diff options
author | Alyssa Ross <hi@alyssa.is> | 2024-02-13 12:25:07 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2024-02-13 12:25:07 +0100 |
commit | a5e1520e4538e29ecfbd4b168306f890566d7bfd (patch) | |
tree | 28099c268b5d4b1e33c2b29f0714c45f0b961382 /nixpkgs/nixos/tests | |
parent | 822f7c15c04567fbdc27020e862ea2b70cfbf8eb (diff) | |
parent | 3560d1c8269d0091b9aae10731b5e85274b7bbc1 (diff) | |
download | nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar.gz nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar.bz2 nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar.lz nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar.xz nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.tar.zst nixlib-a5e1520e4538e29ecfbd4b168306f890566d7bfd.zip |
Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/nixos/modules/services/mail/rss2email.nix nixpkgs/pkgs/build-support/go/module.nix
Diffstat (limited to 'nixpkgs/nixos/tests')
91 files changed, 1398 insertions, 224 deletions
diff --git a/nixpkgs/nixos/tests/3proxy.nix b/nixpkgs/nixos/tests/3proxy.nix index 83d39de018a3..b80b4e166d48 100644 --- a/nixpkgs/nixos/tests/3proxy.nix +++ b/nixpkgs/nixos/tests/3proxy.nix @@ -134,6 +134,7 @@ testScript = '' start_all() + peer0.systemctl("start network-online.target") peer0.wait_for_unit("network-online.target") peer1.wait_for_unit("3proxy.service") diff --git a/nixpkgs/nixos/tests/acme.nix b/nixpkgs/nixos/tests/acme.nix index e5f2d4c7934a..272782dc2f62 100644 --- a/nixpkgs/nixos/tests/acme.nix +++ b/nixpkgs/nixos/tests/acme.nix @@ -522,6 +522,7 @@ in { 'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a' ) + acme.systemctl("start network-online.target") acme.wait_for_unit("network-online.target") acme.wait_for_unit("pebble.service") diff --git a/nixpkgs/nixos/tests/activation/etc-overlay-immutable.nix b/nixpkgs/nixos/tests/activation/etc-overlay-immutable.nix new file mode 100644 index 000000000000..70c3623b929c --- /dev/null +++ b/nixpkgs/nixos/tests/activation/etc-overlay-immutable.nix @@ -0,0 +1,30 @@ +{ lib, ... }: { + + name = "activation-etc-overlay-immutable"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { pkgs, ... }: { + system.etc.overlay.enable = true; + system.etc.overlay.mutable = false; + + # Prerequisites + systemd.sysusers.enable = true; + users.mutableUsers = false; + boot.initrd.systemd.enable = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + + specialisation.new-generation.configuration = { + environment.etc."newgen".text = "newgen"; + }; + }; + + testScript = '' + machine.succeed("findmnt --kernel --type overlay /etc") + machine.fail("stat /etc/newgen") + + machine.succeed("/run/current-system/specialisation/new-generation/bin/switch-to-configuration switch") + + assert machine.succeed("cat /etc/newgen") == "newgen" + ''; +} diff --git a/nixpkgs/nixos/tests/activation/etc-overlay-mutable.nix b/nixpkgs/nixos/tests/activation/etc-overlay-mutable.nix new file mode 100644 index 000000000000..cfe7604fceb8 --- /dev/null +++ b/nixpkgs/nixos/tests/activation/etc-overlay-mutable.nix @@ -0,0 +1,30 @@ +{ lib, ... }: { + + name = "activation-etc-overlay-mutable"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { pkgs, ... }: { + system.etc.overlay.enable = true; + system.etc.overlay.mutable = true; + + # Prerequisites + boot.initrd.systemd.enable = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + + specialisation.new-generation.configuration = { + environment.etc."newgen".text = "newgen"; + }; + }; + + testScript = '' + machine.succeed("findmnt --kernel --type overlay /etc") + machine.fail("stat /etc/newgen") + machine.succeed("echo -n 'mutable' > /etc/mutable") + + machine.succeed("/run/current-system/specialisation/new-generation/bin/switch-to-configuration switch") + + assert machine.succeed("cat /etc/newgen") == "newgen" + assert machine.succeed("cat /etc/mutable") == "mutable" + ''; +} diff --git a/nixpkgs/nixos/tests/activation/perlless.nix b/nixpkgs/nixos/tests/activation/perlless.nix new file mode 100644 index 000000000000..4d784b4542f4 --- /dev/null +++ b/nixpkgs/nixos/tests/activation/perlless.nix @@ -0,0 +1,24 @@ +{ lib, ... }: + +{ + + name = "activation-perlless"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { pkgs, modulesPath, ... }: { + imports = [ "${modulesPath}/profiles/perlless.nix" ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + + virtualisation.mountHostNixStore = false; + virtualisation.useNixStoreImage = true; + }; + + testScript = '' + perl_store_paths = machine.succeed("ls /nix/store | grep perl || true") + print(perl_store_paths) + assert len(perl_store_paths) == 0 + ''; + +} diff --git a/nixpkgs/nixos/tests/adguardhome.nix b/nixpkgs/nixos/tests/adguardhome.nix index a6f790b83f5f..80613ce82534 100644 --- a/nixpkgs/nixos/tests/adguardhome.nix +++ b/nixpkgs/nixos/tests/adguardhome.nix @@ -126,6 +126,7 @@ with subtest("Testing successful DHCP start"): dhcpConf.wait_for_unit("adguardhome.service") + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") # Test IP assignment via DHCP dhcpConf.wait_until_succeeds("ping -c 5 10.0.10.100") diff --git a/nixpkgs/nixos/tests/all-tests.nix b/nixpkgs/nixos/tests/all-tests.nix index 25ee587e8f7a..31af6ec64214 100644 --- a/nixpkgs/nixos/tests/all-tests.nix +++ b/nixpkgs/nixos/tests/all-tests.nix @@ -242,7 +242,7 @@ in { discourse = handleTest ./discourse.nix {}; dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {}; dnscrypt-wrapper = runTestOn ["x86_64-linux"] ./dnscrypt-wrapper; - dnsdist = handleTest ./dnsdist.nix {}; + dnsdist = import ./dnsdist.nix { inherit pkgs runTest; }; doas = handleTest ./doas.nix {}; docker = handleTestOn ["aarch64-linux" "x86_64-linux"] ./docker.nix {}; docker-rootless = handleTestOn ["aarch64-linux" "x86_64-linux"] ./docker-rootless.nix {}; @@ -285,6 +285,9 @@ in { activation = pkgs.callPackage ../modules/system/activation/test.nix { }; activation-var = runTest ./activation/var.nix; activation-nix-channel = runTest ./activation/nix-channel.nix; + activation-etc-overlay-mutable = runTest ./activation/etc-overlay-mutable.nix; + activation-etc-overlay-immutable = runTest ./activation/etc-overlay-immutable.nix; + activation-perlless = runTest ./activation/perlless.nix; etcd = handleTestOn ["x86_64-linux"] ./etcd.nix {}; etcd-cluster = handleTestOn ["x86_64-linux"] ./etcd-cluster.nix {}; etebase-server = handleTest ./etebase-server.nix {}; @@ -298,6 +301,7 @@ in { fenics = handleTest ./fenics.nix {}; ferm = handleTest ./ferm.nix {}; ferretdb = handleTest ./ferretdb.nix {}; + filesystems-overlayfs = runTest ./filesystems-overlayfs.nix; firefox = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox; }; firefox-beta = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-beta; }; firefox-devedition = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-devedition; }; @@ -387,6 +391,7 @@ in { installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {}); invidious = handleTest ./invidious.nix {}; livebook-service = handleTest ./livebook-service.nix {}; + pyload = handleTest ./pyload.nix {}; oci-containers = handleTestOn ["aarch64-linux" "x86_64-linux"] ./oci-containers.nix {}; odoo = handleTest ./odoo.nix {}; odoo15 = handleTest ./odoo.nix { package = pkgs.odoo15; }; @@ -421,6 +426,7 @@ in { inspircd = handleTest ./inspircd.nix {}; installer = handleTest ./installer.nix {}; installer-systemd-stage-1 = handleTest ./installer-systemd-stage-1.nix {}; + intune = handleTest ./intune.nix {}; invoiceplane = handleTest ./invoiceplane.nix {}; iodine = handleTest ./iodine.nix {}; ipv6 = handleTest ./ipv6.nix {}; @@ -448,6 +454,7 @@ in { kerberos = handleTest ./kerberos/default.nix {}; kernel-generic = handleTest ./kernel-generic.nix {}; kernel-latest-ath-user-regd = handleTest ./kernel-latest-ath-user-regd.nix {}; + kernel-rust = handleTestOn ["x86_64-linux"] ./kernel-rust.nix {}; keter = handleTest ./keter.nix {}; kexec = handleTest ./kexec.nix {}; keycloak = discoverTests (import ./keycloak.nix); @@ -569,8 +576,8 @@ in { netdata = handleTest ./netdata.nix {}; networking.networkd = handleTest ./networking.nix { networkd = true; }; networking.scripted = handleTest ./networking.nix { networkd = false; }; - netbox_3_5 = handleTest ./web-apps/netbox.nix { netbox = pkgs.netbox_3_5; }; netbox_3_6 = handleTest ./web-apps/netbox.nix { netbox = pkgs.netbox_3_6; }; + netbox_3_7 = handleTest ./web-apps/netbox.nix { netbox = pkgs.netbox_3_7; }; netbox-upgrade = handleTest ./web-apps/netbox-upgrade.nix {}; # TODO: put in networking.nix after the test becomes more complete networkingProxy = handleTest ./networking-proxy.nix {}; @@ -587,6 +594,7 @@ in { nginx-globalredirect = handleTest ./nginx-globalredirect.nix {}; nginx-http3 = handleTest ./nginx-http3.nix {}; nginx-modsecurity = handleTest ./nginx-modsecurity.nix {}; + nginx-moreheaders = handleTest ./nginx-moreheaders.nix {}; nginx-njs = handleTest ./nginx-njs.nix {}; nginx-proxyprotocol = handleTest ./nginx-proxyprotocol {}; nginx-pubhtml = handleTest ./nginx-pubhtml.nix {}; @@ -621,6 +629,7 @@ in { ntfy-sh = handleTest ./ntfy-sh.nix {}; ntfy-sh-migration = handleTest ./ntfy-sh-migration.nix {}; ntpd-rs = handleTest ./ntpd-rs.nix {}; + nvmetcfg = handleTest ./nvmetcfg.nix {}; nzbget = handleTest ./nzbget.nix {}; nzbhydra2 = handleTest ./nzbhydra2.nix {}; oh-my-zsh = handleTest ./oh-my-zsh.nix {}; @@ -707,6 +716,7 @@ in { power-profiles-daemon = handleTest ./power-profiles-daemon.nix {}; pppd = handleTest ./pppd.nix {}; predictable-interface-names = handleTest ./predictable-interface-names.nix {}; + pretalx = runTest ./web-apps/pretalx.nix; printing-socket = handleTest ./printing.nix { socket = true; }; printing-service = handleTest ./printing.nix { socket = false; }; privoxy = handleTest ./privoxy.nix {}; @@ -757,6 +767,7 @@ in { sabnzbd = handleTest ./sabnzbd.nix {}; samba = handleTest ./samba.nix {}; samba-wsdd = handleTest ./samba-wsdd.nix {}; + sane = handleTest ./sane.nix {}; sanoid = handleTest ./sanoid.nix {}; scaphandre = handleTest ./scaphandre.nix {}; schleuder = handleTest ./schleuder.nix {}; @@ -808,6 +819,7 @@ in { stunnel = handleTest ./stunnel.nix {}; sudo = handleTest ./sudo.nix {}; sudo-rs = handleTest ./sudo-rs.nix {}; + suwayomi-server = handleTest ./suwayomi-server.nix {}; swap-file-btrfs = handleTest ./swap-file-btrfs.nix {}; swap-partition = handleTest ./swap-partition.nix {}; swap-random-encryption = handleTest ./swap-random-encryption.nix {}; @@ -850,6 +862,7 @@ in { systemd-journal = handleTest ./systemd-journal.nix {}; systemd-journal-gateway = handleTest ./systemd-journal-gateway.nix {}; systemd-journal-upload = handleTest ./systemd-journal-upload.nix {}; + systemd-lock-handler = runTestOn ["aarch64-linux" "x86_64-linux"] ./systemd-lock-handler.nix; systemd-machinectl = handleTest ./systemd-machinectl.nix {}; systemd-networkd = handleTest ./systemd-networkd.nix {}; systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {}; @@ -864,6 +877,8 @@ in { systemd-repart = handleTest ./systemd-repart.nix {}; systemd-shutdown = handleTest ./systemd-shutdown.nix {}; systemd-sysupdate = runTest ./systemd-sysupdate.nix; + systemd-sysusers-mutable = runTest ./systemd-sysusers-mutable.nix; + systemd-sysusers-immutable = runTest ./systemd-sysusers-immutable.nix; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-timesyncd-nscd-dnssec = handleTest ./systemd-timesyncd-nscd-dnssec.nix {}; systemd-user-tmpfiles-rules = handleTest ./systemd-user-tmpfiles-rules.nix {}; @@ -903,6 +918,7 @@ in { trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {}; tsja = handleTest ./tsja.nix {}; tsm-client-gui = handleTest ./tsm-client-gui.nix {}; + ttyd = handleTest ./web-servers/ttyd.nix {}; txredisapi = handleTest ./txredisapi.nix {}; tuptime = handleTest ./tuptime.nix {}; turbovnc-headless-server = handleTest ./turbovnc-headless-server.nix {}; @@ -919,6 +935,7 @@ in { upnp.nftables = handleTest ./upnp.nix { useNftables = true; }; uptermd = handleTest ./uptermd.nix {}; uptime-kuma = handleTest ./uptime-kuma.nix {}; + urn-timer = handleTest ./urn-timer.nix {}; usbguard = handleTest ./usbguard.nix {}; user-activation-scripts = handleTest ./user-activation-scripts.nix {}; user-expiry = runTest ./user-expiry.nix; @@ -942,6 +959,7 @@ in { vsftpd = handleTest ./vsftpd.nix {}; warzone2100 = handleTest ./warzone2100.nix {}; wasabibackend = handleTest ./wasabibackend.nix {}; + watchdogd = handleTest ./watchdogd.nix {}; webhook = runTest ./webhook.nix; wiki-js = handleTest ./wiki-js.nix {}; wine = handleTest ./wine.nix {}; diff --git a/nixpkgs/nixos/tests/appliance-repart-image.nix b/nixpkgs/nixos/tests/appliance-repart-image.nix index 3f256db84621..861369b9f3ca 100644 --- a/nixpkgs/nixos/tests/appliance-repart-image.nix +++ b/nixpkgs/nixos/tests/appliance-repart-image.nix @@ -8,9 +8,8 @@ let rootPartitionLabel = "root"; - bootLoaderConfigPath = "/loader/entries/nixos.conf"; - kernelPath = "/EFI/nixos/kernel.efi"; - initrdPath = "/EFI/nixos/initrd.efi"; + imageId = "nixos-appliance"; + imageVersion = "1-rc1"; in { name = "appliance-gpt-image"; @@ -29,6 +28,9 @@ in # TODO(raitobezarius): revisit this when #244907 lands boot.loader.grub.enable = false; + system.image.id = imageId; + system.image.version = imageVersion; + virtualisation.fileSystems = lib.mkForce { "/" = { device = "/dev/disk/by-partlabel/${rootPartitionLabel}"; @@ -38,6 +40,8 @@ in image.repart = { name = "appliance-gpt-image"; + # OVMF does not work with the default repart sector size of 4096 + sectorSize = 512; partitions = { "esp" = { contents = @@ -48,19 +52,8 @@ in "/EFI/BOOT/BOOT${lib.toUpper efiArch}.EFI".source = "${pkgs.systemd}/lib/systemd/boot/efi/systemd-boot${efiArch}.efi"; - # TODO: create an abstraction for Boot Loader Specification (BLS) entries. - "${bootLoaderConfigPath}".source = pkgs.writeText "nixos.conf" '' - title NixOS - linux ${kernelPath} - initrd ${initrdPath} - options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} - ''; - - "${kernelPath}".source = - "${config.boot.kernelPackages.kernel}/${config.system.boot.loader.kernelFile}"; - - "${initrdPath}".source = - "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}"; + "/EFI/Linux/${config.system.boot.loader.ukiFile}".source = + "${config.system.build.uki}/${config.system.boot.loader.ukiFile}"; }; repartConfig = { Type = "esp"; @@ -99,7 +92,7 @@ in "-f", "qcow2", "-b", - "${nodes.machine.system.build.image}/image.raw", + "${nodes.machine.system.build.image}/${nodes.machine.image.repart.imageFile}", "-F", "raw", tmp_disk_image.name, @@ -108,9 +101,11 @@ in # Set NIX_DISK_IMAGE so that the qemu script finds the right disk image. os.environ['NIX_DISK_IMAGE'] = tmp_disk_image.name + os_release = machine.succeed("cat /etc/os-release") + assert 'IMAGE_ID="${imageId}"' in os_release + assert 'IMAGE_VERSION="${imageVersion}"' in os_release + bootctl_status = machine.succeed("bootctl status") - assert "${bootLoaderConfigPath}" in bootctl_status - assert "${kernelPath}" in bootctl_status - assert "${initrdPath}" in bootctl_status + assert "Boot Loader Specification Type #2 (.efi)" in bootctl_status ''; } diff --git a/nixpkgs/nixos/tests/ayatana-indicators.nix b/nixpkgs/nixos/tests/ayatana-indicators.nix index bc7ff75f390f..a7de640f9e37 100644 --- a/nixpkgs/nixos/tests/ayatana-indicators.nix +++ b/nixpkgs/nixos/tests/ayatana-indicators.nix @@ -4,7 +4,7 @@ in { name = "ayatana-indicators"; meta = { - maintainers = with lib.maintainers; [ OPNA2608 ]; + maintainers = lib.teams.lomiri.members; }; nodes.machine = { config, ... }: { @@ -27,17 +27,57 @@ in { services.ayatana-indicators = { enable = true; packages = with pkgs; [ + ayatana-indicator-datetime ayatana-indicator-messages - ]; + ayatana-indicator-session + ] ++ (with pkgs.lomiri; [ + lomiri-indicator-network + telephony-service + ]); }; - # Services needed by some indicators + # Setup needed by some indicators + services.accounts-daemon.enable = true; # messages + + # Lomiri-ish setup for Lomiri indicators + # TODO move into a Lomiri module, once the package set is far enough for the DE to start + + networking.networkmanager.enable = true; # lomiri-network-indicator + # TODO potentially urfkill for lomiri-network-indicator? + + services.dbus.packages = with pkgs.lomiri; [ + libusermetrics + ]; + + environment.systemPackages = with pkgs.lomiri; [ + lomiri-schemas + ]; + + services.telepathy.enable = true; + + users.users.usermetrics = { + group = "usermetrics"; + home = "/var/lib/usermetrics"; + createHome = true; + isSystemUser = true; + }; + + users.groups.usermetrics = { }; }; # TODO session indicator starts up in a semi-broken state, but works fine after a restart. maybe being started before graphical session is truly up & ready? testScript = { nodes, ... }: let - runCommandPerIndicatorService = command: lib.strings.concatMapStringsSep "\n" command nodes.machine.systemd.user.targets."ayatana-indicators".wants; + runCommandOverServiceList = list: command: + lib.strings.concatMapStringsSep "\n" command list; + + runCommandOverAyatanaIndicators = runCommandOverServiceList + (builtins.filter + (service: !(lib.strings.hasPrefix "lomiri" service || lib.strings.hasPrefix "telephony-service" service)) + nodes.machine.systemd.user.targets."ayatana-indicators".wants); + + runCommandOverAllIndicators = runCommandOverServiceList + nodes.machine.systemd.user.targets."ayatana-indicators".wants; in '' start_all() machine.wait_for_x() @@ -50,8 +90,8 @@ in { machine.sleep(10) # Now check if all indicators were brought up successfully, and kill them for later - '' + (runCommandPerIndicatorService (service: let serviceExec = builtins.replaceStrings [ "." ] [ "-" ] service; in '' - machine.succeed("pgrep -f ${serviceExec}") + '' + (runCommandOverAyatanaIndicators (service: let serviceExec = builtins.replaceStrings [ "." ] [ "-" ] service; in '' + machine.succeed("pgrep -u ${user} -f ${serviceExec}") machine.succeed("pkill -f ${serviceExec}") '')) + '' @@ -65,7 +105,7 @@ in { machine.sleep(10) # Now check if all indicator services were brought up successfully - '' + runCommandPerIndicatorService (service: '' + '' + runCommandOverAllIndicators (service: '' machine.wait_for_unit("${service}", "${user}") ''); }) diff --git a/nixpkgs/nixos/tests/babeld.nix b/nixpkgs/nixos/tests/babeld.nix index d4df6f86d089..e497aa5b64e1 100644 --- a/nixpkgs/nixos/tests/babeld.nix +++ b/nixpkgs/nixos/tests/babeld.nix @@ -120,10 +120,6 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : { '' start_all() - client.wait_for_unit("network-online.target") - local_router.wait_for_unit("network-online.target") - remote_router.wait_for_unit("network-online.target") - local_router.wait_for_unit("babeld.service") remote_router.wait_for_unit("babeld.service") diff --git a/nixpkgs/nixos/tests/bittorrent.nix b/nixpkgs/nixos/tests/bittorrent.nix index 4a73fea6a09d..473b05d4c98e 100644 --- a/nixpkgs/nixos/tests/bittorrent.nix +++ b/nixpkgs/nixos/tests/bittorrent.nix @@ -115,6 +115,7 @@ in start_all() # Wait for network and miniupnpd. + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") router.wait_for_unit("miniupnpd") @@ -129,6 +130,7 @@ in tracker.succeed("chmod 644 /tmp/test.torrent") # Start the tracker. !!! use a less crappy tracker + tracker.systemctl("start network-online.target") tracker.wait_for_unit("network-online.target") tracker.wait_for_unit("opentracker.service") tracker.wait_for_open_port(6969) @@ -140,6 +142,7 @@ in # Now we should be able to download from the client behind the NAT. tracker.wait_for_unit("httpd") + client1.systemctl("start network-online.target") client1.wait_for_unit("network-online.target") client1.succeed("transmission-remote --add http://${externalTrackerAddress}/test.torrent >&2 &") client1.wait_for_file("${download-dir}/test.tar.bz2") @@ -152,6 +155,7 @@ in # Now download from the second client. This can only succeed if # the first client created a NAT hole in the router. + client2.systemctl("start network-online.target") client2.wait_for_unit("network-online.target") client2.succeed( "transmission-remote --add http://${externalTrackerAddress}/test.torrent --no-portmap --no-dht >&2 &" diff --git a/nixpkgs/nixos/tests/budgie.nix b/nixpkgs/nixos/tests/budgie.nix index 19d9b2bd0bed..fe0ed2cf80ed 100644 --- a/nixpkgs/nixos/tests/budgie.nix +++ b/nixpkgs/nixos/tests/budgie.nix @@ -33,14 +33,13 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { '' with subtest("Wait for login"): # wait_for_x() checks graphical-session.target, which is expected to be - # inactive on Budgie before #228946 (i.e. systemd managed gnome-session) is - # done on upstream. - # https://github.com/BuddiesOfBudgie/budgie-desktop/blob/v10.7.2/src/session/budgie-desktop.in#L16 + # inactive on Budgie before Budgie manages user session with systemd. + # https://github.com/BuddiesOfBudgie/budgie-desktop/blob/39e9f0895c978f76/src/session/budgie-desktop.in#L16 # # Previously this was unconditionally touched by xsessionWrapper but was # changed in #233981 (we have Budgie:GNOME in XDG_CURRENT_DESKTOP). # machine.wait_for_x() - machine.wait_until_succeeds('journalctl -t gnome-session-binary --grep "Entering running state"') + machine.wait_until_succeeds('journalctl -t budgie-session-binary --grep "Entering running state"') machine.wait_for_file("${user.home}/.Xauthority") machine.succeed("xauth merge ${user.home}/.Xauthority") diff --git a/nixpkgs/nixos/tests/buildbot.nix b/nixpkgs/nixos/tests/buildbot.nix index 2f6926313b7c..149d73bba09c 100644 --- a/nixpkgs/nixos/tests/buildbot.nix +++ b/nixpkgs/nixos/tests/buildbot.nix @@ -71,6 +71,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { gitrepo.wait_for_unit("multi-user.target") with subtest("Repo is accessible via git daemon"): + bbmaster.systemctl("start network-online.target") bbmaster.wait_for_unit("network-online.target") bbmaster.succeed("rm -rfv /tmp/fakerepo") bbmaster.succeed("git clone git://gitrepo/fakerepo /tmp/fakerepo") @@ -78,6 +79,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { with subtest("Master service and worker successfully connect"): bbmaster.wait_for_unit("buildbot-master.service") bbmaster.wait_until_succeeds("curl --fail -s --head http://bbmaster:8010") + bbworker.systemctl("start network-online.target") bbworker.wait_for_unit("network-online.target") bbworker.succeed("nc -z bbmaster 8010") bbworker.succeed("nc -z bbmaster 9989") diff --git a/nixpkgs/nixos/tests/ceph-multi-node.nix b/nixpkgs/nixos/tests/ceph-multi-node.nix index 556546beee76..b1352a4bc8f4 100644 --- a/nixpkgs/nixos/tests/ceph-multi-node.nix +++ b/nixpkgs/nixos/tests/ceph-multi-node.nix @@ -185,6 +185,14 @@ let monA.succeed( "ceph osd pool create multi-node-test 32 32", "ceph osd pool ls | grep 'multi-node-test'", + + # We need to enable an application on the pool, otherwise it will + # stay unhealthy in state POOL_APP_NOT_ENABLED. + # Creating a CephFS would do this automatically, but we haven't done that here. + # See: https://docs.ceph.com/en/reef/rados/operations/pools/#associating-a-pool-with-an-application + # We use the custom application name "nixos-test" for this. + "ceph osd pool application enable multi-node-test nixos-test", + "ceph osd pool rename multi-node-test multi-node-other-test", "ceph osd pool ls | grep 'multi-node-other-test'", ) diff --git a/nixpkgs/nixos/tests/ceph-single-node-bluestore.nix b/nixpkgs/nixos/tests/ceph-single-node-bluestore.nix index acaae4cf300e..8bd1a78244a2 100644 --- a/nixpkgs/nixos/tests/ceph-single-node-bluestore.nix +++ b/nixpkgs/nixos/tests/ceph-single-node-bluestore.nix @@ -145,6 +145,14 @@ let monA.succeed( "ceph osd pool create single-node-test 32 32", "ceph osd pool ls | grep 'single-node-test'", + + # We need to enable an application on the pool, otherwise it will + # stay unhealthy in state POOL_APP_NOT_ENABLED. + # Creating a CephFS would do this automatically, but we haven't done that here. + # See: https://docs.ceph.com/en/reef/rados/operations/pools/#associating-a-pool-with-an-application + # We use the custom application name "nixos-test" for this. + "ceph osd pool application enable single-node-test nixos-test", + "ceph osd pool rename single-node-test single-node-other-test", "ceph osd pool ls | grep 'single-node-other-test'", ) diff --git a/nixpkgs/nixos/tests/ceph-single-node.nix b/nixpkgs/nixos/tests/ceph-single-node.nix index a3a4072365af..c34ec511dc6d 100644 --- a/nixpkgs/nixos/tests/ceph-single-node.nix +++ b/nixpkgs/nixos/tests/ceph-single-node.nix @@ -145,6 +145,14 @@ let monA.succeed( "ceph osd pool create single-node-test 32 32", "ceph osd pool ls | grep 'single-node-test'", + + # We need to enable an application on the pool, otherwise it will + # stay unhealthy in state POOL_APP_NOT_ENABLED. + # Creating a CephFS would do this automatically, but we haven't done that here. + # See: https://docs.ceph.com/en/reef/rados/operations/pools/#associating-a-pool-with-an-application + # We use the custom application name "nixos-test" for this. + "ceph osd pool application enable single-node-test nixos-test", + "ceph osd pool rename single-node-test single-node-other-test", "ceph osd pool ls | grep 'single-node-other-test'", ) @@ -182,19 +190,16 @@ let monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") - # This test has been commented out due to the upstream issue with pyo3 - # that has broken this dashboard - # Reference: https://www.spinics.net/lists/ceph-users/msg77812.html # Enable the dashboard and recheck health - # monA.succeed( - # "ceph mgr module enable dashboard", - # "ceph config set mgr mgr/dashboard/ssl false", - # # default is 8080 but it's better to be explicit - # "ceph config set mgr mgr/dashboard/server_port 8080", - # ) - # monA.wait_for_open_port(8080) - # monA.wait_until_succeeds("curl -q --fail http://localhost:8080") - # monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + monA.succeed( + "ceph mgr module enable dashboard", + "ceph config set mgr mgr/dashboard/ssl false", + # default is 8080 but it's better to be explicit + "ceph config set mgr mgr/dashboard/server_port 8080", + ) + monA.wait_for_open_port(8080) + monA.wait_until_succeeds("curl -q --fail http://localhost:8080") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") ''; in { name = "basic-single-node-ceph-cluster"; diff --git a/nixpkgs/nixos/tests/cinnamon-wayland.nix b/nixpkgs/nixos/tests/cinnamon-wayland.nix index 824a606004cc..1629ead16f41 100644 --- a/nixpkgs/nixos/tests/cinnamon-wayland.nix +++ b/nixpkgs/nixos/tests/cinnamon-wayland.nix @@ -64,7 +64,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { # This is not supported at the moment. # https://trello.com/b/HHs01Pab/cinnamon-wayland machine.execute("${su "cinnamon-screensaver-command -l >&2 &"}") - machine.wait_until_succeeds("journalctl -b --grep 'Cinnamon Screensaver is unavailable on Wayland'") + machine.wait_until_succeeds("journalctl -b --grep 'cinnamon-screensaver is disabled in wayland sessions'") with subtest("Open GNOME Terminal"): machine.succeed("${su "dbus-launch gnome-terminal"}") diff --git a/nixpkgs/nixos/tests/cloud-init.nix b/nixpkgs/nixos/tests/cloud-init.nix index 786e01add7d4..0b4c5a55c80a 100644 --- a/nixpkgs/nixos/tests/cloud-init.nix +++ b/nixpkgs/nixos/tests/cloud-init.nix @@ -73,6 +73,7 @@ in makeTest { }; testScript = '' # To wait until cloud-init terminates its run + unnamed.wait_for_unit("cloud-init-local.service") unnamed.wait_for_unit("cloud-final.service") unnamed.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'") diff --git a/nixpkgs/nixos/tests/corerad.nix b/nixpkgs/nixos/tests/corerad.nix index b6f5d7fc6f75..dd2bec794a1a 100644 --- a/nixpkgs/nixos/tests/corerad.nix +++ b/nixpkgs/nixos/tests/corerad.nix @@ -56,6 +56,8 @@ import ./make-test-python.nix ( with subtest("Wait for CoreRAD and network ready"): # Ensure networking is online and CoreRAD is ready. + router.systemctl("start network-online.target") + client.systemctl("start network-online.target") router.wait_for_unit("network-online.target") client.wait_for_unit("network-online.target") router.wait_for_unit("corerad.service") diff --git a/nixpkgs/nixos/tests/curl-impersonate.nix b/nixpkgs/nixos/tests/curl-impersonate.nix index 7954e9e5584c..33b10da1dfd0 100644 --- a/nixpkgs/nixos/tests/curl-impersonate.nix +++ b/nixpkgs/nixos/tests/curl-impersonate.nix @@ -144,6 +144,8 @@ in { start_all() with subtest("Wait for network"): + web.systemctl("start network-online.target") + curl.systemctl("start network-online.target") web.wait_for_unit("network-online.target") curl.wait_for_unit("network-online.target") diff --git a/nixpkgs/nixos/tests/dnsdist.nix b/nixpkgs/nixos/tests/dnsdist.nix index e72fa05ff282..9921be419a75 100644 --- a/nixpkgs/nixos/tests/dnsdist.nix +++ b/nixpkgs/nixos/tests/dnsdist.nix @@ -1,48 +1,113 @@ -import ./make-test-python.nix ( - { pkgs, ... }: { - name = "dnsdist"; - meta = with pkgs.lib; { - maintainers = with maintainers; [ jojosch ]; - }; +{ pkgs, runTest }: - nodes.machine = { pkgs, lib, ... }: { - services.bind = { - enable = true; - extraOptions = "empty-zones-enable no;"; - zones = lib.singleton { - name = "."; - master = true; - file = pkgs.writeText "root.zone" '' - $TTL 3600 - . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d ) - . IN NS ns.example.org. - - ns.example.org. IN A 192.168.0.1 - ns.example.org. IN AAAA abcd::1 - - 1.0.168.192.in-addr.arpa IN PTR ns.example.org. - ''; - }; - }; - services.dnsdist = { - enable = true; - listenPort = 5353; - extraConfig = '' - newServer({address="127.0.0.1:53", name="local-bind"}) +let + + inherit (pkgs) lib; + + baseConfig = { + networking.nameservers = [ "::1" ]; + services.bind = { + enable = true; + extraOptions = "empty-zones-enable no;"; + zones = lib.singleton { + name = "."; + master = true; + file = pkgs.writeText "root.zone" '' + $TTL 3600 + . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d ) + . IN NS ns.example.org. + + ns.example.org. IN A 192.168.0.1 + ns.example.org. IN AAAA abcd::1 + + 1.0.168.192.in-addr.arpa IN PTR ns.example.org. ''; }; - - environment.systemPackages = with pkgs; [ dig ]; }; + services.dnsdist = { + enable = true; + listenPort = 5353; + extraConfig = '' + newServer({address="127.0.0.1:53", name="local-bind"}) + ''; + }; + }; + +in + +{ + + base = runTest { + name = "dnsdist-base"; + meta.maintainers = with lib.maintainers; [ jojosch ]; + + nodes.machine = baseConfig; testScript = '' machine.wait_for_unit("bind.service") machine.wait_for_open_port(53) - machine.succeed("dig @127.0.0.1 +short -x 192.168.0.1 | grep -qF ns.example.org") + machine.succeed("host -p 53 192.168.0.1 | grep -qF ns.example.org") machine.wait_for_unit("dnsdist.service") machine.wait_for_open_port(5353) - machine.succeed("dig @127.0.0.1 -p 5353 +short -x 192.168.0.1 | grep -qF ns.example.org") + machine.succeed("host -p 5353 192.168.0.1 | grep -qF ns.example.org") + ''; + }; + + dnscrypt = runTest { + name = "dnsdist-dnscrypt"; + meta.maintainers = with lib.maintainers; [ rnhmjoj ]; + + nodes.server = lib.mkMerge [ + baseConfig + { + networking.firewall.allowedTCPPorts = [ 443 ]; + networking.firewall.allowedUDPPorts = [ 443 ]; + services.dnsdist.dnscrypt.enable = true; + services.dnsdist.dnscrypt.providerKey = "${./dnscrypt-wrapper/secret.key}"; + } + ]; + + nodes.client = { + services.dnscrypt-proxy2.enable = true; + services.dnscrypt-proxy2.upstreamDefaults = false; + services.dnscrypt-proxy2.settings = + { server_names = [ "server" ]; + listen_addresses = [ "[::1]:53" ]; + cache = false; + # Computed using https://dnscrypt.info/stamps/ + static.server.stamp = + "sdns://AQAAAAAAAAAADzE5Mi4xNjguMS4yOjQ0MyAUQdg6_RIIpK6pHkINhrv7nxwIG5c7b_m5NJVT3A1AXRYyLmRuc2NyeXB0LWNlcnQuc2VydmVy"; + }; + networking.nameservers = [ "::1" ]; + }; + + testScript = '' + with subtest("The DNSCrypt server is accepting connections"): + server.wait_for_unit("bind.service") + server.wait_for_unit("dnsdist.service") + server.wait_for_open_port(443) + almost_expiration = server.succeed("date --date '14min'").strip() + + with subtest("The DNSCrypt client can connect to the server"): + client.wait_until_succeeds("journalctl -u dnscrypt-proxy2 --grep '\[server\] OK'") + + with subtest("DNS queries over UDP are working"): + client.wait_for_open_port(53) + client.succeed("host -U 192.168.0.1 | grep -qF ns.example.org") + + with subtest("DNS queries over TCP are working"): + client.wait_for_open_port(53) + client.succeed("host -T 192.168.0.1 | grep -qF ns.example.org") + + with subtest("The server rotates the ephemeral keys"): + server.succeed(f"date -s '{almost_expiration}'") + client.succeed(f"date -s '{almost_expiration}'") + server.wait_until_succeeds("journalctl -u dnsdist --grep 'rotated certificate'") + + with subtest("The client can still connect to the server"): + client.wait_until_succeeds("host -T 192.168.0.1") + client.wait_until_succeeds("host -U 192.168.0.1") ''; - } -) + }; +} diff --git a/nixpkgs/nixos/tests/dolibarr.nix b/nixpkgs/nixos/tests/dolibarr.nix index 4fdee9e9698f..95557d317fab 100644 --- a/nixpkgs/nixos/tests/dolibarr.nix +++ b/nixpkgs/nixos/tests/dolibarr.nix @@ -1,6 +1,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "dolibarr"; - meta.maintainers = [ lib.maintainers.raitobezarius ]; + meta.maintainers = [ ]; nodes.machine = { ... }: diff --git a/nixpkgs/nixos/tests/elk.nix b/nixpkgs/nixos/tests/elk.nix index 900ea6320100..b5a8cb532ae0 100644 --- a/nixpkgs/nixos/tests/elk.nix +++ b/nixpkgs/nixos/tests/elk.nix @@ -1,6 +1,6 @@ # To run the test on the unfree ELK use the following command: # cd path/to/nixpkgs -# NIXPKGS_ALLOW_UNFREE=1 nix-build -A nixosTests.elk.unfree.ELK-6 +# NIXPKGS_ALLOW_UNFREE=1 nix-build -A nixosTests.elk.unfree.ELK-7 { system ? builtins.currentSystem, config ? {}, @@ -120,7 +120,7 @@ let }; elasticsearch-curator = { - enable = true; + enable = elk ? elasticsearch-curator; actionYAML = '' --- actions: @@ -246,7 +246,7 @@ let one.wait_until_succeeds( expect_hits("SuperdupercalifragilisticexpialidociousIndeed") ) - '' + '' + '' + lib.optionalString (elk ? elasticsearch-curator) '' with subtest("Elasticsearch-curator works"): one.systemctl("stop logstash") one.systemctl("start elasticsearch-curator") diff --git a/nixpkgs/nixos/tests/ferm.nix b/nixpkgs/nixos/tests/ferm.nix index be43877445eb..87c67ac62347 100644 --- a/nixpkgs/nixos/tests/ferm.nix +++ b/nixpkgs/nixos/tests/ferm.nix @@ -55,6 +55,8 @@ import ./make-test-python.nix ({ pkgs, ...} : { '' start_all() + client.systemctl("start network-online.target") + server.systemctl("start network-online.target") client.wait_for_unit("network-online.target") server.wait_for_unit("network-online.target") server.wait_for_unit("ferm.service") diff --git a/nixpkgs/nixos/tests/filesystems-overlayfs.nix b/nixpkgs/nixos/tests/filesystems-overlayfs.nix new file mode 100644 index 000000000000..d7cbf640abe4 --- /dev/null +++ b/nixpkgs/nixos/tests/filesystems-overlayfs.nix @@ -0,0 +1,89 @@ +{ lib, pkgs, ... }: + +let + initrdLowerdir = pkgs.runCommand "initrd-lowerdir" { } '' + mkdir -p $out + echo "initrd" > $out/initrd.txt + ''; + initrdLowerdir2 = pkgs.runCommand "initrd-lowerdir-2" { } '' + mkdir -p $out + echo "initrd2" > $out/initrd2.txt + ''; + userspaceLowerdir = pkgs.runCommand "userspace-lowerdir" { } '' + mkdir -p $out + echo "userspace" > $out/userspace.txt + ''; + userspaceLowerdir2 = pkgs.runCommand "userspace-lowerdir-2" { } '' + mkdir -p $out + echo "userspace2" > $out/userspace2.txt + ''; +in +{ + + name = "writable-overlays"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { config, pkgs, ... }: { + boot.initrd.systemd.enable = true; + boot.initrd.availableKernelModules = [ "overlay" ]; + + virtualisation.fileSystems = { + "/initrd-overlay" = { + overlay = { + lowerdir = [ initrdLowerdir ]; + upperdir = "/.rw-initrd-overlay/upper"; + workdir = "/.rw-initrd-overlay/work"; + }; + neededForBoot = true; + }; + "/userspace-overlay" = { + overlay = { + lowerdir = [ userspaceLowerdir ]; + upperdir = "/.rw-userspace-overlay/upper"; + workdir = "/.rw-userspace-overlay/work"; + }; + }; + "/ro-initrd-overlay" = { + overlay.lowerdir = [ + initrdLowerdir + initrdLowerdir2 + ]; + neededForBoot = true; + }; + "/ro-userspace-overlay" = { + overlay.lowerdir = [ + userspaceLowerdir + userspaceLowerdir2 + ]; + }; + }; + }; + + testScript = '' + machine.wait_for_unit("default.target") + + with subtest("Initrd overlay"): + machine.wait_for_file("/initrd-overlay/initrd.txt", 5) + machine.succeed("touch /initrd-overlay/writable.txt") + machine.succeed("findmnt --kernel --types overlay /initrd-overlay") + + with subtest("Userspace overlay"): + machine.wait_for_file("/userspace-overlay/userspace.txt", 5) + machine.succeed("touch /userspace-overlay/writable.txt") + machine.succeed("findmnt --kernel --types overlay /userspace-overlay") + + with subtest("Read only initrd overlay"): + machine.wait_for_file("/ro-initrd-overlay/initrd.txt", 5) + machine.wait_for_file("/ro-initrd-overlay/initrd2.txt", 5) + machine.fail("touch /ro-initrd-overlay/not-writable.txt") + machine.succeed("findmnt --kernel --types overlay /ro-initrd-overlay") + + with subtest("Read only userspace overlay"): + machine.wait_for_file("/ro-userspace-overlay/userspace.txt", 5) + machine.wait_for_file("/ro-userspace-overlay/userspace2.txt", 5) + machine.fail("touch /ro-userspace-overlay/not-writable.txt") + machine.succeed("findmnt --kernel --types overlay /ro-userspace-overlay") + ''; + +} diff --git a/nixpkgs/nixos/tests/freetube.nix b/nixpkgs/nixos/tests/freetube.nix index f285384b68e0..faa534938227 100644 --- a/nixpkgs/nixos/tests/freetube.nix +++ b/nixpkgs/nixos/tests/freetube.nix @@ -23,6 +23,8 @@ let inherit name; nodes = { "${name}" = machine; }; meta.maintainers = with pkgs.lib.maintainers; [ kirillrdy ]; + # time-out on ofborg + meta.broken = pkgs.stdenv.isAarch64; enableOCR = true; testScript = '' diff --git a/nixpkgs/nixos/tests/frigate.nix b/nixpkgs/nixos/tests/frigate.nix index 836fe0d063f8..03bd2b89611d 100644 --- a/nixpkgs/nixos/tests/frigate.nix +++ b/nixpkgs/nixos/tests/frigate.nix @@ -41,6 +41,7 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : serviceConfig = { DynamicUser = true; ExecStart = "${lib.getBin pkgs.ffmpeg-headless}/bin/ffmpeg -re -f lavfi -i smptebars=size=800x600:rate=10 -f mpegts -listen 1 http://0.0.0.0:8080"; + Restart = "always"; }; }; }; @@ -51,10 +52,14 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : machine.wait_for_unit("frigate.service") + # Frigate startup machine.wait_for_open_port(5001) - machine.succeed("curl http://localhost:5001") + # nginx startup + machine.wait_for_open_port(80) - machine.wait_for_file("/var/cache/frigate/test-*.mp4") + machine.succeed("curl http://localhost") + + machine.wait_for_file("/var/cache/frigate/test@*.mp4") ''; }) diff --git a/nixpkgs/nixos/tests/gitdaemon.nix b/nixpkgs/nixos/tests/gitdaemon.nix index bb07b6e97b7f..052fa902b450 100644 --- a/nixpkgs/nixos/tests/gitdaemon.nix +++ b/nixpkgs/nixos/tests/gitdaemon.nix @@ -59,6 +59,9 @@ in { with subtest("git daemon starts"): server.wait_for_unit("git-daemon.service") + + server.systemctl("start network-online.target") + client.systemctl("start network-online.target") server.wait_for_unit("network-online.target") client.wait_for_unit("network-online.target") diff --git a/nixpkgs/nixos/tests/gitlab.nix b/nixpkgs/nixos/tests/gitlab.nix index 8d3126425311..c4d69a56c93a 100644 --- a/nixpkgs/nixos/tests/gitlab.nix +++ b/nixpkgs/nixos/tests/gitlab.nix @@ -419,7 +419,7 @@ in { gitlab.systemctl("start gitlab-backup.service") gitlab.wait_for_unit("gitlab-backup.service") gitlab.wait_for_file("${nodes.gitlab.services.gitlab.statePath}/backup/dump_gitlab_backup.tar") - gitlab.systemctl("stop postgresql.service gitlab.target") + gitlab.systemctl("stop postgresql.service gitlab-config.service gitlab.target") gitlab.succeed( "find ${nodes.gitlab.services.gitlab.statePath} -mindepth 1 -maxdepth 1 -not -name backup -execdir rm -r {} +" ) diff --git a/nixpkgs/nixos/tests/gnome-extensions.nix b/nixpkgs/nixos/tests/gnome-extensions.nix index 2faff9a4a80d..a9bb5e3766b7 100644 --- a/nixpkgs/nixos/tests/gnome-extensions.nix +++ b/nixpkgs/nixos/tests/gnome-extensions.nix @@ -86,7 +86,7 @@ import ./make-test-python.nix ( "ddterm" "emoji-selector" "gsconnect" - "system-monitor" + "system-monitor-next" "desktop-icons-ng-ding" "workspace-indicator" "vitals" diff --git a/nixpkgs/nixos/tests/guix/publish.nix b/nixpkgs/nixos/tests/guix/publish.nix index a15e00b0fa98..eb56fc97478c 100644 --- a/nixpkgs/nixos/tests/guix/publish.nix +++ b/nixpkgs/nixos/tests/guix/publish.nix @@ -80,6 +80,7 @@ in { # Now it's the client turn to make use of it. substitute_server = "http://server.local:${toString publishPort}" + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") response = client.succeed(f"curl {substitute_server}") assert "Guix Substitute Server" in response diff --git a/nixpkgs/nixos/tests/haproxy.nix b/nixpkgs/nixos/tests/haproxy.nix index 555474d7f299..173093873757 100644 --- a/nixpkgs/nixos/tests/haproxy.nix +++ b/nixpkgs/nixos/tests/haproxy.nix @@ -1,22 +1,42 @@ -import ./make-test-python.nix ({ pkgs, ...}: { +import ./make-test-python.nix ({ lib, pkgs, ...}: { name = "haproxy"; nodes = { - machine = { ... }: { - services.haproxy = { + server = { ... }: { + services.haproxy = { enable = true; config = '' + global + limited-quic + defaults + mode http timeout connect 10s + timeout client 10s + timeout server 10s + + log /dev/log local0 debug err + option logasap + option httplog + option httpslog backend http_server - mode http - server httpd [::1]:8000 + server httpd [::1]:8000 alpn http/1.1 frontend http - bind *:80 - mode http + bind :80 + bind :443 ssl strict-sni crt /etc/ssl/fullchain.pem alpn h2,http/1.1 + bind quic4@:443 ssl strict-sni crt /etc/ssl/fullchain.pem alpn h3 allow-0rtt + + http-after-response add-header alt-svc 'h3=":443"; ma=60' if { ssl_fc } + http-request use-service prometheus-exporter if { path /metrics } use_backend http_server + + frontend http-cert-auth + bind :8443 ssl strict-sni crt /etc/ssl/fullchain.pem verify required ca-file /etc/ssl/cacert.crt + bind quic4@:8443 ssl strict-sni crt /etc/ssl/fullchain.pem verify required ca-file /etc/ssl/cacert.crt alpn h3 + + use_backend http_server ''; }; services.httpd = { @@ -30,24 +50,75 @@ import ./make-test-python.nix ({ pkgs, ...}: { }]; }; }; + networking.firewall.allowedTCPPorts = [ 80 443 8443 ]; + networking.firewall.allowedUDPPorts = [ 443 8443 ]; + }; + client = { ... }: { + environment.systemPackages = [ pkgs.curlHTTP3 ]; }; }; testScript = '' + # Helpers + def cmd(command): + print(f"+{command}") + r = os.system(command) + if r != 0: + raise Exception(f"Command {command} failed with exit code {r}") + + def openssl(command): + cmd(f"${pkgs.openssl}/bin/openssl {command}") + + # Generate CA. + openssl("req -new -newkey rsa:4096 -nodes -x509 -days 7 -subj '/C=ZZ/ST=Cloud/L=Unspecified/O=NixOS/OU=Tests/CN=CA Certificate' -keyout cacert.key -out cacert.crt") + + # Generate and sign Server. + openssl("req -newkey rsa:4096 -nodes -subj '/CN=server/OU=Tests/O=NixOS' -keyout server.key -out server.csr") + openssl("x509 -req -in server.csr -out server.crt -CA cacert.crt -CAkey cacert.key -days 7") + cmd("cat server.crt server.key > fullchain.pem") + + # Generate and sign Client. + openssl("req -newkey rsa:4096 -nodes -subj '/CN=client/OU=Tests/O=NixOS' -keyout client.key -out client.csr") + openssl("x509 -req -in client.csr -out client.crt -CA cacert.crt -CAkey cacert.key -days 7") + cmd("cat client.crt client.key > client.pem") + + # Start the actual test. start_all() - machine.wait_for_unit("multi-user.target") - machine.wait_for_unit("haproxy.service") - machine.wait_for_unit("httpd.service") - assert "We are all good!" in machine.succeed("curl -fk http://localhost:80/index.txt") - assert "haproxy_process_pool_allocated_bytes" in machine.succeed( - "curl -fk http://localhost:80/metrics" - ) + server.copy_from_host("fullchain.pem", "/etc/ssl/fullchain.pem") + server.copy_from_host("cacert.crt", "/etc/ssl/cacert.crt") + server.succeed("chmod 0644 /etc/ssl/fullchain.pem /etc/ssl/cacert.crt") + + client.copy_from_host("cacert.crt", "/etc/ssl/cacert.crt") + client.copy_from_host("client.pem", "/root/client.pem") + + server.wait_for_unit("multi-user.target") + server.wait_for_unit("haproxy.service") + server.wait_for_unit("httpd.service") + + assert "We are all good!" in client.succeed("curl -f http://server/index.txt") + assert "haproxy_process_pool_allocated_bytes" in client.succeed("curl -f http://server/metrics") + + with subtest("https"): + assert "We are all good!" in client.succeed("curl -f --cacert /etc/ssl/cacert.crt https://server/index.txt") + + with subtest("https-cert-auth"): + # Client must succeed in authenticating with the right certificate. + assert "We are all good!" in client.succeed("curl -f --cacert /etc/ssl/cacert.crt --cert-type pem --cert /root/client.pem https://server:8443/index.txt") + # Client must fail without certificate. + client.fail("curl --cacert /etc/ssl/cacert.crt https://server:8443/index.txt") + + with subtest("h3"): + assert "We are all good!" in client.succeed("curl -f --http3-only --cacert /etc/ssl/cacert.crt https://server/index.txt") + + with subtest("h3-cert-auth"): + # Client must succeed in authenticating with the right certificate. + assert "We are all good!" in client.succeed("curl -f --http3-only --cacert /etc/ssl/cacert.crt --cert-type pem --cert /root/client.pem https://server:8443/index.txt") + # Client must fail without certificate. + client.fail("curl -f --http3-only --cacert /etc/ssl/cacert.crt https://server:8443/index.txt") with subtest("reload"): - machine.succeed("systemctl reload haproxy") + server.succeed("systemctl reload haproxy") # wait some time to ensure the following request hits the reloaded haproxy - machine.sleep(5) - assert "We are all good!" in machine.succeed( - "curl -fk http://localhost:80/index.txt" - ) + server.sleep(5) + assert "We are all good!" in client.succeed("curl -f http://server/index.txt") ''; }) diff --git a/nixpkgs/nixos/tests/hostname.nix b/nixpkgs/nixos/tests/hostname.nix index 6122e2ffeb83..dffec956bc0b 100644 --- a/nixpkgs/nixos/tests/hostname.nix +++ b/nixpkgs/nixos/tests/hostname.nix @@ -34,6 +34,7 @@ let machine = ${hostName} + machine.systemctl("start network-online.target") machine.wait_for_unit("network-online.target") # Test if NixOS computes the correct FQDN (either a FQDN or an error/null): diff --git a/nixpkgs/nixos/tests/incus/container.nix b/nixpkgs/nixos/tests/incus/container.nix index 2fa1709c7484..0e65cc1e1529 100644 --- a/nixpkgs/nixos/tests/incus/container.nix +++ b/nixpkgs/nixos/tests/incus/container.nix @@ -31,7 +31,7 @@ in testScript = '' def instance_is_up(_) -> bool: - status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true") + status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running") return status == 0 def set_container(config): @@ -81,11 +81,7 @@ in assert meminfo_bytes == "125000 kB", f"Wrong amount of memory reported from /proc/meminfo, want: '125000 kB', got: '{meminfo_bytes}'" with subtest("lxc-container generator configures plain container"): - machine.execute("incus delete --force container") - machine.succeed("incus launch nixos container") - with machine.nested("Waiting for instance to start and be usable"): - retry(instance_is_up) - + # reuse the existing container to save some time machine.succeed("incus exec container test -- -e /run/systemd/system/service.d/zzz-lxc-service.conf") with subtest("lxc-container generator configures nested container"): @@ -103,8 +99,6 @@ in machine.succeed("incus launch nixos container --config security.privileged=true") with machine.nested("Waiting for instance to start and be usable"): retry(instance_is_up) - # give generator an extra second to run - machine.sleep(1) machine.succeed("incus exec container test -- -e /run/systemd/system/service.d/zzz-lxc-service.conf") ''; diff --git a/nixpkgs/nixos/tests/incus/lxd-to-incus.nix b/nixpkgs/nixos/tests/incus/lxd-to-incus.nix index 67245b54e752..c0fc98c224df 100644 --- a/nixpkgs/nixos/tests/incus/lxd-to-incus.nix +++ b/nixpkgs/nixos/tests/incus/lxd-to-incus.nix @@ -18,8 +18,6 @@ import ../make-test-python.nix ( nodes.machine = { lib, ... }: { - environment.systemPackages = [ pkgs.lxd-to-incus ]; - virtualisation = { diskSize = 6144; cores = 2; @@ -77,11 +75,11 @@ import ../make-test-python.nix ( return ("inactive" in output) def lxd_instance_is_up(_) -> bool: - status, _ = machine.execute("lxc exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true") + status, _ = machine.execute("lxc exec container --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running") return status == 0 def incus_instance_is_up(_) -> bool: - status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true") + status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running") return status == 0 with machine.nested("initialize lxd and resources"): diff --git a/nixpkgs/nixos/tests/incus/virtual-machine.nix b/nixpkgs/nixos/tests/incus/virtual-machine.nix index 343a25ca7297..c76e4f448f2f 100644 --- a/nixpkgs/nixos/tests/incus/virtual-machine.nix +++ b/nixpkgs/nixos/tests/incus/virtual-machine.nix @@ -36,7 +36,7 @@ in testScript = '' def instance_is_up(_) -> bool: - status, _ = machine.execute("incus exec ${instance-name} --disable-stdin --force-interactive /run/current-system/sw/bin/true") + status, _ = machine.execute("incus exec ${instance-name} --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running") return status == 0 machine.wait_for_unit("incus.service") diff --git a/nixpkgs/nixos/tests/installed-tests/fwupd.nix b/nixpkgs/nixos/tests/installed-tests/fwupd.nix index c095a50dc836..fe4f443d7004 100644 --- a/nixpkgs/nixos/tests/installed-tests/fwupd.nix +++ b/nixpkgs/nixos/tests/installed-tests/fwupd.nix @@ -1,11 +1,12 @@ -{ pkgs, lib, makeInstalledTest, ... }: +{ pkgs, makeInstalledTest, ... }: makeInstalledTest { tested = pkgs.fwupd; testConfig = { - services.fwupd.enable = true; - services.fwupd.daemonSettings.DisabledPlugins = lib.mkForce [ ]; # don't disable test plugin - services.fwupd.enableTestRemote = true; + services.fwupd = { + enable = true; + daemonSettings.TestDevices = true; + }; }; } diff --git a/nixpkgs/nixos/tests/installer.nix b/nixpkgs/nixos/tests/installer.nix index 21d5e1470d8e..7576fae41f83 100644 --- a/nixpkgs/nixos/tests/installer.nix +++ b/nixpkgs/nixos/tests/installer.nix @@ -158,7 +158,9 @@ let start_all() ${optionalString clevisTest '' tang.wait_for_unit("sockets.target") + tang.systemctl("start network-online.target") tang.wait_for_unit("network-online.target") + machine.systemctl("start network-online.target") machine.wait_for_unit("network-online.target") ''} machine.wait_for_unit("multi-user.target") @@ -187,6 +189,7 @@ let ${optionalString clevisTest '' with subtest("Create the Clevis secret with Tang"): + machine.systemctl("start network-online.target") machine.wait_for_unit("network-online.target") machine.succeed('echo -n password | clevis encrypt sss \'{"t": 2, "pins": {"tpm2": {}, "tang": {"url": "http://192.168.1.2"}}}\' -y > /mnt/etc/nixos/clevis-secret.jwe')''} diff --git a/nixpkgs/nixos/tests/intune.nix b/nixpkgs/nixos/tests/intune.nix new file mode 100644 index 000000000000..41bf638d7661 --- /dev/null +++ b/nixpkgs/nixos/tests/intune.nix @@ -0,0 +1,56 @@ +import ./make-test-python.nix ({ pkgs, ...} : { + name = "intune"; + meta = { + maintainers = with pkgs.lib.maintainers; [ rhysmdnz ]; + }; + enableOCR = true; + + nodes.machine = + { nodes, ... }: + let user = nodes.machine.users.users.alice; + in { + services.intune.enable=true; + services.gnome.gnome-keyring.enable = true; + imports = [ ./common/user-account.nix ./common/x11.nix ]; + test-support.displayManager.auto.user = user.name; + environment = { + variables.DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/${builtins.toString user.uid}/bus"; + }; + }; + nodes.pam = + { nodes, ... }: + let user = nodes.machine.users.users.alice; + in { + services.intune.enable=true; + imports = [ ./common/user-account.nix ]; + }; + + testScript = '' + start_all() + + # Check System Daemons successfully start + machine.succeed("systemctl start microsoft-identity-device-broker.service") + machine.succeed("systemctl start intune-daemon.service") + + # Check User Daemons and intune-portal execurtable works + # Going any further than starting it would require internet access and a microsoft account + machine.wait_for_x() + # TODO: This needs an unlocked user keychain before it will work + #machine.succeed("su - alice -c 'systemctl start --user microsoft-identity-broker.service'") + machine.succeed("su - alice -c 'systemctl start --user intune-agent.service'") + machine.succeed("su - alice -c intune-portal >&2 &") + machine.wait_for_text("Intune Agent") + + # Check logging in creates password file + def login_as_alice(): + pam.wait_until_tty_matches("1", "login: ") + pam.send_chars("alice\n") + pam.wait_until_tty_matches("1", "Password: ") + pam.send_chars("foobar\n") + pam.wait_until_tty_matches("1", "alice\@pam") + + pam.wait_for_unit("multi-user.target") + login_as_alice() + pam.wait_for_file("/run/intune/1000/pwquality") + ''; +}) diff --git a/nixpkgs/nixos/tests/kanidm.nix b/nixpkgs/nixos/tests/kanidm.nix index 3f5bca397740..fa24d4a8a5e1 100644 --- a/nixpkgs/nixos/tests/kanidm.nix +++ b/nixpkgs/nixos/tests/kanidm.nix @@ -67,6 +67,7 @@ import ./make-test-python.nix ({ pkgs, ... }: '' start_all() server.wait_for_unit("kanidm.service") + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") with subtest("Test HTTP interface"): diff --git a/nixpkgs/nixos/tests/keepalived.nix b/nixpkgs/nixos/tests/keepalived.nix index d0bf9d465200..ce291514591f 100644 --- a/nixpkgs/nixos/tests/keepalived.nix +++ b/nixpkgs/nixos/tests/keepalived.nix @@ -1,5 +1,6 @@ -import ./make-test-python.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "keepalived"; + maintainers = [ lib.maintainers.raitobezarius ]; nodes = { node1 = { pkgs, ... }: { diff --git a/nixpkgs/nixos/tests/kernel-generic.nix b/nixpkgs/nixos/tests/kernel-generic.nix index 72d31246b75d..0dcab39f3fad 100644 --- a/nixpkgs/nixos/tests/kernel-generic.nix +++ b/nixpkgs/nixos/tests/kernel-generic.nix @@ -23,7 +23,7 @@ let assert "${linuxPackages.kernel.modDirVersion}" in machine.succeed("uname -a") ''; }) args); - kernels = pkgs.linuxKernel.vanillaPackages // { + kernels = (removeAttrs pkgs.linuxKernel.vanillaPackages ["__attrsFailEvaluation"]) // { inherit (pkgs.linuxKernel.packages) linux_4_19_hardened linux_5_4_hardened @@ -32,6 +32,7 @@ let linux_6_1_hardened linux_6_5_hardened linux_6_6_hardened + linux_6_7_hardened linux_rt_5_4 linux_rt_5_10 linux_rt_5_15 diff --git a/nixpkgs/nixos/tests/kernel-rust.nix b/nixpkgs/nixos/tests/kernel-rust.nix new file mode 100644 index 000000000000..1f269173ec2e --- /dev/null +++ b/nixpkgs/nixos/tests/kernel-rust.nix @@ -0,0 +1,43 @@ +{ system ? builtins.currentSystem +, config ? { } +, pkgs ? import ../.. { inherit system config; } +}: + +let + inherit (pkgs.lib) const filterAttrs mapAttrs; + + kernelRustTest = kernelPackages: import ./make-test-python.nix ({ lib, ... }: { + name = "kernel-rust"; + meta.maintainers = with lib.maintainers; [ blitz ma27 ]; + nodes.machine = { config, ... }: { + boot = { + inherit kernelPackages; + extraModulePackages = [ config.boot.kernelPackages.rust-out-of-tree-module ]; + kernelPatches = [ + { + name = "Rust Support"; + patch = null; + features = { + rust = true; + }; + } + ]; + }; + }; + testScript = '' + machine.wait_for_unit("default.target") + machine.succeed("modprobe rust_out_of_tree") + ''; + }); + + kernels = { + inherit (pkgs.linuxKernel.packages) linux_testing; + } + // filterAttrs + (const (x: let + inherit (builtins.tryEval ( + x.rust-out-of-tree-module or null != null + )) success value; + in success && value)) + pkgs.linuxKernel.vanillaPackages; +in mapAttrs (const kernelRustTest) kernels diff --git a/nixpkgs/nixos/tests/lemmy.nix b/nixpkgs/nixos/tests/lemmy.nix index de2c4938fe23..e8d747f89a9e 100644 --- a/nixpkgs/nixos/tests/lemmy.nix +++ b/nixpkgs/nixos/tests/lemmy.nix @@ -59,6 +59,7 @@ in server.succeed("curl --fail localhost:${toString uiPort}") with subtest("Lemmy-UI responds through the caddy reverse proxy"): + server.systemctl("start network-online.target") server.wait_for_unit("network-online.target") server.wait_for_unit("caddy.service") server.wait_for_open_port(80) @@ -66,6 +67,7 @@ in assert "Lemmy" in body, f"String Lemmy not found in response for ${lemmyNodeName}: \n{body}" with subtest("the server is exposed externally"): + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") client.succeed("curl -v --fail ${lemmyNodeName}") diff --git a/nixpkgs/nixos/tests/livebook-service.nix b/nixpkgs/nixos/tests/livebook-service.nix index 56b4eb932f34..f428412e1644 100644 --- a/nixpkgs/nixos/tests/livebook-service.nix +++ b/nixpkgs/nixos/tests/livebook-service.nix @@ -9,13 +9,15 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { services.livebook = { enableUserService = true; - port = 20123; + environment = { + LIVEBOOK_PORT = 20123; + LIVEBOOK_COOKIE = "chocolate chip"; + LIVEBOOK_TOKEN_ENABLED = true; + + }; environmentFile = pkgs.writeText "livebook.env" '' LIVEBOOK_PASSWORD = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" ''; - options = { - cookie = "chocolate chip"; - }; }; }; }; diff --git a/nixpkgs/nixos/tests/miriway.nix b/nixpkgs/nixos/tests/miriway.nix index f12c4d5ecc41..a0987d9fc41b 100644 --- a/nixpkgs/nixos/tests/miriway.nix +++ b/nixpkgs/nixos/tests/miriway.nix @@ -31,7 +31,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { enable-x11= ctrl-alt=t:foot --maximized - ctrl-alt=a:env WINIT_UNIX_BACKEND=x11 WAYLAND_DISPLAY=invalid alacritty --option window.startup_mode=maximized + ctrl-alt=a:env WINIT_UNIX_BACKEND=x11 WAYLAND_DISPLAY= alacritty --option window.startup_mode=\"maximized\" shell-component=dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY diff --git a/nixpkgs/nixos/tests/netbird.nix b/nixpkgs/nixos/tests/netbird.nix index ef793cfe9881..7342e8d04a39 100644 --- a/nixpkgs/nixos/tests/netbird.nix +++ b/nixpkgs/nixos/tests/netbird.nix @@ -14,7 +14,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: testScript = '' start_all() - node.wait_for_unit("netbird.service") + node.wait_for_unit("netbird-wt0.service") node.wait_for_file("/var/run/netbird/sock") node.succeed("netbird status | grep -q 'Daemon status: NeedsLogin'") ''; diff --git a/nixpkgs/nixos/tests/networking.nix b/nixpkgs/nixos/tests/networking.nix index 768d0cfa2238..6bd89902eedb 100644 --- a/nixpkgs/nixos/tests/networking.nix +++ b/nixpkgs/nixos/tests/networking.nix @@ -130,6 +130,7 @@ let start_all() client.wait_for_unit("network.target") + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") with subtest("Make sure DHCP server is not started"): @@ -222,6 +223,7 @@ let start_all() client.wait_for_unit("network.target") + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") with subtest("Wait until we have an ip address on each interface"): @@ -849,6 +851,7 @@ let client.wait_for_unit("network.target") client_with_privacy.wait_for_unit("network.target") + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") with subtest("Wait until we have an ip address"): diff --git a/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix b/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix index addc898bd760..b09ee1276a13 100644 --- a/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix +++ b/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix @@ -41,7 +41,7 @@ in { }; secretFile = "/etc/nextcloud-secrets.json"; - extraOptions = { + settings = { allow_local_remote_servers = true; redis = { dbindex = 0; diff --git a/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix index d95af8a89d07..3c090f0d3c3b 100644 --- a/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix +++ b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix @@ -41,7 +41,7 @@ in { extraApps = { inherit (pkgs."nextcloud${lib.versions.major config.services.nextcloud.package.version}Packages".apps) notify_push; }; - extraOptions.trusted_proxies = [ "::1" ]; + settings.trusted_proxies = [ "::1" ]; }; services.redis.servers."nextcloud".enable = true; diff --git a/nixpkgs/nixos/tests/nfs/kerberos.nix b/nixpkgs/nixos/tests/nfs/kerberos.nix index 1bace4058be5..5944b53319a0 100644 --- a/nixpkgs/nixos/tests/nfs/kerberos.nix +++ b/nixpkgs/nixos/tests/nfs/kerberos.nix @@ -105,6 +105,7 @@ in server.wait_for_unit("rpc-gssd.service") server.wait_for_unit("rpc-svcgssd.service") + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") # add principals to client keytab diff --git a/nixpkgs/nixos/tests/nginx-moreheaders.nix b/nixpkgs/nixos/tests/nginx-moreheaders.nix new file mode 100644 index 000000000000..560dcf9ce0b8 --- /dev/null +++ b/nixpkgs/nixos/tests/nginx-moreheaders.nix @@ -0,0 +1,37 @@ +import ./make-test-python.nix { + name = "nginx-more-headers"; + + nodes = { + webserver = { pkgs, ... }: { + services.nginx = { + enable = true; + + virtualHosts.test = { + locations = { + "/".return = "200 blub"; + "/some" = { + return = "200 blub"; + extraConfig = '' + more_set_headers "Referrer-Policy: no-referrer"; + ''; + }; + }; + extraConfig = '' + more_set_headers "X-Powered-By: nixos"; + ''; + }; + }; + }; + }; + + testScript = '' + webserver.wait_for_unit("nginx") + webserver.wait_for_open_port(80) + + webserver.succeed("curl --fail --resolve test:80:127.0.0.1 --head --verbose http://test | grep -q \"X-Powered-By: nixos\"") + webserver.fail("curl --fail --resolve test:80:127.0.0.1 --head --verbose http://test | grep -q \"Referrer-Policy: no-referrer\"") + + webserver.succeed("curl --fail --resolve test:80:127.0.0.1 --head --verbose http://test/some | grep -q \"X-Powered-By: nixos\"") + webserver.succeed("curl --fail --resolve test:80:127.0.0.1 --head --verbose http://test/some | grep -q \"Referrer-Policy: no-referrer\"") + ''; +} diff --git a/nixpkgs/nixos/tests/nixops/default.nix b/nixpkgs/nixos/tests/nixops/default.nix index f7a26f2461c4..6501d13a2ed3 100644 --- a/nixpkgs/nixos/tests/nixops/default.nix +++ b/nixpkgs/nixos/tests/nixops/default.nix @@ -1,6 +1,4 @@ -{ pkgs -, testers -, ... }: +{ pkgs, ... }: let inherit (pkgs) lib; @@ -21,7 +19,7 @@ let passthru.override = args': testsForPackage (args // args'); }; - testLegacyNetwork = { nixopsPkg, ... }: testers.nixosTest ({ + testLegacyNetwork = { nixopsPkg, ... }: pkgs.testers.nixosTest ({ name = "nixops-legacy-network"; nodes = { deployer = { config, lib, nodes, pkgs, ... }: { diff --git a/nixpkgs/nixos/tests/nixos-rebuild-target-host.nix b/nixpkgs/nixos/tests/nixos-rebuild-target-host.nix index 8d60b788abf3..bf80b2fa6606 100644 --- a/nixpkgs/nixos/tests/nixos-rebuild-target-host.nix +++ b/nixpkgs/nixos/tests/nixos-rebuild-target-host.nix @@ -132,5 +132,10 @@ import ./make-test-python.nix ({ pkgs, ... }: { deployer.succeed("passh -c 3 -C -p ${nodes.target.users.users.bob.password} -P \"\[sudo\] password\" nixos-rebuild switch -I nixos-config=/root/configuration-3.nix --target-host bob@target --use-remote-sudo &>/dev/console") target_hostname = deployer.succeed("ssh alice@target cat /etc/hostname").rstrip() assert target_hostname == "config-3-deployed", f"{target_hostname=}" + + with subtest("Deploy works with very long TMPDIR"): + tmp_dir = "/var/folder/veryveryveryveryverylongpathnamethatdoesnotworkwithcontrolpath" + deployer.succeed(f"mkdir -p {tmp_dir}") + deployer.succeed(f"TMPDIR={tmp_dir} nixos-rebuild switch -I nixos-config=/root/configuration-1.nix --target-host root@target &>/dev/console") ''; }) diff --git a/nixpkgs/nixos/tests/nvmetcfg.nix b/nixpkgs/nixos/tests/nvmetcfg.nix new file mode 100644 index 000000000000..a4c459a343cf --- /dev/null +++ b/nixpkgs/nixos/tests/nvmetcfg.nix @@ -0,0 +1,43 @@ +import ./make-test-python.nix ({ lib, ... }: { + name = "nvmetcfg"; + + meta = { + maintainers = with lib.maintainers; [ nickcao ]; + }; + + nodes = { + server = { pkgs, ... }: { + boot.kernelModules = [ "nvmet" ]; + environment.systemPackages = [ pkgs.nvmetcfg ]; + networking.firewall.allowedTCPPorts = [ 4420 ]; + virtualisation.emptyDiskImages = [ 512 ]; + }; + client = { pkgs, ... }: { + boot.kernelModules = [ "nvme-fabrics" ]; + environment.systemPackages = [ pkgs.nvme-cli ]; + }; + }; + + testScript = let subsystem = "nqn.2014-08.org.nixos:server"; in '' + import json + + with subtest("Create subsystem and namespace"): + server.succeed("nvmet subsystem add ${subsystem}") + server.succeed("nvmet namespace add ${subsystem} 1 /dev/vdb") + + with subtest("Bind subsystem to port"): + server.wait_for_unit("network-online.target") + server.succeed("nvmet port add 1 tcp 0.0.0.0:4420") + server.succeed("nvmet port add-subsystem 1 ${subsystem}") + + with subtest("Discover and connect to available subsystems"): + client.wait_for_unit("network-online.target") + assert "subnqn: ${subsystem}" in client.succeed("nvme discover --transport=tcp --traddr=server --trsvcid=4420") + client.succeed("nvme connect-all --transport=tcp --traddr=server --trsvcid=4420") + + with subtest("Write to the connected subsystem"): + devices = json.loads(client.succeed("lsblk --nvme --paths --json"))["blockdevices"] + assert len(devices) == 1 + client.succeed(f"dd if=/dev/zero of={devices[0]['name']} bs=1M count=64") + ''; +}) diff --git a/nixpkgs/nixos/tests/oci-containers.nix b/nixpkgs/nixos/tests/oci-containers.nix index 205ce623d089..1f8e276204a8 100644 --- a/nixpkgs/nixos/tests/oci-containers.nix +++ b/nixpkgs/nixos/tests/oci-containers.nix @@ -24,6 +24,10 @@ let ports = ["8181:80"]; }; }; + + # Stop systemd from killing remaining processes if ExecStop script + # doesn't work, so that proper stopping can be tested. + systemd.services."${backend}-nginx".serviceConfig.KillSignal = "SIGCONT"; }; }; @@ -32,6 +36,7 @@ let ${backend}.wait_for_unit("${backend}-nginx.service") ${backend}.wait_for_open_port(8181) ${backend}.wait_until_succeeds("curl -f http://localhost:8181 | grep Hello") + ${backend}.succeed("systemctl stop ${backend}-nginx.service", timeout=10) ''; }; diff --git a/nixpkgs/nixos/tests/opensmtpd-rspamd.nix b/nixpkgs/nixos/tests/opensmtpd-rspamd.nix index 19969a7b47dd..e413a2050bd6 100644 --- a/nixpkgs/nixos/tests/opensmtpd-rspamd.nix +++ b/nixpkgs/nixos/tests/opensmtpd-rspamd.nix @@ -119,6 +119,7 @@ import ./make-test-python.nix { testScript = '' start_all() + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") smtp1.wait_for_unit("opensmtpd") smtp2.wait_for_unit("opensmtpd") diff --git a/nixpkgs/nixos/tests/opensmtpd.nix b/nixpkgs/nixos/tests/opensmtpd.nix index 17c1a569ba0d..d32f82ed33b8 100644 --- a/nixpkgs/nixos/tests/opensmtpd.nix +++ b/nixpkgs/nixos/tests/opensmtpd.nix @@ -104,6 +104,7 @@ import ./make-test-python.nix { testScript = '' start_all() + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") smtp1.wait_for_unit("opensmtpd") smtp2.wait_for_unit("opensmtpd") diff --git a/nixpkgs/nixos/tests/owncast.nix b/nixpkgs/nixos/tests/owncast.nix index debb34f5009d..73aac4e70475 100644 --- a/nixpkgs/nixos/tests/owncast.nix +++ b/nixpkgs/nixos/tests/owncast.nix @@ -31,6 +31,8 @@ import ./make-test-python.nix ({ pkgs, ... }: { testScript = '' start_all() + client.systemctl("start network-online.target") + server.systemctl("start network-online.target") client.wait_for_unit("network-online.target") server.wait_for_unit("network-online.target") server.wait_for_unit("owncast.service") diff --git a/nixpkgs/nixos/tests/podman/default.nix b/nixpkgs/nixos/tests/podman/default.nix index 0e1f420f2a7d..3eea45832f0a 100644 --- a/nixpkgs/nixos/tests/podman/default.nix +++ b/nixpkgs/nixos/tests/podman/default.nix @@ -24,8 +24,6 @@ import ../make-test-python.nix ( virtualisation.podman.enable = true; virtualisation.podman.defaultNetwork.settings.dns_enabled = true; - - networking.firewall.allowedUDPPorts = [ 53 ]; }; docker = { pkgs, ... }: { virtualisation.podman.enable = true; diff --git a/nixpkgs/nixos/tests/pomerium.nix b/nixpkgs/nixos/tests/pomerium.nix index abaf56c518e0..d0204488e8ef 100644 --- a/nixpkgs/nixos/tests/pomerium.nix +++ b/nixpkgs/nixos/tests/pomerium.nix @@ -1,7 +1,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "pomerium"; meta = with lib.maintainers; { - maintainers = [ lukegb ]; + maintainers = [ lukegb devusb ]; }; nodes = let base = myIP: { pkgs, lib, ... }: { @@ -103,7 +103,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { with subtest("ui"): pomerium.succeed( # check for a string that only appears if the UI is displayed correctly - "chromium --no-sandbox --headless --disable-gpu --dump-dom --host-resolver-rules='MAP login.required 127.0.0.1:80' http://login.required/.pomerium | grep 'contact your administrator'" + "chromium --no-sandbox --headless --disable-gpu --dump-dom --host-resolver-rules='MAP login.required 127.0.0.1:80' http://login.required/.pomerium | grep 'User Details Not Available'" ) ''; }) diff --git a/nixpkgs/nixos/tests/postgis.nix b/nixpkgs/nixos/tests/postgis.nix index 09c738b938ba..dacf4e576c07 100644 --- a/nixpkgs/nixos/tests/postgis.nix +++ b/nixpkgs/nixos/tests/postgis.nix @@ -24,6 +24,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { master.wait_for_unit("postgresql") master.sleep(10) # Hopefully this is long enough!! master.succeed("sudo -u postgres psql -c 'CREATE EXTENSION postgis;'") + master.succeed("sudo -u postgres psql -c 'CREATE EXTENSION postgis_raster;'") master.succeed("sudo -u postgres psql -c 'CREATE EXTENSION postgis_topology;'") ''; }) diff --git a/nixpkgs/nixos/tests/prometheus-exporters.nix b/nixpkgs/nixos/tests/prometheus-exporters.nix index 5872b02b609e..7e74f27174ec 100644 --- a/nixpkgs/nixos/tests/prometheus-exporters.nix +++ b/nixpkgs/nixos/tests/prometheus-exporters.nix @@ -257,21 +257,6 @@ let ''; }; - exportarr-sonarr = { - nodeName = "exportarr_sonarr"; - exporterConfig = { - enable = true; - url = "http://127.0.0.1:8989"; - # testing for real data is tricky, because the api key can not be preconfigured - apiKeyFile = pkgs.writeText "dummy-api-key" "eccff6a992bc2e4b88e46d064b26bb4e"; - }; - exporterTest = '' - wait_for_unit("prometheus-exportarr-sonarr-exporter.service") - wait_for_open_port(9707) - succeed("curl -sSf 'http://localhost:9707/metrics") - ''; - }; - fastly = { exporterConfig = { enable = true; @@ -957,31 +942,6 @@ let ''; }; - openvpn = { - exporterConfig = { - enable = true; - group = "openvpn"; - statusPaths = [ "/run/openvpn-test" ]; - }; - metricProvider = { - users.groups.openvpn = { }; - services.openvpn.servers.test = { - config = '' - dev tun - status /run/openvpn-test - status-version 3 - ''; - up = "chmod g+r /run/openvpn-test"; - }; - systemd.services."openvpn-test".serviceConfig.Group = "openvpn"; - }; - exporterTest = '' - wait_for_unit("openvpn-test.service") - wait_for_unit("prometheus-openvpn-exporter.service") - succeed("curl -sSf http://localhost:9176/metrics | grep 'openvpn_up{.*} 1'") - ''; - }; - pgbouncer = { exporterConfig = { enable = true; @@ -1217,6 +1177,39 @@ let ''; }; + restic = + let + repository = "rest:http://127.0.0.1:8000"; + passwordFile = pkgs.writeText "restic-test-password" "test-password"; + in + { + exporterConfig = { + enable = true; + inherit repository passwordFile; + }; + metricProvider = { + services.restic.server = { + enable = true; + extraFlags = [ "--no-auth" ]; + }; + environment.systemPackages = [ pkgs.restic ]; + }; + exporterTest = '' + # prometheus-restic-exporter.service fails without initialised repository + systemctl("stop prometheus-restic-exporter.service") + + # Initialise the repository + wait_for_unit("restic-rest-server.service") + wait_for_open_port(8000) + succeed("restic init --repo ${repository} --password-file ${passwordFile}") + + systemctl("start prometheus-restic-exporter.service") + wait_for_unit("prometheus-restic-exporter.service") + wait_for_open_port(9753) + wait_until_succeeds("curl -sSf localhost:9753/metrics | grep 'restic_check_success 1.0'") + ''; + }; + rspamd = { exporterConfig = { enable = true; @@ -1724,7 +1717,12 @@ mapAttrs testScript = '' ${nodeName}.start() ${concatStringsSep "\n" (map (line: - if (builtins.substring 0 1 line == " " || builtins.substring 0 1 line == ")") + if builtins.any (b: b) [ + (builtins.match "^[[:space:]]*$" line != null) + (builtins.substring 0 1 line == "#") + (builtins.substring 0 1 line == " ") + (builtins.substring 0 1 line == ")") + ] then line else "${nodeName}.${line}" ) (splitString "\n" (removeSuffix "\n" testConfig.exporterTest)))} diff --git a/nixpkgs/nixos/tests/pyload.nix b/nixpkgs/nixos/tests/pyload.nix new file mode 100644 index 000000000000..f913e822b2ff --- /dev/null +++ b/nixpkgs/nixos/tests/pyload.nix @@ -0,0 +1,33 @@ +import ./make-test-python.nix ({ lib, ... }: { + name = "pyload"; + meta.maintainers = with lib.maintainers; [ ambroisie ]; + + nodes = { + machine = { ... }: { + services.pyload = { + enable = true; + + listenAddress = "0.0.0.0"; + port = 9876; + }; + + networking.firewall.allowedTCPPorts = [ 9876 ]; + }; + + client = { }; + }; + + testScript = '' + start_all() + + machine.wait_for_unit("pyload.service") + + with subtest("Web interface accessible locally"): + machine.wait_until_succeeds("curl -fs localhost:9876") + + client.wait_for_unit("network.target") + + with subtest("Web interface accessible from a different machine"): + client.wait_until_succeeds("curl -fs machine:9876") + ''; +}) diff --git a/nixpkgs/nixos/tests/qemu-vm-restrictnetwork.nix b/nixpkgs/nixos/tests/qemu-vm-restrictnetwork.nix index 49a105ef1076..49aefcc099bd 100644 --- a/nixpkgs/nixos/tests/qemu-vm-restrictnetwork.nix +++ b/nixpkgs/nixos/tests/qemu-vm-restrictnetwork.nix @@ -21,6 +21,8 @@ import ./make-test-python.nix ({ else: start_all() + unrestricted.systemctl("start network-online.target") + restricted.systemctl("start network-online.target") unrestricted.wait_for_unit("network-online.target") restricted.wait_for_unit("network-online.target") diff --git a/nixpkgs/nixos/tests/rss2email.nix b/nixpkgs/nixos/tests/rss2email.nix index f32326feb50f..60b27b95fabe 100644 --- a/nixpkgs/nixos/tests/rss2email.nix +++ b/nixpkgs/nixos/tests/rss2email.nix @@ -55,6 +55,7 @@ import ./make-test-python.nix { testScript = '' start_all() + server.systemctl("start network-online.target") server.wait_for_unit("network-online.target") server.wait_for_unit("opensmtpd") server.wait_for_unit("dovecot2") diff --git a/nixpkgs/nixos/tests/sane.nix b/nixpkgs/nixos/tests/sane.nix new file mode 100644 index 000000000000..cba1b4d1dc4d --- /dev/null +++ b/nixpkgs/nixos/tests/sane.nix @@ -0,0 +1,85 @@ +import ./make-test-python.nix ({ pkgs, ... }: +/* + SANE NixOS test + =============== + SANE is intrisically tied to hardware, so testing it is not straightforward. + However: + - a fake webcam can be created with v4l2loopback + - sane has a backend (v4l) to use a webcam as a scanner + This test creates a webcam /dev/video0, streams a still image with some text + through this webcam, uses SANE to scan from the webcam, and uses OCR to check + that the expected text was scanned. +*/ +let + text = "66263666188646651519653683416"; + fontsConf = pkgs.makeFontsConf { + fontDirectories = [ + pkgs.dejavu_fonts.minimal + ]; + }; + # an image with black on white text spelling "${text}" + # for some reason, the test fails if it's jpg instead of png + # the font is quite large to make OCR easier + image = pkgs.runCommand "image.png" + { + # only imagemagickBig can render text + nativeBuildInputs = [ pkgs.imagemagickBig ]; + FONTCONFIG_FILE = fontsConf; + } '' + magick -pointsize 100 label:${text} $out + ''; +in +{ + name = "sane"; + nodes.machine = { pkgs, config, ... }: { + boot = { + # create /dev/video0 as a fake webcam whose content is filled by ffmpeg + extraModprobeConfig = '' + options v4l2loopback devices=1 max_buffers=2 exclusive_caps=1 card_label=VirtualCam + ''; + kernelModules = [ "v4l2loopback" ]; + extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ]; + }; + systemd.services.fake-webcam = { + wantedBy = [ "multi-user.target" ]; + description = "fill /dev/video0 with ${image}"; + /* HACK: /dev/video0 is a v4l2 only device, it misses one single v4l1 + ioctl, VIDIOCSPICT. But sane only supports v4l1, so it will log that this + ioctl failed, and assume that the pixel format is Y8 (gray). So we tell + ffmpeg to produce this pixel format. + */ + serviceConfig.ExecStart = [ "${pkgs.ffmpeg}/bin/ffmpeg -framerate 30 -re -stream_loop -1 -i ${image} -f v4l2 -pix_fmt gray /dev/video0" ]; + }; + hardware.sane.enable = true; + system.extraDependencies = [ image ]; + environment.systemPackages = [ + pkgs.fswebcam + pkgs.tesseract + pkgs.v4l-utils + ]; + environment.variables.SANE_DEBUG_V4L = "128"; + }; + testScript = '' + start_all() + machine.wait_for_unit("fake-webcam.service") + + # the device only appears when ffmpeg starts producing frames + machine.wait_until_succeeds("scanimage -L | grep /dev/video0") + + machine.succeed("scanimage -L >&2") + + with subtest("debugging: /dev/video0 works"): + machine.succeed("v4l2-ctl --all >&2") + machine.succeed("fswebcam --no-banner /tmp/webcam.jpg") + machine.copy_from_vm("/tmp/webcam.jpg", "webcam") + + # scan with the webcam + machine.succeed("scanimage -o /tmp/scan.png >&2") + machine.copy_from_vm("/tmp/scan.png", "scan") + + # the image should contain "${text}" + output = machine.succeed("tesseract /tmp/scan.png -") + print(output) + assert "${text}" in output, f"expected text ${text} was not found, OCR found {output!r}" + ''; +}) diff --git a/nixpkgs/nixos/tests/ssh-audit.nix b/nixpkgs/nixos/tests/ssh-audit.nix index bd6255b8044d..25772aba3ea0 100644 --- a/nixpkgs/nixos/tests/ssh-audit.nix +++ b/nixpkgs/nixos/tests/ssh-audit.nix @@ -70,6 +70,7 @@ import ./make-test-python.nix ( ${serverName}.succeed("${pkgs.ssh-audit}/bin/ssh-audit 127.0.0.1") # Wait for client to be able to connect to the server + ${clientName}.systemctl("start network-online.target") ${clientName}.wait_for_unit("network-online.target") # Set up trusted private key diff --git a/nixpkgs/nixos/tests/suwayomi-server.nix b/nixpkgs/nixos/tests/suwayomi-server.nix new file mode 100644 index 000000000000..36072028380b --- /dev/null +++ b/nixpkgs/nixos/tests/suwayomi-server.nix @@ -0,0 +1,46 @@ +{ system ? builtins.currentSystem +, pkgs +, lib ? pkgs.lib +}: +let + inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest; + inherit (lib) recursiveUpdate; + + baseTestConfig = { + meta.maintainers = with lib.maintainers; [ ratcornu ]; + nodes.machine = { pkgs, ... }: { + services.suwayomi-server = { + enable = true; + settings.server.port = 1234; + }; + }; + testScript = '' + machine.wait_for_unit("suwayomi-server.service") + machine.wait_for_open_port(1234) + machine.succeed("curl --fail http://localhost:1234/") + ''; + }; +in + +{ + without-auth = makeTest (recursiveUpdate baseTestConfig { + name = "suwayomi-server-without-auth"; + }); + + with-auth = makeTest (recursiveUpdate baseTestConfig { + name = "suwayomi-server-with-auth"; + + nodes.machine = { pkgs, ... }: { + services.suwayomi-server = { + enable = true; + + settings.server = { + port = 1234; + basicAuthEnabled = true; + basicAuthUsername = "alice"; + basicAuthPasswordFile = pkgs.writeText "snakeoil-pass.txt" "pass"; + }; + }; + }; + }); +} diff --git a/nixpkgs/nixos/tests/systemd-lock-handler.nix b/nixpkgs/nixos/tests/systemd-lock-handler.nix new file mode 100644 index 000000000000..d6fb8f545900 --- /dev/null +++ b/nixpkgs/nixos/tests/systemd-lock-handler.nix @@ -0,0 +1,56 @@ +{ lib, ... }: { + name = "systemd-lock-handler"; + + meta.maintainers = with lib.maintainers; [ liff ]; + + enableOCR = true; + + nodes.machine = { config, pkgs, lib, ... }: + let + touch = "${lib.getBin pkgs.coreutils}/bin/touch"; + in + { + imports = [ common/wayland-cage.nix ]; + + services.systemd-lock-handler.enable = true; + + systemd.user.services = { + test-lock = { + partOf = [ "lock.target" ]; + onSuccess = [ "unlock.target" ]; + before = [ "lock.target" ]; + wantedBy = [ "lock.target" ]; + serviceConfig.ExecStart = "${touch} /tmp/lock.target.activated"; + }; + test-unlock = { + partOf = [ "unlock.target" ]; + after = [ "unlock.target" ]; + wantedBy = [ "unlock.target" ]; + serviceConfig.ExecStart = "${touch} /tmp/unlock.target.activated"; + }; + test-sleep = { + partOf = [ "sleep.target" ]; + before = [ "sleep.target" ]; + wantedBy = [ "sleep.target" ]; + serviceConfig.ExecStart = "${touch} /tmp/sleep.target.activated"; + }; + }; + }; + + testScript = '' + machine.wait_for_unit('graphical.target') + machine.wait_for_text('alice@machine') + + machine.send_chars('loginctl lock-session\n') + machine.wait_for_file('/tmp/lock.target.activated') + machine.wait_for_file('/tmp/unlock.target.activated') + + machine.send_chars('systemctl suspend\n') + # wait_for_file won’t complete before the machine is asleep, + # so we’ll watch the log instead. + machine.wait_for_console_text('Started test-sleep.service.') + + # The VM is asleep, regular shutdown won’t work. + machine.crash() + ''; +} diff --git a/nixpkgs/nixos/tests/systemd-networkd-dhcpserver.nix b/nixpkgs/nixos/tests/systemd-networkd-dhcpserver.nix index cf0ccb744211..665d8b5a0529 100644 --- a/nixpkgs/nixos/tests/systemd-networkd-dhcpserver.nix +++ b/nixpkgs/nixos/tests/systemd-networkd-dhcpserver.nix @@ -101,6 +101,9 @@ import ./make-test-python.nix ({pkgs, ...}: { }; testScript = { ... }: '' start_all() + + router.systemctl("start network-online.target") + client.systemctl("start network-online.target") router.wait_for_unit("systemd-networkd-wait-online.service") client.wait_for_unit("systemd-networkd-wait-online.service") client.wait_until_succeeds("ping -c 5 10.0.2.1") diff --git a/nixpkgs/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix b/nixpkgs/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix index 54f371e6c070..1e55341657bd 100644 --- a/nixpkgs/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix +++ b/nixpkgs/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix @@ -263,9 +263,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { }; }; }; - - # make the network-online target a requirement, we wait for it in our test script - systemd.targets.network-online.wantedBy = [ "multi-user.target" ]; }; # This is the client behind the router. We should be receiving router @@ -278,9 +275,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { useNetworkd = true; useDHCP = false; }; - - # make the network-online target a requirement, we wait for it in our test script - systemd.targets.network-online.wantedBy = [ "multi-user.target" ]; }; }; @@ -294,6 +288,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { # Since we only care about IPv6 that should not involve waiting for legacy # IP leases. client.start() + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") # the static address on the router should not be reachable @@ -312,6 +307,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { isp.wait_for_unit("multi-user.target") # wait until the uplink interface has a good status + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") router.wait_until_succeeds("ping -6 -c1 2001:DB8::1") diff --git a/nixpkgs/nixos/tests/systemd-nspawn.nix b/nixpkgs/nixos/tests/systemd-nspawn.nix index 1a4251ef069e..b86762233d18 100644 --- a/nixpkgs/nixos/tests/systemd-nspawn.nix +++ b/nixpkgs/nixos/tests/systemd-nspawn.nix @@ -38,6 +38,7 @@ in { start_all() server.wait_for_unit("nginx.service") + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") client.succeed("machinectl pull-raw --verify=signature http://server/testimage.raw") client.succeed( diff --git a/nixpkgs/nixos/tests/systemd-sysupdate.nix b/nixpkgs/nixos/tests/systemd-sysupdate.nix index 37811605dbb2..6592764c9ff4 100644 --- a/nixpkgs/nixos/tests/systemd-sysupdate.nix +++ b/nixpkgs/nixos/tests/systemd-sysupdate.nix @@ -23,8 +23,8 @@ in mkdir -p $out cd $out - echo "nixos" > nixos_1.efi - sha256sum nixos_1.efi > SHA256SUMS + echo "nixos" > nixos_1.txt + sha256sum nixos_1.txt > SHA256SUMS export GNUPGHOME="$(mktemp -d)" cp -R ${gpgKeyring}/* $GNUPGHOME @@ -39,15 +39,15 @@ in systemd.sysupdate = { enable = true; transfers = { - "uki" = { + "text-file" = { Source = { Type = "url-file"; Path = "http://server/"; - MatchPattern = "nixos_@v.efi"; + MatchPattern = "nixos_@v.txt"; }; Target = { - Path = "/boot/EFI/Linux"; - MatchPattern = "nixos_@v.efi"; + Path = "/"; + MatchPattern = [ "nixos_@v.txt" ]; }; }; }; @@ -61,6 +61,6 @@ in server.wait_for_unit("nginx.service") target.succeed("systemctl start systemd-sysupdate") - assert "nixos" in target.wait_until_succeeds("cat /boot/EFI/Linux/nixos_1.efi", timeout=5) + assert "nixos" in target.wait_until_succeeds("cat /nixos_1.txt", timeout=5) ''; } diff --git a/nixpkgs/nixos/tests/systemd-sysusers-immutable.nix b/nixpkgs/nixos/tests/systemd-sysusers-immutable.nix new file mode 100644 index 000000000000..42cbf84d175e --- /dev/null +++ b/nixpkgs/nixos/tests/systemd-sysusers-immutable.nix @@ -0,0 +1,64 @@ +{ lib, ... }: + +let + rootPassword = "$y$j9T$p6OI0WN7.rSfZBOijjRdR.$xUOA2MTcB48ac.9Oc5fz8cxwLv1mMqabnn333iOzSA6"; + normaloPassword = "$y$j9T$3aiOV/8CADAK22OK2QT3/0$67OKd50Z4qTaZ8c/eRWHLIM.o3ujtC1.n9ysmJfv639"; + newNormaloPassword = "mellow"; +in + +{ + + name = "activation-sysusers-immutable"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { + systemd.sysusers.enable = true; + users.mutableUsers = false; + + # Override the empty root password set by the test instrumentation + users.users.root.hashedPasswordFile = lib.mkForce null; + users.users.root.initialHashedPassword = rootPassword; + users.users.normalo = { + isNormalUser = true; + initialHashedPassword = normaloPassword; + }; + + specialisation.new-generation.configuration = { + users.users.new-normalo = { + isNormalUser = true; + initialPassword = newNormaloPassword; + }; + }; + }; + + testScript = '' + with subtest("Users are not created with systemd-sysusers"): + machine.fail("systemctl status systemd-sysusers.service") + machine.fail("ls /etc/sysusers.d") + + with subtest("Correct mode on the password files"): + assert machine.succeed("stat -c '%a' /etc/passwd") == "644\n" + assert machine.succeed("stat -c '%a' /etc/group") == "644\n" + assert machine.succeed("stat -c '%a' /etc/shadow") == "0\n" + assert machine.succeed("stat -c '%a' /etc/gshadow") == "0\n" + + with subtest("root user has correct password"): + print(machine.succeed("getent passwd root")) + assert "${rootPassword}" in machine.succeed("getent shadow root"), "root user password is not correct" + + with subtest("normalo user is created"): + print(machine.succeed("getent passwd normalo")) + assert machine.succeed("stat -c '%U' /home/normalo") == "normalo\n" + assert "${normaloPassword}" in machine.succeed("getent shadow normalo"), "normalo user password is not correct" + + + machine.succeed("/run/current-system/specialisation/new-generation/bin/switch-to-configuration switch") + + + with subtest("new-normalo user is created after switching to new generation"): + print(machine.succeed("getent passwd new-normalo")) + print(machine.succeed("getent shadow new-normalo")) + assert machine.succeed("stat -c '%U' /home/new-normalo") == "new-normalo\n" + ''; +} diff --git a/nixpkgs/nixos/tests/systemd-sysusers-mutable.nix b/nixpkgs/nixos/tests/systemd-sysusers-mutable.nix new file mode 100644 index 000000000000..e69cfe23a59a --- /dev/null +++ b/nixpkgs/nixos/tests/systemd-sysusers-mutable.nix @@ -0,0 +1,71 @@ +{ lib, ... }: + +let + rootPassword = "$y$j9T$p6OI0WN7.rSfZBOijjRdR.$xUOA2MTcB48ac.9Oc5fz8cxwLv1mMqabnn333iOzSA6"; + normaloPassword = "hello"; + newNormaloPassword = "$y$j9T$p6OI0WN7.rSfZBOijjRdR.$xUOA2MTcB48ac.9Oc5fz8cxwLv1mMqabnn333iOzSA6"; +in + +{ + + name = "activation-sysusers-mutable"; + + meta.maintainers = with lib.maintainers; [ nikstur ]; + + nodes.machine = { pkgs, ... }: { + systemd.sysusers.enable = true; + users.mutableUsers = true; + + # Prerequisites + system.etc.overlay.enable = true; + boot.initrd.systemd.enable = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + + # Override the empty root password set by the test instrumentation + users.users.root.hashedPasswordFile = lib.mkForce null; + users.users.root.initialHashedPassword = rootPassword; + users.users.normalo = { + isNormalUser = true; + initialPassword = normaloPassword; + }; + + specialisation.new-generation.configuration = { + users.users.new-normalo = { + isNormalUser = true; + initialHashedPassword = newNormaloPassword; + }; + }; + }; + + testScript = '' + machine.wait_for_unit("systemd-sysusers.service") + + with subtest("systemd-sysusers.service contains the credentials"): + sysusers_service = machine.succeed("systemctl cat systemd-sysusers.service") + print(sysusers_service) + assert "SetCredential=passwd.plaintext-password.normalo:${normaloPassword}" in sysusers_service + + with subtest("Correct mode on the password files"): + assert machine.succeed("stat -c '%a' /etc/passwd") == "644\n" + assert machine.succeed("stat -c '%a' /etc/group") == "644\n" + assert machine.succeed("stat -c '%a' /etc/shadow") == "0\n" + assert machine.succeed("stat -c '%a' /etc/gshadow") == "0\n" + + with subtest("root user has correct password"): + print(machine.succeed("getent passwd root")) + assert "${rootPassword}" in machine.succeed("getent shadow root"), "root user password is not correct" + + with subtest("normalo user is created"): + print(machine.succeed("getent passwd normalo")) + assert machine.succeed("stat -c '%U' /home/normalo") == "normalo\n" + + + machine.succeed("/run/current-system/specialisation/new-generation/bin/switch-to-configuration switch") + + + with subtest("new-normalo user is created after switching to new generation"): + print(machine.succeed("getent passwd new-normalo")) + assert machine.succeed("stat -c '%U' /home/new-normalo") == "new-normalo\n" + assert "${newNormaloPassword}" in machine.succeed("getent shadow new-normalo"), "new-normalo user password is not correct" + ''; +} diff --git a/nixpkgs/nixos/tests/tayga.nix b/nixpkgs/nixos/tests/tayga.nix index 44974f6efea8..4aade67d74d0 100644 --- a/nixpkgs/nixos/tests/tayga.nix +++ b/nixpkgs/nixos/tests/tayga.nix @@ -206,6 +206,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: testScript = '' # start client and server for machine in client, server: + machine.systemctl("start network-online.target") machine.wait_for_unit("network-online.target") machine.log(machine.execute("ip addr")[1]) machine.log(machine.execute("ip route")[1]) @@ -214,6 +215,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: # test systemd-networkd and nixos-scripts based router for router in router_systemd, router_nixos: router.start() + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") router.wait_for_unit("tayga.service") router.log(machine.execute("ip addr")[1]) diff --git a/nixpkgs/nixos/tests/trafficserver.nix b/nixpkgs/nixos/tests/trafficserver.nix index e4557c6c50e5..94d0e4dd926e 100644 --- a/nixpkgs/nixos/tests/trafficserver.nix +++ b/nixpkgs/nixos/tests/trafficserver.nix @@ -104,6 +104,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { ats.wait_for_open_port(80) httpbin.wait_for_unit("httpbin") httpbin.wait_for_open_port(80) + client.systemctl("start network-online.target") client.wait_for_unit("network-online.target") with subtest("Traffic Server is running"): diff --git a/nixpkgs/nixos/tests/tsm-client-gui.nix b/nixpkgs/nixos/tests/tsm-client-gui.nix index c9632546db6e..ca10cddc411f 100644 --- a/nixpkgs/nixos/tests/tsm-client-gui.nix +++ b/nixpkgs/nixos/tests/tsm-client-gui.nix @@ -31,7 +31,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { machine.execute("DSM_LOG=/tmp dsmj -optfile=/dev/null >&2 &") # does it report the "TCP/IP connection failure" error code? - machine.wait_for_window("IBM Spectrum Protect") + machine.wait_for_window("IBM Storage Protect") machine.wait_for_text("ANS2610S") machine.send_key("esc") diff --git a/nixpkgs/nixos/tests/ulogd/ulogd.py b/nixpkgs/nixos/tests/ulogd/ulogd.py index d20daa4d733a..76a8d0c6e24a 100644 --- a/nixpkgs/nixos/tests/ulogd/ulogd.py +++ b/nixpkgs/nixos/tests/ulogd/ulogd.py @@ -1,5 +1,6 @@ start_all() machine.wait_for_unit("ulogd.service") +machine.systemctl("start network-online.target") machine.wait_for_unit("network-online.target") with subtest("Ulogd is running"): diff --git a/nixpkgs/nixos/tests/upnp.nix b/nixpkgs/nixos/tests/upnp.nix index 5e135267403b..93bc08f752ce 100644 --- a/nixpkgs/nixos/tests/upnp.nix +++ b/nixpkgs/nixos/tests/upnp.nix @@ -81,11 +81,13 @@ in start_all() # Wait for network and miniupnpd. + router.systemctl("start network-online.target") router.wait_for_unit("network-online.target") # $router.wait_for_unit("nat") router.wait_for_unit("${if useNftables then "nftables" else "firewall"}.service") router.wait_for_unit("miniupnpd") + client1.systemctl("start network-online.target") client1.wait_for_unit("network-online.target") client1.succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP") diff --git a/nixpkgs/nixos/tests/uptermd.nix b/nixpkgs/nixos/tests/uptermd.nix index 429e3c9dd5ff..469aa5047c27 100644 --- a/nixpkgs/nixos/tests/uptermd.nix +++ b/nixpkgs/nixos/tests/uptermd.nix @@ -28,6 +28,7 @@ in start_all() server.wait_for_unit("uptermd.service") + server.systemctl("start network-online.target") server.wait_for_unit("network-online.target") # wait for upterm port to be reachable diff --git a/nixpkgs/nixos/tests/urn-timer.nix b/nixpkgs/nixos/tests/urn-timer.nix new file mode 100644 index 000000000000..10c5bef49b5b --- /dev/null +++ b/nixpkgs/nixos/tests/urn-timer.nix @@ -0,0 +1,26 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "urn-timer"; + meta = with pkgs.lib.maintainers; { + maintainers = [ fgaz ]; + }; + + nodes.machine = { config, pkgs, ... }: { + imports = [ + ./common/x11.nix + ]; + + services.xserver.enable = true; + environment.systemPackages = [ pkgs.urn-timer ]; + }; + + enableOCR = true; + + testScript = + '' + machine.wait_for_x() + machine.execute("urn-gtk ${pkgs.urn-timer.src}/splits_examples/sotn.json >&2 &") + machine.wait_for_window("urn") + machine.wait_for_text(r"(Mist|Bat|Reverse|Dracula)") + machine.screenshot("screen") + ''; +}) diff --git a/nixpkgs/nixos/tests/watchdogd.nix b/nixpkgs/nixos/tests/watchdogd.nix new file mode 100644 index 000000000000..663e97cbae10 --- /dev/null +++ b/nixpkgs/nixos/tests/watchdogd.nix @@ -0,0 +1,22 @@ +import ./make-test-python.nix ({ lib, ... }: { + name = "watchdogd"; + meta.maintainers = with lib.maintainers; [ vifino ]; + + nodes.machine = { pkgs, ... }: { + virtualisation.qemu.options = [ + "-device i6300esb" # virtual watchdog timer + ]; + boot.kernelModules = [ "i6300esb" ]; + services.watchdogd.enable = true; + services.watchdogd.settings = { + supervisor.enabled = true; + }; + }; + + testScript = '' + machine.wait_for_unit("watchdogd.service") + + assert "i6300ESB" in machine.succeed("watchdogctl status") + machine.succeed("watchdogctl test") + ''; +}) diff --git a/nixpkgs/nixos/tests/web-apps/netbox-upgrade.nix b/nixpkgs/nixos/tests/web-apps/netbox-upgrade.nix index b5403eb678bc..4c554e7ae613 100644 --- a/nixpkgs/nixos/tests/web-apps/netbox-upgrade.nix +++ b/nixpkgs/nixos/tests/web-apps/netbox-upgrade.nix @@ -1,6 +1,6 @@ import ../make-test-python.nix ({ lib, pkgs, ... }: let - oldNetbox = pkgs.netbox_3_5; - newNetbox = pkgs.netbox_3_6; + oldNetbox = pkgs.netbox_3_6; + newNetbox = pkgs.netbox_3_7; in { name = "netbox-upgrade"; diff --git a/nixpkgs/nixos/tests/web-apps/pretalx.nix b/nixpkgs/nixos/tests/web-apps/pretalx.nix new file mode 100644 index 000000000000..a226639b076b --- /dev/null +++ b/nixpkgs/nixos/tests/web-apps/pretalx.nix @@ -0,0 +1,31 @@ +{ lib, ... }: + +{ + name = "pretalx"; + meta.maintainers = lib.teams.c3d2.members; + + nodes = { + pretalx = { + networking.extraHosts = '' + 127.0.0.1 talks.local + ''; + + services.pretalx = { + enable = true; + nginx.domain = "talks.local"; + settings = { + site.url = "http://talks.local"; + }; + }; + }; + }; + + testScript = '' + start_all() + + pretalx.wait_for_unit("pretalx-web.service") + pretalx.wait_for_unit("pretalx-worker.service") + + pretalx.wait_until_succeeds("curl -q --fail http://talks.local/orga/") + ''; +} diff --git a/nixpkgs/nixos/tests/web-servers/stargazer.nix b/nixpkgs/nixos/tests/web-servers/stargazer.nix index 6365d6a4fff1..f56d1b8c9454 100644 --- a/nixpkgs/nixos/tests/web-servers/stargazer.nix +++ b/nixpkgs/nixos/tests/web-servers/stargazer.nix @@ -1,4 +1,41 @@ { pkgs, lib, ... }: +let + test_script = pkgs.stdenv.mkDerivation rec { + pname = "stargazer-test-script"; + inherit (pkgs.stargazer) version src; + buildInputs = with pkgs; [ (python3.withPackages (ps: with ps; [ cryptography ])) ]; + dontBuild = true; + doCheck = false; + installPhase = '' + mkdir -p $out/bin + cp scripts/gemini-diagnostics $out/bin/test + ''; + }; + test_env = pkgs.stdenv.mkDerivation rec { + pname = "stargazer-test-env"; + inherit (pkgs.stargazer) version src; + buildPhase = '' + cc test_data/cgi-bin/loop.c -o test_data/cgi-bin/loop + ''; + doCheck = false; + installPhase = '' + mkdir -p $out + cp -r * $out/ + ''; + }; + scgi_server = pkgs.stdenv.mkDerivation rec { + pname = "stargazer-test-scgi-server"; + inherit (pkgs.stargazer) version src; + buildInputs = with pkgs; [ python3 ]; + dontConfigure = true; + dontBuild = true; + doCheck = false; + installPhase = '' + mkdir -p $out/bin + cp scripts/scgi-server $out/bin/scgi-server + ''; + }; +in { name = "stargazer"; meta = with lib.maintainers; { maintainers = [ gaykitty ]; }; @@ -7,25 +44,84 @@ geminiserver = { pkgs, ... }: { services.stargazer = { enable = true; + connectionLogging = false; + requestTimeout = 1; routes = [ { route = "localhost"; - root = toString (pkgs.writeTextDir "index.gmi" '' - # Hello NixOS! - ''); + root = "${test_env}/test_data/test_site"; + } + { + route = "localhost=/en.gmi"; + root = "${test_env}/test_data/test_site"; + lang = "en"; + charset = "ascii"; + } + { + route = "localhost~/(.*).gemini"; + root = "${test_env}/test_data/test_site"; + rewrite = "\\1.gmi"; + lang = "en"; + charset = "ascii"; + } + { + route = "localhost=/plain.txt"; + root = "${test_env}/test_data/test_site"; + lang = "en"; + charset = "ascii"; + cert-path = "/var/lib/gemini/certs/localhost.crt"; + key-path = "/var/lib/gemini/certs/localhost.key"; + } + { + route = "localhost:/cgi-bin"; + root = "${test_env}/test_data"; + cgi = true; + cgi-timeout = 5; + } + { + route = "localhost:/scgi"; + scgi = true; + scgi-address = "127.0.0.1:1099"; + } + { + route = "localhost=/root"; + redirect = ".."; + permanent = true; + } + { + route = "localhost=/priv.gmi"; + root = "${test_env}/test_data/test_site"; + client-cert = "${test_env}/test_data/client_cert/good.crt"; + } + { + route = "example.com~(.*)"; + redirect = "gemini://localhost"; + rewrite = "\\1"; + } + { + route = "localhost:/no-exist"; + root = "./does_not_exist"; } ]; }; + systemd.services.scgi_server = { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${scgi_server}/bin/scgi-server"; + }; + }; }; }; testScript = { nodes, ... }: '' + geminiserver.wait_for_unit("scgi_server") + geminiserver.wait_for_open_port(1099) geminiserver.wait_for_unit("stargazer") geminiserver.wait_for_open_port(1965) - with subtest("check is serving over gemini"): - response = geminiserver.succeed("${pkgs.gemget}/bin/gemget --header -o - gemini://localhost:1965") + with subtest("stargazer test suite"): + response = geminiserver.succeed("sh -c 'cd ${test_env}; ${test_script}/bin/test'") print(response) - assert "Hello NixOS!" in response ''; } diff --git a/nixpkgs/nixos/tests/web-servers/ttyd.nix b/nixpkgs/nixos/tests/web-servers/ttyd.nix new file mode 100644 index 000000000000..d161673684b3 --- /dev/null +++ b/nixpkgs/nixos/tests/web-servers/ttyd.nix @@ -0,0 +1,19 @@ +import ../make-test-python.nix ({ lib, pkgs, ... }: { + name = "ttyd"; + meta.maintainers = with lib.maintainers; [ stunkymonkey ]; + + nodes.machine = { pkgs, ... }: { + services.ttyd = { + enable = true; + username = "foo"; + passwordFile = pkgs.writeText "password" "bar"; + }; + }; + + testScript = '' + machine.wait_for_unit("ttyd.service") + machine.wait_for_open_port(7681) + response = machine.succeed("curl -vvv -u foo:bar -s -H 'Host: ttyd' http://127.0.0.1:7681/") + assert '<title>ttyd - Terminal</title>' in response, "Page didn't load successfully" + ''; +}) diff --git a/nixpkgs/nixos/tests/zfs.nix b/nixpkgs/nixos/tests/zfs.nix index 8fedcf095af6..0b411b0b9d8a 100644 --- a/nixpkgs/nixos/tests/zfs.nix +++ b/nixpkgs/nixos/tests/zfs.nix @@ -8,12 +8,9 @@ with import ../lib/testing-python.nix { inherit system pkgs; }; let makeZfsTest = name: - { kernelPackage ? if enableUnstable - then pkgs.zfsUnstable.latestCompatibleLinuxPackages - else pkgs.linuxPackages - , enableUnstable ? false + { kernelPackages , enableSystemdStage1 ? false - , zfsPackage ? if enableUnstable then pkgs.zfs else pkgs.zfsUnstable + , zfsPackage , extraTest ? "" }: makeTest { @@ -35,7 +32,7 @@ let boot.loader.timeout = 0; boot.loader.efi.canTouchEfiVariables = true; networking.hostId = "deadbeef"; - boot.kernelPackages = kernelPackage; + boot.kernelPackages = kernelPackages; boot.zfs.package = zfsPackage; boot.supportedFilesystems = [ "zfs" ]; boot.initrd.systemd.enable = enableSystemdStage1; @@ -197,16 +194,22 @@ in { # maintainer: @raitobezarius series_2_1 = makeZfsTest "2.1-series" { zfsPackage = pkgs.zfs_2_1; + kernelPackages = pkgs.linuxPackages; }; - stable = makeZfsTest "stable" { }; + stable = makeZfsTest "stable" { + zfsPackage = pkgs.zfsStable; + kernelPackages = pkgs.linuxPackages; + }; - unstable = makeZfsTest "unstable" { - enableUnstable = true; + unstable = makeZfsTest "unstable" rec { + zfsPackage = pkgs.zfsUnstable; + kernelPackages = zfsPackage.latestCompatibleLinuxPackages; }; - unstableWithSystemdStage1 = makeZfsTest "unstable" { - enableUnstable = true; + unstableWithSystemdStage1 = makeZfsTest "unstable" rec { + zfsPackage = pkgs.zfsUnstable; + kernelPackages = zfsPackage.latestCompatibleLinuxPackages; enableSystemdStage1 = true; }; diff --git a/nixpkgs/nixos/tests/zigbee2mqtt.nix b/nixpkgs/nixos/tests/zigbee2mqtt.nix index 1a40d175df83..9d6d03a4b9bb 100644 --- a/nixpkgs/nixos/tests/zigbee2mqtt.nix +++ b/nixpkgs/nixos/tests/zigbee2mqtt.nix @@ -3,6 +3,15 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: name = "zigbee2mqtt"; nodes.machine = { pkgs, ... }: { + systemd.services.dummy-serial = { + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + ExecStart = "${pkgs.socat}/bin/socat pty,link=/dev/ttyACM0,mode=666 pty,link=/dev/ttyACM1"; + }; + }; + services.zigbee2mqtt = { enable = true; }; @@ -11,10 +20,10 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: }; testScript = '' - machine.wait_for_unit("zigbee2mqtt.service") + machine.wait_for_unit("multi-user.target") machine.wait_until_fails("systemctl status zigbee2mqtt.service") machine.succeed( - "journalctl -eu zigbee2mqtt | grep \"Error: Error while opening serialport 'Error: Error: No such file or directory, cannot open /dev/ttyACM0'\"" + "journalctl -eu zigbee2mqtt | grep 'Failed to connect to the adapter'" ) machine.log(machine.succeed("systemd-analyze security zigbee2mqtt.service")) diff --git a/nixpkgs/nixos/tests/zrepl.nix b/nixpkgs/nixos/tests/zrepl.nix index b16c7eddc7ae..bdf11122c73f 100644 --- a/nixpkgs/nixos/tests/zrepl.nix +++ b/nixpkgs/nixos/tests/zrepl.nix @@ -42,6 +42,7 @@ import ./make-test-python.nix ( start_all() with subtest("Wait for zrepl and network ready"): + host.systemctl("start network-online.target") host.wait_for_unit("network-online.target") host.wait_for_unit("zrepl.service") |