diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/acme.nix | 29 | ||||
-rw-r--r-- | nixos/tests/atd.nix | 1 | ||||
-rw-r--r-- | nixos/tests/codimd.nix | 56 | ||||
-rw-r--r-- | nixos/tests/common/letsencrypt/common.nix | 27 | ||||
-rw-r--r-- | nixos/tests/containers-imperative.nix | 8 | ||||
-rw-r--r-- | nixos/tests/docker-tools.nix | 11 | ||||
-rw-r--r-- | nixos/tests/ferm.nix | 4 | ||||
-rw-r--r-- | nixos/tests/gdk-pixbuf.nix | 6 | ||||
-rw-r--r-- | nixos/tests/hibernate.nix | 2 | ||||
-rw-r--r-- | nixos/tests/hound.nix | 2 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 87 | ||||
-rw-r--r-- | nixos/tests/misc.nix | 4 | ||||
-rw-r--r-- | nixos/tests/networking.nix | 4 | ||||
-rw-r--r-- | nixos/tests/nextcloud/basic.nix | 56 | ||||
-rw-r--r-- | nixos/tests/nextcloud/default.nix | 6 | ||||
-rw-r--r-- | nixos/tests/nextcloud/with-mysql-and-memcached.nix | 97 | ||||
-rw-r--r-- | nixos/tests/nextcloud/with-postgresql-and-redis.nix | 130 | ||||
-rw-r--r-- | nixos/tests/nix-ssh-serve.nix | 4 | ||||
-rw-r--r-- | nixos/tests/prosody.nix | 3 | ||||
-rw-r--r-- | nixos/tests/rspamd.nix | 54 | ||||
-rw-r--r-- | nixos/tests/yabar.nix | 16 |
21 files changed, 471 insertions, 136 deletions
diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index c7fd4910e072..4669a092433e 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -1,32 +1,5 @@ let - commonConfig = { lib, nodes, ... }: { - networking.nameservers = [ - nodes.letsencrypt.config.networking.primaryIPAddress - ]; - - nixpkgs.overlays = lib.singleton (self: super: { - cacert = super.cacert.overrideDerivation (drv: { - installPhase = (drv.installPhase or "") + '' - cat "${nodes.letsencrypt.config.test-support.letsencrypt.caCert}" \ - >> "$out/etc/ssl/certs/ca-bundle.crt" - ''; - }); - - # Override certifi so that it accepts fake certificate for Let's Encrypt - # Need to override the attribute used by simp_le, which is python3Packages - python3Packages = (super.python3.override { - packageOverrides = lib.const (pysuper: { - certifi = pysuper.certifi.overridePythonAttrs (attrs: { - postPatch = (attrs.postPatch or "") + '' - cat "${self.cacert}/etc/ssl/certs/ca-bundle.crt" \ - > certifi/cacert.pem - ''; - }); - }); - }).pkgs; - }); - }; - + commonConfig = ./common/letsencrypt/common.nix; in import ./make-test.nix { name = "acme"; diff --git a/nixos/tests/atd.nix b/nixos/tests/atd.nix index 9f367d4c1d2a..25db72799241 100644 --- a/nixos/tests/atd.nix +++ b/nixos/tests/atd.nix @@ -16,6 +16,7 @@ import ./make-test.nix ({ pkgs, ... }: testScript = '' startAll; + $machine->waitForUnit('atd.service'); # wait for atd to start $machine->fail("test -f ~root/at-1"); $machine->fail("test -f ~alice/at-1"); diff --git a/nixos/tests/codimd.nix b/nixos/tests/codimd.nix new file mode 100644 index 000000000000..9dedac96844a --- /dev/null +++ b/nixos/tests/codimd.nix @@ -0,0 +1,56 @@ +import ./make-test.nix ({ pkgs, lib, ... }: +{ + name = "codimd"; + + meta = with lib.maintainers; { + maintainers = [ willibutz ]; + }; + + nodes = { + codimdSqlite = { ... }: { + services = { + codimd = { + enable = true; + configuration.dbURL = "sqlite:///var/lib/codimd/codimd.db"; + }; + }; + }; + + codimdPostgres = { ... }: { + systemd.services.codimd.after = [ "postgresql.service" ]; + services = { + codimd = { + enable = true; + configuration.dbURL = "postgres://codimd:snakeoilpassword@localhost:5432/codimddb"; + }; + postgresql = { + enable = true; + initialScript = pkgs.writeText "pg-init-script.sql" '' + CREATE ROLE codimd LOGIN PASSWORD 'snakeoilpassword'; + CREATE DATABASE codimddb OWNER codimd; + ''; + }; + }; + }; + }; + + testScript = '' + startAll(); + + subtest "CodiMD sqlite", sub { + $codimdSqlite->waitForUnit("codimd.service"); + $codimdSqlite->waitForOpenPort(3000); + $codimdSqlite->sleep(10); # avoid 503 during startup + $codimdSqlite->succeed("curl -sSf http://localhost:3000/new"); + }; + + subtest "CodiMD postgres", sub { + $codimdPostgres->waitForUnit("postgresql.service"); + $codimdPostgres->waitForUnit("codimd.service"); + $codimdPostgres->waitForOpenPort(5432); + $codimdPostgres->waitForOpenPort(3000); + $codimdPostgres->sleep(10); # avoid 503 during startup + $codimdPostgres->succeed("curl -sSf http://localhost:3000/new"); + }; + ''; +}) diff --git a/nixos/tests/common/letsencrypt/common.nix b/nixos/tests/common/letsencrypt/common.nix new file mode 100644 index 000000000000..798a749f7f9b --- /dev/null +++ b/nixos/tests/common/letsencrypt/common.nix @@ -0,0 +1,27 @@ +{ lib, nodes, ... }: { + networking.nameservers = [ + nodes.letsencrypt.config.networking.primaryIPAddress + ]; + + nixpkgs.overlays = lib.singleton (self: super: { + cacert = super.cacert.overrideDerivation (drv: { + installPhase = (drv.installPhase or "") + '' + cat "${nodes.letsencrypt.config.test-support.letsencrypt.caCert}" \ + >> "$out/etc/ssl/certs/ca-bundle.crt" + ''; + }); + + # Override certifi so that it accepts fake certificate for Let's Encrypt + # Need to override the attribute used by simp_le, which is python3Packages + python3Packages = (super.python3.override { + packageOverrides = lib.const (pysuper: { + certifi = pysuper.certifi.overridePythonAttrs (attrs: { + postPatch = (attrs.postPatch or "") + '' + cat "${self.cacert}/etc/ssl/certs/ca-bundle.crt" \ + > certifi/cacert.pem + ''; + }); + }); + }).pkgs; + }); +} diff --git a/nixos/tests/containers-imperative.nix b/nixos/tests/containers-imperative.nix index 913d8bed19d0..6f86819f4e88 100644 --- a/nixos/tests/containers-imperative.nix +++ b/nixos/tests/containers-imperative.nix @@ -13,6 +13,7 @@ import ./make-test.nix ({ pkgs, ...} : { # XXX: Sandbox setup fails while trying to hardlink files from the host's # store file system into the prepared chroot directory. nix.useSandbox = false; + nix.binaryCaches = []; # don't try to access cache.nixos.org virtualisation.writableStore = true; virtualisation.memorySize = 1024; @@ -27,9 +28,10 @@ import ./make-test.nix ({ pkgs, ...} : { }; }; }; - in [ - pkgs.stdenv pkgs.stdenvNoCC emptyContainer.config.containers.foo.path - pkgs.libxslt + in with pkgs; [ + stdenv stdenvNoCC emptyContainer.config.containers.foo.path + libxslt desktop-file-utils texinfo docbook5 libxml2 + docbook_xsl_ns xorg.lndir documentation-highlighter ]; }; diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix index db4eacc37287..360b32faae72 100644 --- a/nixos/tests/docker-tools.nix +++ b/nixos/tests/docker-tools.nix @@ -20,7 +20,10 @@ import ./make-test.nix ({ pkgs, ... }: { '' $docker->waitForUnit("sockets.target"); + # Ensure Docker images use a stable date by default $docker->succeed("docker load --input='${pkgs.dockerTools.examples.bash}'"); + $docker->succeed("[ '1970-01-01T00:00:01Z' = \"\$(docker inspect ${pkgs.dockerTools.examples.bash.imageName} | ${pkgs.jq}/bin/jq -r .[].Created)\" ]"); + $docker->succeed("docker run --rm ${pkgs.dockerTools.examples.bash.imageName} bash --version"); $docker->succeed("docker rmi ${pkgs.dockerTools.examples.bash.imageName}"); @@ -51,5 +54,13 @@ import ./make-test.nix ({ pkgs, ... }: { $docker->succeed("docker run --rm runasrootextracommands cat extraCommands"); $docker->succeed("docker run --rm runasrootextracommands cat runAsRoot"); $docker->succeed("docker rmi '${pkgs.dockerTools.examples.runAsRootExtraCommands.imageName}'"); + + # Ensure Docker images can use an unstable date + $docker->succeed("docker load --input='${pkgs.dockerTools.examples.bash}'"); + $docker->succeed("[ '1970-01-01T00:00:01Z' != \"\$(docker inspect ${pkgs.dockerTools.examples.unstableDate.imageName} | ${pkgs.jq}/bin/jq -r .[].Created)\" ]"); + + # Ensure Layered Docker images work + $docker->succeed("docker load --input='${pkgs.dockerTools.examples.layered-image}'"); + $docker->succeed("docker run --rm ${pkgs.dockerTools.examples.layered-image.imageName}"); ''; }) diff --git a/nixos/tests/ferm.nix b/nixos/tests/ferm.nix index 24b74df85ad1..b8e8663e3ad2 100644 --- a/nixos/tests/ferm.nix +++ b/nixos/tests/ferm.nix @@ -11,6 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : { with pkgs.lib; { networking = { + dhcpcd.enable = false; interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::2"; prefixLength = 64; } ]; interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.2"; prefixLength = 24; } ]; }; @@ -20,6 +21,7 @@ import ./make-test.nix ({ pkgs, ...} : { with pkgs.lib; { networking = { + dhcpcd.enable = false; interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ]; interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ]; }; @@ -51,7 +53,7 @@ import ./make-test.nix ({ pkgs, ...} : { '' startAll; - $client->waitForUnit("network.target"); + $client->waitForUnit("network-online.target"); $server->waitForUnit("ferm.service"); $server->waitForUnit("nginx.service"); $server->waitUntilSucceeds("ss -ntl | grep -q 80"); diff --git a/nixos/tests/gdk-pixbuf.nix b/nixos/tests/gdk-pixbuf.nix index b20f61b5ffe2..005c5111da2b 100644 --- a/nixos/tests/gdk-pixbuf.nix +++ b/nixos/tests/gdk-pixbuf.nix @@ -10,10 +10,12 @@ import ./make-test.nix ({ pkgs, ... }: { environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; environment.variables.XDG_DATA_DIRS = [ "${pkgs.gdk_pixbuf.installedTests}/share" ]; - virtualisation.memorySize = 4096; # Tests allocate a lot of memory trying to exploit a CVE + # Tests allocate a lot of memory trying to exploit a CVE + # but qemu-system-i386 has a 2047M memory limit + virtualisation.memorySize = if pkgs.stdenv.isi686 then 2047 else 4096; }; testScript = '' - $machine->succeed("gnome-desktop-testing-runner"); + $machine->succeed("gnome-desktop-testing-runner -t 1800"); # increase timeout to 1800s ''; }) diff --git a/nixos/tests/hibernate.nix b/nixos/tests/hibernate.nix index 1f98bb739f21..274aa7becc82 100644 --- a/nixos/tests/hibernate.nix +++ b/nixos/tests/hibernate.nix @@ -35,8 +35,8 @@ import ./make-test.nix (pkgs: { $machine->waitForOpenPort(4444); $machine->succeed("systemctl hibernate &"); $machine->waitForShutdown; + $probe->waitForUnit("multi-user.target"); $machine->start; - $probe->waitForUnit("network.target"); $probe->waitUntilSucceeds("echo test | nc machine 4444 -N"); ''; diff --git a/nixos/tests/hound.nix b/nixos/tests/hound.nix index f21c0ad58a85..cb8e25332c07 100644 --- a/nixos/tests/hound.nix +++ b/nixos/tests/hound.nix @@ -52,7 +52,7 @@ import ./make-test.nix ({ pkgs, ... } : { $machine->waitForUnit("network.target"); $machine->waitForUnit("hound.service"); $machine->waitForOpenPort(6080); - $machine->succeed('curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep "Filename" | grep "hello"'); + $machine->waitUntilSucceeds('curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep "Filename" | grep "hello"'); ''; }) diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 3d31c8dc4457..3f9fa0e6016c 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -282,9 +282,9 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary linux-swap 1M 1024M", - "parted --script /dev/vda -- mkpart primary ext2 1024M -1s", + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary linux-swap 1M 1024M" + . " mkpart primary ext2 1024M -1s", "udevadm settle", "mkswap /dev/vda1 -L swap", "swapon -L swap", @@ -299,11 +299,11 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel gpt", - "parted --script /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot - "parted --script /dev/vda -- set 1 boot on", - "parted --script /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB", - "parted --script /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # / + "flock /dev/vda parted --script /dev/vda -- mklabel gpt" + . " mkpart ESP fat32 1M 50MiB" # /boot + . " set 1 boot on" + . " mkpart primary linux-swap 50MiB 1024MiB" + . " mkpart primary ext2 1024MiB -1MiB", # / "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -321,11 +321,11 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel gpt", - "parted --script /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot - "parted --script /dev/vda -- set 1 boot on", - "parted --script /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB", - "parted --script /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # / + "flock /dev/vda parted --script /dev/vda -- mklabel gpt" + . " mkpart ESP fat32 1M 50MiB" # /boot + . " set 1 boot on" + . " mkpart primary linux-swap 50MiB 1024MiB" + . " mkpart primary ext2 1024MiB -1MiB", # / "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -345,10 +345,10 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary ext2 1M 50MB", # /boot - "parted --script /dev/vda -- mkpart primary linux-swap 50MB 1024M", - "parted --script /dev/vda -- mkpart primary ext2 1024M -1s", # / + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary ext2 1M 50MB" # /boot + . " mkpart primary linux-swap 50MB 1024M" + . " mkpart primary ext2 1024M -1s", # / "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -366,10 +366,10 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary ext2 1M 50MB", # /boot - "parted --script /dev/vda -- mkpart primary linux-swap 50MB 1024M", - "parted --script /dev/vda -- mkpart primary ext2 1024M -1s", # / + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary ext2 1M 50MB" # /boot + . " mkpart primary linux-swap 50MB 1024M" + . " mkpart primary ext2 1024M -1s", # / "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -402,9 +402,9 @@ in { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary linux-swap 1M 1024M", - "parted --script /dev/vda -- mkpart primary 1024M -1s", + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary linux-swap 1M 1024M" + . " mkpart primary 1024M -1s", "udevadm settle", "mkswap /dev/vda1 -L swap", @@ -425,11 +425,11 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary 1M 2048M", # PV1 - "parted --script /dev/vda -- set 1 lvm on", - "parted --script /dev/vda -- mkpart primary 2048M -1s", # PV2 - "parted --script /dev/vda -- set 2 lvm on", + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary 1M 2048M" # PV1 + . " set 1 lvm on" + . " mkpart primary 2048M -1s" # PV2 + . " set 2 lvm on", "udevadm settle", "pvcreate /dev/vda1 /dev/vda2", "vgcreate MyVolGroup /dev/vda1 /dev/vda2", @@ -447,10 +447,10 @@ in { luksroot = makeInstallerTest "luksroot" { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary ext2 1M 50MB", # /boot - "parted --script /dev/vda -- mkpart primary linux-swap 50M 1024M", - "parted --script /dev/vda -- mkpart primary 1024M -1s", # LUKS + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary ext2 1M 50MB" # /boot + . " mkpart primary linux-swap 50M 1024M" + . " mkpart primary 1024M -1s", # LUKS "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -481,11 +481,11 @@ in { filesystemEncryptedWithKeyfile = makeInstallerTest "filesystemEncryptedWithKeyfile" { createPartitions = '' $machine->succeed( - "parted --script /dev/vda mklabel msdos", - "parted --script /dev/vda -- mkpart primary ext2 1M 50MB", # /boot - "parted --script /dev/vda -- mkpart primary linux-swap 50M 1024M", - "parted --script /dev/vda -- mkpart primary 1024M 1280M", # LUKS with keyfile - "parted --script /dev/vda -- mkpart primary 1280M -1s", + "flock /dev/vda parted --script /dev/vda -- mklabel msdos" + . " mkpart primary ext2 1M 50MB" # /boot + . " mkpart primary linux-swap 50M 1024M" + . " mkpart primary 1024M 1280M" # LUKS with keyfile + . " mkpart primary 1280M -1s", "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", @@ -520,7 +520,7 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/vda --" + "flock /dev/vda parted --script /dev/vda --" . " mklabel msdos" . " mkpart primary ext2 1M 100MB" # /boot . " mkpart extended 100M -1s" @@ -531,8 +531,10 @@ in { "udevadm settle", "ls -l /dev/vda* >&2", "cat /proc/partitions >&2", + "udevadm control --stop-exec-queue", "mdadm --create --force /dev/md0 --metadata 1.2 --level=raid1 --raid-devices=2 /dev/vda5 /dev/vda6", "mdadm --create --force /dev/md1 --metadata 1.2 --level=raid1 --raid-devices=2 /dev/vda7 /dev/vda8", + "udevadm control --start-exec-queue", "udevadm settle", "mkswap -f /dev/md1 -L swap", "swapon -L swap", @@ -555,14 +557,15 @@ in { { createPartitions = '' $machine->succeed( - "parted --script /dev/sda mklabel msdos", - "parted --script /dev/sda -- mkpart primary linux-swap 1M 1024M", - "parted --script /dev/sda -- mkpart primary ext2 1024M -1s", + "flock /dev/sda parted --script /dev/sda -- mklabel msdos" + . " mkpart primary linux-swap 1M 1024M" + . " mkpart primary ext2 1024M -1s", "udevadm settle", "mkswap /dev/sda1 -L swap", "swapon -L swap", "mkfs.ext3 -L nixos /dev/sda2", "mount LABEL=nixos /mnt", + "mkdir -p /mnt/tmp", ); ''; grubVersion = 1; diff --git a/nixos/tests/misc.nix b/nixos/tests/misc.nix index b0bc1d083b16..3ad55651b112 100644 --- a/nixos/tests/misc.nix +++ b/nixos/tests/misc.nix @@ -14,7 +14,7 @@ import ./make-test.nix ({ pkgs, ...} : rec { { swapDevices = mkOverride 0 [ { device = "/root/swapfile"; size = 128; } ]; environment.variables.EDITOR = mkOverride 0 "emacs"; - services.nixosManual.enable = mkOverride 0 true; + documentation.nixos.enable = mkOverride 0 true; systemd.tmpfiles.rules = [ "d /tmp 1777 root root 10d" ]; fileSystems = mkVMOverride { "/tmp2" = { fsType = "tmpfs"; @@ -78,6 +78,8 @@ import ./make-test.nix ({ pkgs, ...} : rec { # Test whether we have a reboot record in wtmp. subtest "reboot-wtmp", sub { + $machine->shutdown; + $machine->waitForUnit('multi-user.target'); $machine->succeed("last | grep reboot >&2"); }; diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 02bd4bd98079..87a8c4c0e196 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -467,7 +467,7 @@ let # Wait for networking to come up $machine->start; - $machine->waitForUnit("network.target"); + $machine->waitForUnit("network-online.target"); # Test interfaces set up my $list = $machine->succeed("ip tuntap list | sort"); @@ -479,7 +479,9 @@ let # Test interfaces clean up $machine->succeed("systemctl stop network-addresses-tap0"); + $machine->sleep(10); $machine->succeed("systemctl stop network-addresses-tun0"); + $machine->sleep(10); my $residue = $machine->succeed("ip tuntap list"); $residue eq "" or die( "Some virtual interface has not been properly cleaned:\n", diff --git a/nixos/tests/nextcloud/basic.nix b/nixos/tests/nextcloud/basic.nix new file mode 100644 index 000000000000..c3b710f0f904 --- /dev/null +++ b/nixos/tests/nextcloud/basic.nix @@ -0,0 +1,56 @@ +import ../make-test.nix ({ pkgs, ...}: let + adminpass = "notproduction"; + adminuser = "root"; +in { + name = "nextcloud-basic"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ globin eqyiel ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + nginx.enable = true; + hostName = "nextcloud"; + config = { + # Don't inherit adminuser since "root" is supposed to be the default + inherit adminpass; + }; + }; + }; + }; + + testScript = let + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.stdenv.shell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + "''${@}" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.stdenv.shell} + echo 'hi' | ${withRcloneEnv} ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.stdenv.shell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + startAll(); + $nextcloud->waitForUnit("multi-user.target"); + $nextcloud->succeed("curl -sSf http://nextcloud/login"); + $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); + $client->waitForUnit("multi-user.target"); + $client->succeed("${withRcloneEnv} ${diffSharedFile}"); + ''; +}) diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix new file mode 100644 index 000000000000..66da6794b961 --- /dev/null +++ b/nixos/tests/nextcloud/default.nix @@ -0,0 +1,6 @@ +{ system ? builtins.currentSystem }: +{ + basic = import ./basic.nix { inherit system; }; + with-postgresql-and-redis = import ./with-postgresql-and-redis.nix { inherit system; }; + with-mysql-and-memcached = import ./with-mysql-and-memcached.nix { inherit system; }; +} diff --git a/nixos/tests/nextcloud/with-mysql-and-memcached.nix b/nixos/tests/nextcloud/with-mysql-and-memcached.nix new file mode 100644 index 000000000000..c0d347238b47 --- /dev/null +++ b/nixos/tests/nextcloud/with-mysql-and-memcached.nix @@ -0,0 +1,97 @@ +import ../make-test.nix ({ pkgs, ...}: let + adminpass = "hunter2"; + adminuser = "root"; +in { + name = "nextcloud-with-mysql-and-memcached"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ eqyiel ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + hostName = "nextcloud"; + nginx.enable = true; + https = true; + caching = { + apcu = true; + redis = false; + memcached = true; + }; + config = { + dbtype = "mysql"; + dbname = "nextcloud"; + dbuser = "nextcloud"; + dbhost = "127.0.0.1"; + dbport = 3306; + dbpass = "hunter2"; + # Don't inherit adminuser since "root" is supposed to be the default + inherit adminpass; + }; + }; + + services.mysql = { + enable = true; + bind = "127.0.0.1"; + package = pkgs.mariadb; + initialScript = pkgs.writeText "mysql-init" '' + CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'hunter2'; + CREATE DATABASE IF NOT EXISTS nextcloud; + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, + CREATE TEMPORARY TABLES ON nextcloud.* TO 'nextcloud'@'localhost' + IDENTIFIED BY 'hunter2'; + FLUSH privileges; + ''; + }; + + systemd.services."nextcloud-setup"= { + requires = ["mysql.service"]; + after = ["mysql.service"]; + }; + + services.memcached.enable = true; + }; + }; + + testScript = let + configureMemcached = pkgs.writeScript "configure-memcached" '' + #!${pkgs.stdenv.shell} + nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string + nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer + nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string + nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string + ''; + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.stdenv.shell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.stdenv.shell} + echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.stdenv.shell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + startAll(); + $nextcloud->waitForUnit("multi-user.target"); + $nextcloud->succeed("${configureMemcached}"); + $nextcloud->succeed("curl -sSf http://nextcloud/login"); + $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); + $client->waitForUnit("multi-user.target"); + $client->succeed("${withRcloneEnv} ${diffSharedFile}"); + + ''; +}) diff --git a/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixos/tests/nextcloud/with-postgresql-and-redis.nix new file mode 100644 index 000000000000..0351d4db69ac --- /dev/null +++ b/nixos/tests/nextcloud/with-postgresql-and-redis.nix @@ -0,0 +1,130 @@ +import ../make-test.nix ({ pkgs, ...}: let + adminpass = "hunter2"; + adminuser = "custom-admin-username"; +in { + name = "nextcloud-with-postgresql-and-redis"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ eqyiel ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + hostName = "nextcloud"; + nginx.enable = true; + caching = { + apcu = false; + redis = true; + memcached = false; + }; + config = { + dbtype = "pgsql"; + dbname = "nextcloud"; + dbuser = "nextcloud"; + dbhost = "localhost"; + dbpassFile = toString (pkgs.writeText "db-pass-file" '' + hunter2 + ''); + inherit adminuser; + adminpassFile = toString (pkgs.writeText "admin-pass-file" '' + ${adminpass} + ''); + }; + }; + + services.redis = { + unixSocket = "/var/run/redis/redis.sock"; + enable = true; + extraConfig = '' + unixsocketperm 770 + ''; + }; + + systemd.services.redis = { + preStart = '' + mkdir -p /var/run/redis + chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis + ''; + serviceConfig.PermissionsStartOnly = true; + }; + + systemd.services."nextcloud-setup"= { + requires = ["postgresql.service"]; + after = [ + "postgresql.service" + "chown-redis-socket.service" + ]; + }; + + # At the time of writing, redis creates its socket with the "nobody" + # group. I figure this is slightly less bad than making the socket world + # readable. + systemd.services."chown-redis-socket" = { + enable = true; + script = '' + until ${pkgs.redis}/bin/redis-cli ping; do + echo "waiting for redis..." + sleep 1 + done + chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis/redis.sock + ''; + after = [ "redis.service" ]; + requires = [ "redis.service" ]; + wantedBy = [ "redis.service" ]; + serviceConfig = { + Type = "oneshot"; + }; + }; + + services.postgresql = { + enable = true; + initialScript = pkgs.writeText "psql-init" '' + create role nextcloud with login password 'hunter2'; + create database nextcloud with owner nextcloud; + ''; + }; + }; + }; + + testScript = let + configureRedis = pkgs.writeScript "configure-redis" '' + #!${pkgs.stdenv.shell} + nextcloud-occ config:system:set redis 'host' --value '/var/run/redis/redis.sock' --type string + nextcloud-occ config:system:set redis 'port' --value 0 --type integer + nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string + nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string + ''; + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.stdenv.shell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + "''${@}" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.stdenv.shell} + echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.stdenv.shell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + startAll(); + $nextcloud->waitForUnit("multi-user.target"); + $nextcloud->succeed("${configureRedis}"); + $nextcloud->succeed("curl -sSf http://nextcloud/login"); + $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); + $client->waitForUnit("multi-user.target"); + $client->succeed("${withRcloneEnv} ${diffSharedFile}"); + ''; +}) diff --git a/nixos/tests/nix-ssh-serve.nix b/nixos/tests/nix-ssh-serve.nix index aa366d8612d7..494d55121eb1 100644 --- a/nixos/tests/nix-ssh-serve.nix +++ b/nixos/tests/nix-ssh-serve.nix @@ -14,8 +14,8 @@ in keys = [ snakeOilPublicKey ]; protocol = "ssh-ng"; }; - server.nix.package = pkgs.nixUnstable; - client.nix.package = pkgs.nixUnstable; + server.nix.package = pkgs.nix; + client.nix.package = pkgs.nix; }; testScript = '' startAll; diff --git a/nixos/tests/prosody.nix b/nixos/tests/prosody.nix index 5d33aaf8d65d..61ae5bb38ed9 100644 --- a/nixos/tests/prosody.nix +++ b/nixos/tests/prosody.nix @@ -6,6 +6,9 @@ import ./make-test.nix { enable = true; # TODO: use a self-signed certificate c2sRequireEncryption = false; + extraConfig = '' + storage = "sql" + ''; }; environment.systemPackages = let sendMessage = pkgs.writeScriptBin "send-message" '' diff --git a/nixos/tests/rspamd.nix b/nixos/tests/rspamd.nix index 6b2e2dd3a531..a12622b6aa0b 100644 --- a/nixos/tests/rspamd.nix +++ b/nixos/tests/rspamd.nix @@ -13,13 +13,10 @@ let $machine->succeed("[[ \"\$(stat -c %G ${socket})\" == \"${group}\" ]]"); $machine->succeed("[[ \"\$(stat -c %a ${socket})\" == \"${mode}\" ]]"); ''; - simple = name: socketActivation: enableIPv6: makeTest { + simple = name: enableIPv6: makeTest { name = "rspamd-${name}"; machine = { - services.rspamd = { - enable = true; - socketActivation = socketActivation; - }; + services.rspamd.enable = true; networking.enableIPv6 = enableIPv6; }; testScript = '' @@ -32,13 +29,6 @@ let sleep 10; $machine->log($machine->succeed("cat /etc/rspamd.conf")); $machine->log($machine->succeed("systemctl cat rspamd.service")); - ${if socketActivation then '' - $machine->log($machine->succeed("systemctl cat rspamd-controller-1.socket")); - $machine->log($machine->succeed("systemctl cat rspamd-normal-1.socket")); - '' else '' - $machine->fail("systemctl cat rspamd-controller-1.socket"); - $machine->fail("systemctl cat rspamd-normal-1.socket"); - ''} $machine->log($machine->succeed("curl http://localhost:11334/auth")); $machine->log($machine->succeed("curl http://127.0.0.1:11334/auth")); ${optionalString enableIPv6 '' @@ -48,10 +38,8 @@ let }; in { - simple = simple "simple" false true; - ipv4only = simple "ipv4only" false false; - simple-socketActivated = simple "simple-socketActivated" true true; - ipv4only-socketActivated = simple "ipv4only-socketActivated" true false; + simple = simple "simple" true; + ipv4only = simple "ipv4only" false; deprecated = makeTest { name = "rspamd-deprecated"; machine = { @@ -68,7 +56,6 @@ in ${checkSocket "/run/rspamd.sock" "root" "root" "600" } ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" } $machine->log($machine->succeed("cat /etc/rspamd.conf")); - $machine->fail("systemctl cat rspamd-normal-1.socket"); $machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat")); $machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")); ''; @@ -79,7 +66,6 @@ in machine = { services.rspamd = { enable = true; - socketActivation = false; workers.normal.bindSockets = [{ socket = "/run/rspamd.sock"; mode = "0600"; @@ -101,38 +87,6 @@ in ${checkSocket "/run/rspamd.sock" "root" "root" "600" } ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" } $machine->log($machine->succeed("cat /etc/rspamd.conf")); - $machine->fail("systemctl cat rspamd-normal-1.socket"); - $machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat")); - $machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")); - ''; - }; - socketActivated = makeTest { - name = "rspamd-socketActivated"; - machine = { - services.rspamd = { - enable = true; - workers.normal.bindSockets = [{ - socket = "/run/rspamd.sock"; - mode = "0600"; - owner = "root"; - group = "root"; - }]; - workers.controller.bindSockets = [{ - socket = "/run/rspamd-worker.sock"; - mode = "0666"; - owner = "root"; - group = "root"; - }]; - }; - }; - - testScript = '' - startAll - $machine->waitForFile("/run/rspamd.sock"); - ${checkSocket "/run/rspamd.sock" "root" "root" "600" } - ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" } - $machine->log($machine->succeed("cat /etc/rspamd.conf")); - $machine->log($machine->succeed("systemctl cat rspamd-normal-1.socket")); $machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat")); $machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")); ''; diff --git a/nixos/tests/yabar.nix b/nixos/tests/yabar.nix index 06fe5bc2b278..bbc0cf4c7dd7 100644 --- a/nixos/tests/yabar.nix +++ b/nixos/tests/yabar.nix @@ -8,18 +8,26 @@ with lib; maintainers = [ ma27 ]; }; - nodes.yabar = { + machine = { imports = [ ./common/x11.nix ./common/user-account.nix ]; services.xserver.displayManager.auto.user = "bob"; programs.yabar.enable = true; + programs.yabar.bars = { + top.indicators.date.exec = "YABAR_DATE"; + }; }; testScript = '' - $yabar->start; - $yabar->waitForX; + $machine->start; + $machine->waitForX; - $yabar->waitForUnit("yabar.service", "bob"); + # confirm proper startup + $machine->waitForUnit("yabar.service", "bob"); + $machine->sleep(10); + $machine->waitForUnit("yabar.service", "bob"); + + $machine->screenshot("top_bar"); ''; }) |