAddressDeny=                                              Service does not define an IP address allow list                                    0.2
✗ RootDirectory=/RootImage=                                   Service runs within the host's root directory                                       0.1
✗ RestrictAddressFamilies=~AF_UNIX                            Service may allocate local sockets                                                  0.1

→ Overall exposure level for mosquitto.service: 1.1 OK 🙂
 2021-05-01 19:46:48 +02:00
Martin Weinelt
efb30a191e
Merge pull request #120529 from mweinelt/zigbee2mqtt 2021-04-30 21:59:22 +02:00
Florian Klink
44a0debca7
Merge pull request #121021 from pennae/container-sigterm 
nixos/nix-containers: use SIGTERM to stop containers
 2021-04-30 21:35:16 +02:00
Martin Weinelt
f1e7183f69
nixos/tests/zigbee2mqtt: relax DevicePolicy and log systemd-analye security 2021-04-30 19:42:26 +02:00
Michael Weiss
28b8cff301
nixos/tests/cage: Fix the test with wlroots 0.13 
See #119615 for more details. The aarch64-linux test failed with
"qemu-system-aarch64: Virtio VGA not available" so I've restricted the
test to x86_64-linux (the virtio paravirtualized 3D graphics driver is
likely only available on very few platforms).
 2021-04-30 15:57:04 +02:00
pennae
317a2c9f26 nixos/nix-containers: add tests for early/no-machined container stop 2021-04-30 15:43:27 +02:00
Michael Weiss
af99194379
nixos/tests/cage: Increase the xterm font size to fix the test 
The result still looks far from ideal but at least it gets recognized
now. "-fa Monospace" is required to switch to a font from the FreeType
library so that "-fs 24" works.

Note: Using linuxPackages_latest is not required anymore.
 2021-04-29 21:08:10 +02:00
Kim Lindberger
abecdfea73
Merge pull request #120833 from talyz/pipewire-0.3.26 
pipewire: 0.3.25 -> 0.3.26
 2021-04-29 18:46:35 +02:00
Florian Klink
7f9a5ad257
cage: drop maintainership (#121174) 
I cannot currently maintain this, as I don't have access to the hardware
running it anymore.
 2021-04-29 18:07:13 +02:00
WilliButz
674cea17a7
Merge pull request #120492 from SuperSandro2000/prometheus-unbound-exporter 
Prometheus unbound exporter
 2021-04-29 10:54:22 +02:00
Sandro Jäckel
d3fe53a8a6
nixos/tests/prometheus-exporters: nixpkgs-fmt 2021-04-29 06:19:31 +02:00
Sandro Jäckel
da858b16b8
nixos/tests/prometheus-exporters: add unbound test 
Author: WilliButz <willibutz@posteo.de>
 2021-04-29 06:19:30 +02:00
Luke Granger-Brown
f64e68e09b
Merge pull request #120071 from johanot/ceph-16 
ceph: 15.2.10 -> 16.2.1
 2021-04-29 00:03:45 +01:00
Samuel Dionne-Riel
1f4dedfa64
Merge pull request #120667 from samueldr/fix/grub1-test 
nixosTests.installer: Fix grub1 test being unreliable
 2021-04-27 19:32:13 -04:00
talyz
1215bd4ea9
Revert "nixos/tests/gitlab: add 32 byte secrets" 
This reverts commit d6e0d38b84.

We need shorter secrets to continue working, since the earlier
recommendation was too short and there's no way to rotate the them.
 2021-04-27 18:08:59 +02:00
talyz
6edd102013
pipewire: Fix tests 2021-04-27 12:41:35 +02:00
Luke Granger-Brown
825a9ad1f9
Merge pull request #120286 from lukegb/hibernate-install 
nixos/tests/hibernate: install a system instead
 2021-04-26 18:00:41 +01:00
midchildan
5bfb427b15
nixos/tests/trafficserver: init 2021-04-27 00:02:19 +09:00
Samuel Dionne-Riel
7d112134de nixosTests.installer: Fix grub1 test being unreliable 
The kernel sometimes assigns `/dev/sdb` to the 8GiB disk. This, in turn,
means the test will fail because we're targeting the wrong disk.

```
machine # [    0.000000] sd 2:0:0:0: [sda] 16777216 512-byte logical blocks: (8.59 GB/8.00 GiB)
machine # [    0.000000] sd 3:0:0:0: [sdb] 1048576 512-byte logical blocks: (537 MB/512 MiB)
```

```
machine # [    0.000000] sd 2:0:0:0: [sdb] 16777216 512-byte logical blocks: (8.59 GB/8.00 GiB)
machine # [    0.000000] sd 3:0:0:0: [sda] 1048576 512-byte logical blocks: (537 MB/512 MiB)
```

Note how the "sd x:0:0:0:` ID is stable. That is because QEMU **is**
told to give specific identifiers to the disks. So using the
dev/disk/by-id/ identifiers is stable.

* * *

Tested by forcing the sda/sdb swap this way:

    diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix
    index 24c55081f9a..2eee224351b 100644
    --- a/nixos/tests/installer.nix
    +++ b/nixos/tests/installer.nix
    @@ -702,12 +702,19 @@ in {
               + " mkpart primary linux-swap 1M 1024M"
               + " mkpart primary ext2 1024M -1s",
               "udevadm settle",
    +      )
    +      print(machine.succeed("find /dev/disk/ '!' -type d -printf '%p → %l\n' | sort"))
    +      machine.succeed(
               "mkswap ${grubDevice}-part1 -L swap",
               "swapon -L swap",
               "mkfs.ext3 -L nixos ${grubDevice}-part2",
               "mount LABEL=nixos /mnt",
               "mkdir -p /mnt/tmp",
           )
    +      machine.succeed("echo success")
    +      machine.succeed(
    +          'if [[ "$(find ${grubDevice} -printf \'%l\')" != "../../sdb" ]]; then exit 22; else true; fi'
    +      )
         '';
         grubVersion = 1;
         # /dev/sda is not stable, even when the SCSI disk number is.

And ran this way:

     $ until (clear; tmux clear ; time env -i nix-build nixos/release-combined.nix -A nixos.tests.installer.grub1.x86_64-linux); do echo derp; done
 2021-04-25 19:59:29 -04:00
Luke Granger-Brown
ed83f6455c
Merge pull request #119443 from ambroisie/add-podgrab 
Add podgrab package and module
 2021-04-25 14:12:40 +01:00
Frederik Rietdijk
c648f7ee2a Merge master into staging-next 2021-04-25 13:54:29 +02:00
Luke Granger-Brown
0cc25061b0
Merge pull request #114240 from sorki/containers/nested 
nixos/nixos-containers: default boot.enableContainers to true
 2021-04-25 11:37:01 +01:00
github-actions[bot]
a956f62ea4
Merge master into staging-next 2021-04-25 06:05:34 +00:00
Jan Tojnar
0f1c4558d3
Merge branch 'master' into staging-next 
Choose binwalk 2.3.1, 27 is legacy version for Python 2.
 2021-04-25 02:50:48 +02:00
Martin Weinelt
ceb26b53d8 nixos/tests/babeld: drop forwarding sysctls 
They are now set as part of the babeld module.
 2021-04-25 00:55:05 +02:00
Maximilian Bosch
7b2982e22e
Merge pull request #119498 from mweinelt/tests-bird 
nixos/test/prometheus-exporters/bird: fix race condition
 2021-04-24 21:13:09 +02:00
github-actions[bot]
6e7c70d02d
Merge master into staging-next 2021-04-24 00:16:17 +00:00
Martin Weinelt
fc55a1bdd4
nixos/tests/prometheus-exporters/bird: set router id 
Previously bird would refuse to start up because the router id wasn't
set.

> bird[682]: Cannot determine router ID, please configure it manually
 2021-04-23 23:34:26 +02:00
Maximilian Bosch
f62b42f405
Merge pull request #120125 from BBBSnowball/pr-add-config-nextcloud-imagick-rename-option 
nixos/nextcloud: Rename option disableImagemagick to enableImagemagick
 2021-04-23 23:27:34 +02:00