Commit graph

5561 commits

Author SHA1 Message Date
Carl Richard Theodor Schneider
647ed242dc nixos/adguardhome: allow for empty/unmanaged configs
This commit fixes broken non-declarative configs by
making the assertions more relaxed.
It also allows to remove the forced configuration merge by making
`settings` `null`able (now the default).

Both cases (trivial non-declarative config and `null`able config) are
verified with additional tests.

Fixes #198665
2022-11-15 23:43:15 -05:00
Franz Pletz
69f8e94c46
Merge pull request #199587 from lorenz/fscrypt
nixos/pam: support fscrypt login protectors
2022-11-14 09:42:35 +01:00
Franz Pletz
2274143409
Merge pull request #200611 from fpletz/libvirtd-fix-autostart 2022-11-14 09:21:00 +01:00
Florian Brandes
ba3f3b73ad
sqlite3-to-mysql: init at 1.4.16
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
2022-11-13 20:18:24 +01:00
Justinas Stankevicius
3f6eb10dbd nixos/mastodon: fix definition of mastodon-media-auto-remove 2022-11-12 22:22:41 +01:00
Lorenz Brun
f046cc0923 nixos/pam: support fscrypt login protectors
fscrypt can automatically unlock directories with the user's login
password. To do this it ships a PAM module which reads the user's
password and loads the respective keys into the user's kernel keyring.

Significant inspiration was taken from the ecryptfs implementation.
2022-11-11 15:37:39 +01:00
Maximilian Bosch
35b146ca31
nixos/nextcloud: fixup openssl compat change
Upon testing the change itself I realized that it doesn't build properly
because

* the `pname` of a php extension is `php-<name>`, not `<name>`.
* calling the extension `openssl-legacy` resulted in PHP trying to compile
  `ext/openssl-legacy` which broke since it doesn't exist:

      source root is php-8.1.12
      setting SOURCE_DATE_EPOCH to timestamp 1666719000 of file php-8.1.12/win32/wsyslog.c
      patching sources
      cdToExtensionRootPhase
      /nix/store/48mnkga4kh84xyiqwzx8v7iv090i7z66-stdenv-linux/setup: line 1399: cd: ext/openssl-legacy: No such file or directory

I didn't encounter that one before because I was mostly interested in
having a sane behavior for everyone not using this "feature" and the
documentation around this. My findings about the behavior with turning
openssl1.1 on/off are still valid because I tested this on `master` with
manually replacing `openssl` by `openssl_1_1` in `php-packages.nix`.

To work around the issue I had to slightly modify the extension
build-system for PHP:

* The attribute `extensionName` is now relevant to determine the output
  paths (e.g. `lib/openssl.so`). This is not a behavioral change for
  existing extensions because then `extensionName==name`.

  However when specifying `extName` in `php-packages.nix` this value is
  overridden and it is made sure that the extension called `extName` NOT
  `name` (i.e. `openssl` vs `openssl-legacy`) is built and installed.

  The `name` still has to be kept to keep the legacy openssl available
  as `php.extensions.openssl-legacy`.

Additionally I implemented a small VM test to check the behavior with
server-side encryption:

* For `stateVersion` below 22.11, OpenSSL 1.1 is used (in `basic.nix`
  it's checked that OpenSSL 3 is used). With that the "default"
  behavior of the module is checked.

* It is ensured that the PHP interpreter for Nextcloud's php-fpm
  actually loads the correct openssl extension.

* It is tested that (encrypted) files remain usable when (temporarily)
  installing OpenSSL3 (of course then they're not decryptable, but on a
  rollback that should still be possible).

Finally, a few more documentation changes:

* I also mentioned the issue in `nextcloud.xml` to make sure the issue
  is at least mentioned in the manual section about Nextcloud. Not too
  much detail here, but the relevant option `enableBrokenCiphersForSSE`
  is referenced.

* I fixed a few minor wording issues to also give the full context
  (we're talking about Nextcloud; we're talking about the PHP extension
  **only**; please check if you really need this even though it's
  enabled by default).

  This is because I felt that sometimes it might be hard to understand
  what's going on when e.g. an eval-warning appears without telling where
  exactly it comes from.
2022-11-11 14:45:46 +01:00
Martin Weinelt
90ad4d9da7
Merge pull request #200629 from helsinki-systems/fix/test-dhparams 2022-11-11 12:11:55 +01:00
ajs124
8bb4c87281 nixosTests.dhparams: fix with openssl3 2022-11-11 02:55:54 +01:00
Franz Pletz
8cc2dcce7d
Merge pull request #199524 from ymarkus/zfs-exporter
nixos/prometheus-zfs-exporter: init
2022-11-11 02:01:13 +01:00
Franz Pletz
d82f52519a
nixos/libvirtd: always start libvirtd
Previously we did socket-activation but this breaks the autostart
feature since upstream expects libvirtd to be started unconditionally on
boot.

Fixes #171623.
2022-11-11 01:10:37 +01:00
Eelco Dolstra
0a00b332cd
Merge pull request #198526 from farnoy/nixos-container-unified-cgroups
[nixos-container] Make nixos containers use unified cgroupsv2
2022-11-10 13:37:43 +01:00
Maximilian Bosch
61128cba67
nixos/nextcloud: minor docs cleanup for openssl change
* s/NextCloud/Nextcloud/g
* `enableBrokenCiphersForSSE` should be enabled by default for any NixOS
  installation from before 22.11 to make sure existing installations
  don't run into the issue. Not the other way round.
* Update release notes to reflect on that.
* Improve wording of the warning a bit: explain which option to change
  to get rid of it.
* Ensure that basic tests w/o `enableBrokenCiphersForSSE` run with
  OpenSSL 3.
2022-11-10 12:17:43 +01:00
Raito Bezarius
7eefaeb5e3
nextcloud25: use openssl 1.1 as a PHP extension to fix RC4 encryption 2022-11-10 12:17:43 +01:00
Jonas Heinrich
f7f9442695 nixos/invoiceplane: Enable clean url 2022-11-09 08:17:52 -05:00
ajs124
47cbd610ce varnish71: drop 2022-11-08 14:35:01 +01:00
Sandro
4f8277ef10
Merge pull request #200094 from mdlayher/mdl-zrepl 2022-11-08 01:53:26 +01:00
Matt Layher
8ec252784e
zrepl: 0.5.0 -> 0.6.0
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2022-11-07 18:35:44 -05:00
Michael Weiss
acf257739b
Merge pull request #199902 from primeos/nixos-tests-chromium
nixos/tests/chromium: Re-enable the chrome://gpu test for M107
2022-11-08 00:21:13 +01:00
illustris
140bd1aef4
hbase: update versions and remove EoL version
- remove 1.7
- 2.4.11 -> 2.4.15
- init 2.5.1
- 3.0.0-alpha-2 -> 3.0.0-alpha-3
2022-11-07 12:01:36 +05:30
zowoq
58a59738d5 nixos/tests/podman: fix rootless systemd 2022-11-07 14:11:34 +10:00
zowoq
bbfdc6ce4d nixos/tests/podman: move docker tests to separate node 2022-11-07 14:11:34 +10:00
Lily Foster
c2b3c9794d nixosTests: test spaces in mount options via btrfs subvols
Also enabled the btrfs tests for installer-systemd-stage-1 again
2022-11-06 22:15:35 +01:00
Michael Weiss
673f7d025b
nixos/tests/chromium: Re-enable the chrome://gpu test for M107
I need to fix copying the chrome://gpu content to the clipboard (Ctrl+a doesn't
work anymore so we have to click the button) but we can at least test the font
rendering for now.
2022-11-06 21:48:57 +01:00
ajs124
f22af0612d mariadb: fix nixos tests
after 8b30afdd78
2022-11-06 18:49:17 +01:00
Jakub Okoński
12508ac79a nixos-container: force systemd-nspawn to use unified cgroups hierarchy 2022-11-06 17:12:02 +01:00
Henri Menke
9ab02e1ec6
nginxModules.njs: init at 0.7.8 2022-11-05 21:40:57 +01:00
Maximilian Bosch
dc03bcda57
Merge pull request #199683 from robryk/wrappertests
nixos/security/wrappers: add test
2022-11-05 20:57:46 +01:00
Robert Obryk
3628ad0a9e nixos/security/wrappers: add test
This is a small smoke test of each piece (setuid, setgid, caps) of
wrappers' functionality. It doesn't try to check for combinations of
functionalities or anything more complicated.
2022-11-05 12:38:11 +01:00
Dominique Martinet
01ff1dd23f logrotate service: cleanup deprecated options 2022-11-05 10:34:03 +09:00
Yannick Markus
50f308b059 nixos/prometheus-zfs-exporter: init 2022-11-04 14:43:01 +01:00
Bjørn Forsman
8973da1d91 nixos/tests/bazarr: set timezone to fix runtime failure
Ref. https://github.com/morpheus65535/bazarr/issues/1983.
2022-11-04 14:10:31 +01:00
Bjørn Forsman
166c9c8269 nixos/tests/bazarr: fix eval error
The test still doesn't pass, it has some runtime issues as well.

Fixes: 5803706662 ("nixos/tests: fix type mismatch in wait_for_open_port")
2022-11-04 14:10:31 +01:00
ajs124
f888abe781
Merge pull request #198484 from LeSuisse/cassandra-2-drop
cassandra_2_1, cassandra_2_2: drop
2022-11-04 00:05:42 +01:00
ajs124
42ec4ec905
Merge pull request #198303 from cleeyv/jitsi-update
Update of all Jitsi Meet components
2022-11-03 22:57:04 +01:00
Cleeyv
6873292f43 nixos/tests/jibri: remove grep for obsolete videobridge health check
As already fixed earlier this year in the jitsi-meet test by @ajs124
729764a32d
2022-11-03 17:00:45 -04:00
talyz
d65910761c
nixos/keycloak: Escape database password properly 2022-11-03 14:15:53 +01:00
Bernardo Meurer
c459a3638a
Merge pull request #198992 from lovesegfault/kernel-drop-eol 2022-11-02 12:48:53 +00:00
Sandro
a01b2b807e
Merge pull request #197221 from azahi/endlessh-module 2022-11-01 23:44:25 +01:00
Sandro
dcb0e1f692
Merge pull request #194059 from onny/invoiceplane-test 2022-11-01 22:53:13 +01:00
Jonas Heinrich
a6e8bd09f3 invoiceplane: 1.5.11 -> 1.6-beta-1 2022-11-01 19:48:09 +01:00
Sandro
597ed547fc
Merge pull request #198637 from prusnak/miniupnpc 2022-11-01 18:17:18 +01:00
Pavol Rusnak
d7788c7303
miniupnpc_1: drop
- it is time to drop 6 years old version
- no package really requires miniupnpc 1.x
- miniupnpc package now defaults to 2.x
2022-11-01 16:55:31 +01:00
Bernardo Meurer
8cc5d8e32a
linuxKernel.kernels.linux_5_19: drop
The 5.19.x series has reached EOL, and is no longer supported upstream.
2022-11-01 15:15:08 +00:00
Bobby Rong
d8d07760bc
Merge pull request #197043 from r-ryantm/auto-update/dolibarr
dolibarr: 16.0.0 -> 16.0.1
2022-11-01 21:32:37 +08:00
Bobby Rong
48adf8f8d1
nixos/tests/dolibarr: add to all-tests 2022-11-01 21:02:39 +08:00
talyz
b82316bc91
nixos/keycloak: Escape admin password properly 2022-10-31 19:20:35 +01:00
Stanisław Pitucha
08fbb5de2d
Merge pull request #190325 from fgaz/merecat/init
merecat: init at 2.31
2022-10-31 21:23:03 +11:00
Francesco Gazzetta
b43605fb03 nixos/merecat: init 2022-10-31 09:24:28 +01:00
Sandro
4f989630d2
Merge pull request #197989 from SuperSandro2000/healthchecks 2022-10-30 19:46:18 +01:00
Bjørn Forsman
fcf81f91a3 nixos/jenkins-job-builder: better defaults for accessUser/accessTokenFile
The new defaults allows jenkins-job-builder to reload the configuration
out-of-the-box, whereas the previous defaults required users to manually
reload/restart jenkins, or configure accessUser/accessTokenFile
themselves.

(If `extraJavaOptions = [ "-Djenkins.install.runSetupWizard=false" ]`
then the initial admin user is *not* created and you have to use JCasC
or something else to bootstrap.)
2022-10-30 19:01:48 +01:00
Thomas Gerbet
c7c4f66546 cassandra_2_1, cassandra_2_2: drop
Cassandra 2.x is no more supported upstream and is affected by some vulnerabilities
(CVE-2020-13946, CVE-2020-17516).
2022-10-29 17:49:57 +02:00
Euan Kemp
9d477c37ac nixos/tests/k3s: fix multi-node test
This corrects the multi-node test after a couple recent changes which
resulted in it being broken.

The `lib.toString` change was an incorrect tree-wide refactor, and the
aarch64 change also introduced an error in python indentation/formatting
I believe.
2022-10-28 21:03:30 -07:00
Florian Klink
eec71f9dee
Merge pull request #186314 from ck3d/unit-add-map-control
nixos: Add option to influence override strategies in systemd units
2022-10-28 17:56:49 +02:00
pennae
d55c393aa2 nixos/mosquitto: fix test
looks like stricter typing checks broke this one?
2022-10-28 17:39:30 +02:00
Sandro Jäckel
3c4c38a799
nixos/tests/healthchecks: update test for auto user change in healthchecks-manage 2022-10-28 13:34:18 +02:00
Sandro
432e5e65a9
Merge pull request #197104 from Luflosi/kubo-RFC42 2022-10-27 23:48:33 +02:00
Christian Kögler
9bb2a979d4 nixos/tests/machinectl: Disable tmpfs for /tmp 2022-10-27 20:19:18 +02:00
illustris
79cf21151e nixos/cloud-init: fix hostname and resolvconf configuration
- Fix hostname configuration on proxmox, which uses "hostname" in user-data
  instead of "local-hostname" in meta-data.
- Allow setting resolv.conf through cloud-init
- Add tests for new changes
- Add timeouts to make tests fail faster
2022-10-27 08:07:48 +02:00
Sandro
8f0c7e38cb
Merge pull request #190181 from RaitoBezarius/garage-module
services/garage: init
2022-10-27 02:14:01 +02:00
Sandro
7742fdb7d5
Merge pull request #197450 from tomfitzhenry/dnscrypt-proxy2-test-listen-port 2022-10-27 00:51:02 +02:00
Sandro
8ebdb3e6fe
Merge pull request #176701 from CRTified/adguardhome-schemaversion 2022-10-26 22:52:04 +02:00
Thiago Kenji Okada
06ccee0e4e
Merge pull request #197865 from srhb/unbreak-kafka
Unbreak kafka
2022-10-26 15:44:26 +01:00
Sarah Brofeldt
af484ef1c4 nixos/tests/kafka: Fix tests
Requires new flags that works across all versions
Drops unused 0.9 compat
2022-10-26 15:41:40 +02:00
06kellyjac
07ff3b1737 tracee: 0.8.3 -> 0.9.2
Use our built copy of libbpf.a
2022-10-26 12:11:44 +01:00
Niklas Hambüchen
f5c5386870 nixos/smokeping: Don't show 413 Forbidden on thttpd /. Fixes #197704 2022-10-25 23:11:50 +02:00
Vladimír Čunát
0079830888
Merge #195644: mysql57: drop 2022-10-25 21:23:27 +02:00
Carl Richard Theodor Schneider
1526a1b041 adguardhome: Add schema_version
This will add `passthru.schema_version` to be used as default value for
the adguardhome module.
It will also update the `update.sh` to keep the `schema_version` in sync
with the version by inspecting the sourcecode.

This might break existing configs, if they use deprecated values that don't
appear in newer schema_versions and schema_version wasn't set explicitly.
Explicit declarations of schema_version always have higher priority.

This also removes the `host` and `config` settings in favour of using the
appropriate `settings`.

Fixes #173938

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-10-25 17:35:27 +02:00
Sandro
9237fad409
Merge pull request #185169 from extole/kafka_3 2022-10-25 16:45:08 +02:00
Jörg Thalheim
92ab8de4d4
Merge pull request #197376 from ck3d/fix-nspawn-generator
nixos/unitGenerator: fix generation for nspawn files
2022-10-25 13:17:44 +02:00
Michael Weiss
5389fbe783
nixos/tests/chromium: Disable a failing test for M107+
I haven't had time to look into this yet but it looks like opening chrome://gpu
doesn't work anymore without proper GPU rendering (we use software rendering
due to the virtualisation).
According to the console output the new window never opens (at least with
Google Chrome - I couldn't test it with Chromium yet due to the failing builds
for M107 and M108):
```
(finished: sending keys ‘chrome://gpu
‘, in 0.14 seconds)
machine: waiting for a window to appear
machine: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d'
(finished: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d', in 0.05 seconds)
machine # Error: eglChooseConfig returned zero configs
machine #     at Create (../../third_party/dawn/src/dawn/native/opengl/ContextEGL.cpp:53)
machine #
machine: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d'
machine # WARNING: lavapipe is not a conformant vulkan implementation, testing use only.
(finished: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d', in 0.06 seconds)
machine: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d'
(finished: must succeed: xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d', in 0.09 seconds)
[...]
```
2022-10-24 21:33:14 +02:00
Michael Weiss
0fa4d17725
nixos/tests/chromium: Fix the tests for Google Chrome
The meta attribute "timeout" is only set for Chromium (might still be required
due to the long build duration). The Google Chrome tests were failing with:

    error: attribute 'timeout' missing

According to nixos/lib/testing/meta.nix "null values are filtered out by
`meta`" so `timeout = chromiumPkg.meta.timeout or null` might be fine as
well.
2022-10-24 21:33:11 +02:00
Bernardo Meurer
8a7f3f3271
Merge pull request #197585 from KFearsoff/fix-broken-grafana-configs 2022-10-24 18:28:42 +02:00
KFears
f3cb29a5b8 nixos/grafana: fix issues with rfc42 refactoring 2022-10-24 19:31:50 +04:00
oxalica
50eb816d29 nixos/btrbk: fix ordering of subsections and refactor 2022-10-24 08:52:25 +08:00
Tom Fitzhenry
98d2540aef nixosTests.dnscrypt-proxy2: Check that a UDP port is being listened on
Motivation: Ensure this test catches startup failures such as
https://github.com/NixOS/nixpkgs/issues/197443
2022-10-24 10:11:02 +11:00
Raito Bezarius
9b7dc6cb1c services/garage: init 2022-10-23 18:54:18 +02:00
Maximilian Bosch
40b7f52b8f
nextcloud25: init 2022-10-23 17:20:49 +02:00
Christian Kögler
c4e0d766b7 nixos/unitGenerator: fix generation for nspawn files 2022-10-23 15:57:55 +02:00
Linus Heckemann
21bc28110d
Merge pull request #192299 from Lassulus/bring-back-q3
nixos-tests: bring back quake3 test
2022-10-23 13:53:54 +02:00
Maximilian Bosch
f9afc634e3
Merge pull request #191768 from KFearsoff/grafana-rfc42
nixos/grafana: refactor for RFC42
2022-10-23 13:28:25 +02:00
Maximilian Bosch
dfdff2b946
nixos/tests/grafana: remove superfluous args@ 2022-10-23 13:08:45 +02:00
Julien Malka
b54ae5a868 nixos/uptime-kuma: init module 2022-10-23 12:44:16 +02:00
zowoq
15c32d0645 nixosTests.lxd: increase diskSize to 4096 2022-10-23 15:10:13 +10:00
zowoq
ee5951363a nixosTests.lxd: use stdenv.hostPlatform.system
`pkgs.system` is an alias
2022-10-23 15:10:13 +10:00
zowoq
a231a1f91c nixosTests.lxd-image-server: use stdenv.hostPlatform.system
`pkgs.system` is an alias
2022-10-23 15:10:13 +10:00
KFears
5ea8f47014 nixos/grafana: write more efficient tests 2022-10-22 23:56:15 +04:00
KFears
7908ef062f nixos/grafana: add alerting 2022-10-22 23:54:32 +04:00
KFears
34c2ea6750 nixos/grafana: deprecate notifiers 2022-10-22 23:54:31 +04:00
KFears
0852dc859e nixos/grafana: refactor datasources for RFC42
This commit refactors `services.grafana.provision.datasources` towards
the RFC42 style. To preserve backwards compatibility, we have to jump
through a ton of hoops, introducing esoteric type signatures and bizarre
structs. The Grafana module definition should hopefully become a lot
cleaner after a release cycle or two once the old configuration style is
completely deprecated.
2022-10-22 23:53:24 +04:00
Azat Bahawi
76ccbea152
nixos/endlessh: init module 2022-10-22 16:07:52 +03:00
Martin Weinelt
80fc469031 Merge remote-tracking branch 'origin/master' into staging-next 2022-10-21 22:33:42 +02:00
Luflosi
a255c43f44
nixos/kubo: convert to RFC42-style settings 2022-10-21 20:54:00 +02:00
KFears
89e30315e0 nixos/grafana: refactor dashboards for RFC42
This commit refactors `services.grafana.provision.dashboards` towards
the RFC42 style. To preserve backwards compatibility, we have to jump
through a ton of hoops, introducing esoteric type signatures and bizarre
structs. The Grafana module definition should hopefully become a lot
cleaner after a release cycle or two once the old configuration style is
completely deprecated.
2022-10-21 16:42:30 +04:00
Florian Klink
690ccd9c4a
Merge pull request #196917 from flokli/nsncd
nixos/nscd: add option to use nsncd, init nsncd
2022-10-21 11:22:17 +02:00
Florian Klink
a86e080fa4 nixosTests.nscd: add nsncd specialisation
This shows that nsncd successfully passes all the tests that we run
against glibc-nscd.
2022-10-21 09:37:18 +02:00
Florian Klink
e7bc3e7504 nixosTests.nscd: dump nscd socket info with sockdump
This dumps what's sent over the nscd socket to the console output, which
allows debugging.
2022-10-21 09:37:18 +02:00
github-actions[bot]
c434165354
Merge master into staging-next 2022-10-21 00:05:50 +00:00
Sandro
c9719e7fd6
Merge pull request #189269 from Tom-Hubrecht/ntfy-sh 2022-10-20 20:50:34 +02:00
Florian Klink
a3b07e3693 nixosTests.nscd: update subtest name and comment
test_host_lookups can be used against different daemons speaking the
nscd protocol.
2022-10-20 13:15:16 +02:00
github-actions[bot]
958cbc7d51
Merge master into staging-next 2022-10-19 18:09:25 +00:00
Martin Weinelt
5d2330ddb5
Merge pull request #195760 from jmbaur/prometheus-kea-exporter 2022-10-19 14:02:15 +02:00
Jan Tojnar
457f28f6f8 Merge branch 'master' into staging-next
; Conflicts:
;	pkgs/development/tools/codespell/default.nix

codespell 2.2.2 switched to pyproject & setuptools_scm:
https://github.com/codespell-project/codespell/pull/2523
2022-10-19 05:24:28 +02:00
Tom Hubrecht
bbf5ba11b4
nixos/ntfy-sh: init 2022-10-19 02:20:16 +02:00
Sandro
e188e93b8f
Merge pull request #196477 from MatthewCroughan/mc/stateless-cups 2022-10-18 23:22:12 +02:00
Sandro
7307c3ae6c
Merge pull request #191922 from NukaDuka/karma 2022-10-18 21:10:04 +02:00
Robert Hensing
14a822f72a
Merge pull request #196281 from hercules-ci/restore-nixos-test-dx
nixos: Restore test DX
2022-10-18 11:38:37 +02:00
matthewcroughan
a99ab1fbc1 nixos/printing: add services.printing.stateless option
This will remove all state directories related to CUPS on startup, which
is particularly useful for guaranteeing that printer discovery works
more reliably on some networks, since CUPS will no longer be able to
store state that effects the next run of the service, such as old
printer names and mDNS information.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-10-17 22:59:24 +01:00
github-actions[bot]
969a1796ef
Merge master into staging-next 2022-10-17 12:01:24 +00:00
Vladimír Čunát
8b880dd5d1
Merge #195505: nixosTests: avoid some broken ones, fix some others 2022-10-17 09:09:53 +02:00
github-actions[bot]
ab4849492d
Merge master into staging-next 2022-10-17 06:24:16 +00:00
Sarah Brofeldt
85d3faa877
Merge pull request #196218 from qowoz/k8s
kubernetes: drop e2e tests
2022-10-17 06:33:01 +02:00
github-actions[bot]
f52955a521
Merge master into staging-next 2022-10-16 18:01:42 +00:00
Maximilian Bosch
b55eefa3bd
Merge pull request #195703 from Ma27/bump-grafana
grafana: 9.1.7 -> 9.2.0
2022-10-16 19:33:14 +02:00
Robert Hensing
611f247810 nixos/tests: Generalize nix-build file.nix hack to testing-python.nix 2022-10-16 16:30:20 +02:00
github-actions[bot]
e648107a22
Merge master into staging-next 2022-10-16 06:06:19 +00:00
zowoq
d58290cffa kubernetes: drop e2e tests
these tests never worked
2022-10-16 12:38:21 +10:00
Johan Thomsen
6ec7298ead nixos/kubernetes: modularized tests 2022-10-16 10:13:05 +10:00
Martin Weinelt
51fcbf5bb7 Merge remote-tracking branch 'origin/master' into staging-next 2022-10-16 00:18:40 +02:00
Alexander Bantyev
6babc092ca
Merge pull request #196185 from mkaito/mkaito/serokell-team
maintainers: remove mkaito from serokell team
2022-10-15 23:44:14 +04:00
Azat Bahawi
e04579e7cd nixos/please: init module
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2022-10-15 07:05:10 -07:00
rnhmjoj
8a45db4fb9
nixosTests.custom-ca.midori: fix 2022-10-15 14:05:59 +02:00
Francesco Gazzetta
b6f2a1382d
nixosTests.domination: fix the test 2022-10-15 14:05:47 +02:00
Vladimír Čunát
19d127f8c8
nixosTests.cloud-init: broken = true;
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.cloud-init.x86_64-linux/all
2022-10-15 14:05:47 +02:00
Vladimír Čunát
3371c7f004
nixosTests.systemd-cryptenroll: broken = true;
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.systemd-cryptenroll.x86_64-linux/all
2022-10-15 14:05:47 +02:00
Vladimír Čunát
92cbe74537
nixosTests.terminal-emulators.contour: drop
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.terminal-emulators.contour.x86_64-linux/all
2022-10-15 14:03:25 +02:00
Vladimír Čunát
823242c42d
nixosTests.terminal-emulators.wezterm: drop
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.terminal-emulators.wezterm.x86_64-linux/all
2022-10-15 14:03:24 +02:00
Vladimír Čunát
ad2f58729a
nixosTests.mjolnir: broken = true;
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.mjolnir.x86_64-linux/all
2022-10-15 14:03:24 +02:00
Vladimír Čunát
00220b4245
nixosTests.wine.wineWowPackages-wayland: drop
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.wine.wineWowPackages-wayland.x86_64-linux/all
2022-10-15 14:03:24 +02:00
Vladimír Čunát
1e58b84405
Merge #195650: nixosTests.vscodium: fix .wayland test
... by allowing more expressions to satisfy save file dialog.
2022-10-15 13:39:15 +02:00
github-actions[bot]
4f07e7f326
Merge master into staging-next 2022-10-15 06:07:54 +00:00
zowoq
bb884d6a1e nixosTests.traefik: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
zowoq
ff30f8a429 nixosTests.podman*: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
zowoq
d50ee203f7 nixosTests.oci-containers: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
zowoq
0a8746ca85 nixosTests.{docker,docker-rootless}: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
zowoq
9286419109 nixosTests.cri-o: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
zowoq
8b4bbd6919 nixosTests.cfssl: enable on aarch64-linux 2022-10-15 14:29:46 +10:00
Benjamin Smith
e55474ecc3 requested review changes, and kafka 3.3 2022-10-14 12:52:05 -07:00
github-actions
8231febc5d Apache Kafka upgrade to 3.x 2022-10-14 12:47:06 -07:00
github-actions[bot]
14fe809072
Merge master into staging-next 2022-10-14 18:02:25 +00:00
Bernardo Meurer
71f2836fba
Merge pull request #184770 from NickCao/kernel-keyring 2022-10-14 09:46:01 -03:00
github-actions[bot]
cc090d2b94
Merge master into staging-next 2022-10-14 12:01:35 +00:00
Ninjatrappeur
8e3b02dc7d
Merge pull request #194916 from flokli/nixos-test-nscd 2022-10-14 11:54:37 +02:00
Florian Klink
dea7647814 nixosTests.nscd: drop _gateway lookups
This has shown to be flaky in the VM test, at least when running on
the aarch64 ofborg builder(s).

I assume it's some flakyness in systemd-networkd not being fully up, or
at least not up to the point that it properly replies to the _gateway
request.

This part of the test is supposed to test external (non-glibc) nss
module lookup for the host database works, which is already sufficiently
covered in the previous checks (for *.localhost). Drop these redundant
checks. We're not integration-testing networkd here.
2022-10-14 11:26:48 +02:00
Florian Klink
f08b8d6cfa nixosTests.nscd: test unscd as well
This shows that external nss module resolution is broken with unscd.
2022-10-14 10:07:11 +02:00
Martin Weinelt
c728598b84 Merge remote-tracking branch 'origin/staging-next' into staging 2022-10-13 23:29:04 +02:00
Florian Klink
d90ffb83c2
Merge pull request #195154 from veehaitch/networkd-ipv6-pd
nixos/networkd: add/adopt IPv6 options
2022-10-13 23:00:26 +02:00
github-actions[bot]
62bcf0ac62
Merge staging-next into staging 2022-10-13 12:02:06 +00:00
K900
803f180021
Merge pull request #191357 from K900/plasma-beta
Plasma 5.26.0, KDE Frameworks 5.99
2022-10-13 10:31:12 +03:00
Vladimír Čunát
00a757ed3f
Merge branch 'master' into staging 2022-10-13 08:27:55 +02:00
Vladimír Čunát
7a94322ed7
Merge #182618: GNOME 42 → 43 2022-10-13 08:14:27 +02:00
Jared Baur
5d79c93d77
nixos/prometheus-kea-exporter: Fix ExecStart arguments
The current `ExecStart` will not allow for multiple sockets to properly
be passed to the program since the extra newline character is interpreted to
be part of the socket path.
2022-10-12 20:39:09 -07:00
Artturi
e66d2fd89d
Merge pull request #194256 from Artturin/treewides2 2022-10-13 00:08:01 +03:00
Thiago Kenji Okada
b87716afc9
Merge pull request #188881 from shadaj/patch-4
nixos/restic: make it possible to use the existing backup cache for prune/check
2022-10-12 21:26:00 +01:00
Maximilian Bosch
955e01095a
grafana: 9.1.7 -> 9.2.0
ChangeLog: https://github.com/grafana/grafana/releases/tag/v9.2.0

Also fixed the test: the default value for the admin email address is
now `admin@localhost`[1].

[1] 39102c6656
2022-10-12 20:45:15 +02:00
K900
37a64594bd nixos/plasma-bigscreen: enable uinput correctly
This is required for plasma-remotecontrollers to actually work.
Make sure to also add your user to the `uinput` group.
2022-10-12 20:28:53 +03:00
Shadaj Laddad
dd34f474ed nixos/restic: make it possible to use the existing backup cache for prune/check
Configures the `--cache-dir` parameter for the prune and check commands run after backing up. For `check`, also adds a `checkOpts` flag to enable using the cache, since that is disabled by default.
2022-10-12 09:09:27 -07:00
K900
5e62c78f4b nixos/plasma5: add very basic plasma-bigscreen module 2022-10-12 17:15:56 +03:00
Patrick Hilhorst
1bb6ca7fe1
nixosTests.vscodium: allow more expressions to satisfy save file dialog
Previously was not clearing due to OCR glitch, should be more robust now. Also commented out the 'quit', which was also failing.
2022-10-12 11:38:31 +02:00
Yorick van Pelt
a5c9290979
mysql57: drop
Mysql 5.7 is not EOL yet, but is quite old and fully replaceable
by mysql 8.0 or mariadb.
2022-10-12 11:02:14 +02:00
Florian Klink
3ff0a8f840
Merge pull request #189676 from zhaofengli/cryptenroll
systemd: Fix systemd-{cryptenroll,cryptsetup} TPM2 and FIDO2 support (attempt #3)
2022-10-12 00:56:04 +02:00
Jan Tojnar
b8e21f065b librsvg: remove installed tests
Build will start failing with the following error in 2.55.1 due to `/build/librsvg-2.55.1/.libs` ending up in rpath:

    RPATH of binary /nix/store/78k70limslvxs6y98hdirbcixl3car1q-librsvg-2.55.1-installedTests/libexec/installed-tests/RSVG/api contains a forbidden reference to /build/
2022-10-11 18:52:13 +02:00
Martin Weinelt
8a6466ecd3
Merge pull request #195295 from mweinelt/networkd-ia-pd-kea 2022-10-11 15:37:05 +02:00
Martin Weinelt
d97e915faf
nixos/tests/chromium: Enable on aarch64-linux 2022-10-11 15:33:42 +02:00
Guillaume Girol
6fe43abcfc
Merge branch 'master' into tracee-use-new-wrapper 2022-10-11 09:57:23 +00:00
Martin Weinelt
5f20362a4a
nixos/tests: Use kea in networkd prefix-delegation test
With the announced EOL of the venerable ISC DHCP Server it is time to
migrate this test to Kea, it's successor.

The ISP has also received an upgrade to its interface configuration,
which now happens completely through networkd.

https://www.isc.org/blogs/isc-dhcp-eol/
2022-10-10 21:37:28 +02:00
Artturin
f4ea1208ec treewide: *Flags convert to list from str
*Flags implies a list

slightly relevant:
> stdenv: start deprecating non-list configureFlags https://github.com/NixOS/nixpkgs/pull/173172

the makeInstalledTests function in `nixos/tests/installed-tests/default.nix` isn't available outside of nixpkgs so
it's not a breaking change
2022-10-10 15:30:59 +03:00
Kartik Gokte
8d5a404437 nixos/karma: init 2022-10-10 10:46:25 +05:30
github-actions[bot]
e92f9b319a
Merge staging-next into staging 2022-10-10 00:04:21 +00:00
github-actions[bot]
535838d0a5
Merge master into staging-next 2022-10-10 00:03:49 +00:00
Martin Weinelt
a0b341d690
Merge pull request #195230 from illustris/sssd-ldap 2022-10-10 00:34:26 +02:00
illustris
51b9e2857f
nixos/sssd: fix race condition in test 2022-10-10 03:48:52 +05:30
Martin Weinelt
829f89581a
Merge pull request #181764 from mweinelt/glibc-without-libcrypt 2022-10-09 21:07:26 +02:00
github-actions[bot]
3b37795067
Merge staging-next into staging 2022-10-09 18:02:10 +00:00
github-actions[bot]
44f6a02f39
Merge master into staging-next 2022-10-09 18:01:35 +00:00
Greizgh
987d2f575a nixos/seafile: avoid sleep in tests
Replace sleep statements with wait_until_succeeds
2022-10-09 13:31:13 -04:00
Franz Pletz
32e7482074
nixos/tests/shadow: new hashes support with libxcrypt 2022-10-09 18:09:41 +02:00
Sandro
f5802f496d
Merge pull request #187026 from azahi/endlessh-go 2022-10-09 16:50:02 +02:00
github-actions[bot]
3e675d06f5
Merge staging-next into staging 2022-10-09 12:02:02 +00:00
github-actions[bot]
8972888c55
Merge master into staging-next 2022-10-09 12:01:31 +00:00
Sandro
21469bd965
Merge pull request #191198 from Moredread/nixpkgs-paperless
nixosTests.paperless: check if /metadata/ can be accessed
2022-10-09 08:49:28 +02:00
Vincent Haupert
bc8d6d8f96 nixos/networkd: DHCPv6PrefixDelegation -> DHCPPrefixDelegation
Adapt to changes introduced in Systemd 250:

> The [DHCPv6PrefixDelegation] section in .network file is renamed to
> [DHCPPrefixDelegation], as now the prefix delegation is also
> supported with DHCPv4 protocol by enabling the Use6RD= setting.

Replaces the `dhcpV6PrefixDelegationConfig` with
`dhcpPrefixDelegationConfig` and throws an error if the old option is
used.

Also adapt the respective IPv6 prefix delegation test.
2022-10-09 00:11:52 +02:00
github-actions[bot]
50515b668c
Merge staging-next into staging 2022-10-08 18:01:40 +00:00
github-actions[bot]
d2cd24fe6a
Merge master into staging-next 2022-10-08 18:01:07 +00:00
Florian Klink
1780768449
Merge pull request #194684 from oxalica/fix/systemd-oomd-test
nixos/tests/systemd-oomd: fix and follows upstream tests
2022-10-08 16:09:45 +02:00
Robert Scott
68138bfb28 nixosTests.spark: give worker node 2G of memory
test currently failing due to OOM
2022-10-08 11:55:51 +01:00
Silvan Mosberger
c36f929dee nixos/tests: Add tests for dockerTools.buildNixShellImage 2022-10-07 22:04:24 +02:00
Florian Klink
1224368495 nixosTests.nscd: init, move DynamicUser test into there
nixosTests.systemd is quite heavy, it requires a full graphical system,
which is quite a big of a rebuild if the only thing you want to test is
whether dynamic users work.

This is now moved to an `nscd` test, which tests various NSS lookups,
making extra sure that the nscd path is tested, not the fallback path
(by hiding /etc/nsswitch.conf and /etc/hosts for getent).

nixosTests.resolv is removed. It didn't check for reverse lookups,
didn't catch nscd breaking halfway in between, and also had an
ambiguous reverse lookup - 192.0.2.1 could either reverse lookup to
host-ipv4.example.net, or host-dual.example.net.
2022-10-07 14:19:56 +02:00
github-actions[bot]
0b4912d905
Merge staging-next into staging 2022-10-06 18:03:42 +00:00
github-actions[bot]
c5f0d725df
Merge master into staging-next 2022-10-06 18:03:10 +00:00
Lucas Savva
49c0fd7d60 nixos/acme: Disable lego renew sleeping
Lego has a built-in mechanism for sleeping for a random amount
of time before renewing a certificate. In our environment this
is not only unnecessary (as our systemd timer takes care of it)
but also unwanted since it slows down the execution of the
systemd service encompassing it, thus also slowing down the
start up of any services its depending on.

Also added FixedRandomDelay to the timer for more predictability.
2022-10-06 10:30:24 -04:00
Lucas Savva
657ecbca0e nixos/acme: Make account creds check more robust
Fixes #190493

Check if an actual key file exists. This does not
completely cover the work accountHash does to ensure
that a new account is registered when account
related options are changed.
2022-10-06 10:30:24 -04:00
Lucas Savva
39796cad46 nixos/acme: Fix cert renewal with built in webserver
Fixes #191794

Lego threw a permission denied error binding to port 80.
AmbientCapabilities with CAP_NET_BIND_SERVICE was required.
Also added a test for this.
2022-10-06 10:30:24 -04:00
oxalica
9fca212c84 nixos/tests/systemd-oomd: fix and follows upstream tests
The current test triggers the kernel OOM killer and doesn't work well.
2022-10-06 09:48:13 +08:00
github-actions[bot]
8a69058a29
Merge staging-next into staging 2022-10-05 18:08:07 +00:00
github-actions[bot]
939050602c
Merge master into staging-next 2022-10-05 18:07:32 +00:00
José Luis Lafuente
396f4f05b9
nixos/tmate-ssh-server: init module (#192270)
* nixos/tmate-ssh-server: init module

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2022-10-05 17:34:30 +01:00
oxalica
78f929c5a6 nixos/tests/systemd-initrd-luks-fido2: init 2022-10-05 08:22:53 -06:00
Jamie McClymont
9e9637ecb6 nixos/tests/systemd-initrd-luks-tpm2: init 2022-10-05 08:22:51 -06:00
github-actions[bot]
855f2990f1
Merge staging-next into staging 2022-10-05 12:02:14 +00:00