diff options
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/all-tests.nix | 2 | ||||
| -rw-r--r-- | nixos/tests/incus/container.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/default.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/lxd-to-incus.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/openvswitch.nix | 65 | ||||
| -rw-r--r-- | nixos/tests/incus/preseed.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/socket-activated.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/ui.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/incus/virtual-machine.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/miriway.nix | 4 | ||||
| -rw-r--r-- | nixos/tests/nebula.nix | 6 | ||||
| -rw-r--r-- | nixos/tests/ollama.nix | 56 | ||||
| -rw-r--r-- | nixos/tests/pass-secret-service.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/pgvecto-rs.nix | 76 | ||||
| -rw-r--r-- | nixos/tests/privoxy.nix | 13 | ||||
| -rw-r--r-- | nixos/tests/web-apps/gotosocial.nix | 2 |
16 files changed, 227 insertions, 5 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 7376cd40b910..ac64b85dd486 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -640,6 +640,7 @@ in { nzbget = handleTest ./nzbget.nix {}; nzbhydra2 = handleTest ./nzbhydra2.nix {}; oh-my-zsh = handleTest ./oh-my-zsh.nix {}; + ollama = handleTest ./ollama.nix {}; ombi = handleTest ./ombi.nix {}; openarena = handleTest ./openarena.nix {}; openldap = handleTest ./openldap.nix {}; @@ -686,6 +687,7 @@ in { pgbouncer = handleTest ./pgbouncer.nix {}; pgjwt = handleTest ./pgjwt.nix {}; pgmanage = handleTest ./pgmanage.nix {}; + pgvecto-rs = handleTest ./pgvecto-rs.nix {}; phosh = handleTest ./phosh.nix {}; photoprism = handleTest ./photoprism.nix {}; php = handleTest ./php {}; diff --git a/nixos/tests/incus/container.nix b/nixos/tests/incus/container.nix index eb00429e53fe..9260f70da98c 100644 --- a/nixos/tests/incus/container.nix +++ b/nixos/tests/incus/container.nix @@ -29,6 +29,7 @@ in incus.enable = true; }; + networking.nftables.enable = true; }; testScript = '' diff --git a/nixos/tests/incus/default.nix b/nixos/tests/incus/default.nix index ff36fe9d6730..474a621c5ce9 100644 --- a/nixos/tests/incus/default.nix +++ b/nixos/tests/incus/default.nix @@ -11,6 +11,7 @@ boot.initrd.systemd.enable = true; }; }; lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; }; + openvswitch = import ./openvswitch.nix { inherit system pkgs; }; preseed = import ./preseed.nix { inherit system pkgs; }; socket-activated = import ./socket-activated.nix { inherit system pkgs; }; ui = import ./ui.nix {inherit system pkgs;}; diff --git a/nixos/tests/incus/lxd-to-incus.nix b/nixos/tests/incus/lxd-to-incus.nix index c0fc98c224df..262f63c0f26f 100644 --- a/nixos/tests/incus/lxd-to-incus.nix +++ b/nixos/tests/incus/lxd-to-incus.nix @@ -67,6 +67,7 @@ import ../make-test-python.nix ( incus.enable = true; }; + networking.nftables.enable = true; }; testScript = '' diff --git a/nixos/tests/incus/openvswitch.nix b/nixos/tests/incus/openvswitch.nix new file mode 100644 index 000000000000..5d4aef031ad0 --- /dev/null +++ b/nixos/tests/incus/openvswitch.nix @@ -0,0 +1,65 @@ +import ../make-test-python.nix ({ pkgs, lib, ... } : + +{ + name = "incus-openvswitch"; + + meta = { + maintainers = lib.teams.lxc.members; + }; + + nodes.machine = { lib, ... }: { + virtualisation = { + incus.enable = true; + vswitch.enable = true; + incus.preseed = { + networks = [ + { + name = "nixostestbr0"; + type = "bridge"; + config = { + "bridge.driver" = "openvswitch"; + "ipv4.address" = "10.0.100.1/24"; + "ipv4.nat" = "true"; + }; + } + ]; + profiles = [ + { + name = "nixostest_default"; + devices = { + eth0 = { + name = "eth0"; + network = "nixostestbr0"; + type = "nic"; + }; + root = { + path = "/"; + pool = "default"; + size = "35GiB"; + type = "disk"; + }; + }; + } + ]; + storage_pools = [ + { + name = "nixostest_pool"; + driver = "dir"; + } + ]; + }; + }; + networking.nftables.enable = true; + }; + + testScript = '' + machine.wait_for_unit("incus.service") + machine.wait_for_unit("incus-preseed.service") + + with subtest("Verify openvswitch bridge"): + machine.succeed("incus network info nixostestbr0") + + with subtest("Verify openvswitch bridge"): + machine.succeed("ovs-vsctl br-exists nixostestbr0") + ''; +}) diff --git a/nixos/tests/incus/preseed.nix b/nixos/tests/incus/preseed.nix index a488d71f3c92..f2d928115f3e 100644 --- a/nixos/tests/incus/preseed.nix +++ b/nixos/tests/incus/preseed.nix @@ -48,6 +48,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... } : ]; }; }; + networking.nftables.enable = true; }; testScript = '' diff --git a/nixos/tests/incus/socket-activated.nix b/nixos/tests/incus/socket-activated.nix index fca536b7054f..59caf1090fbd 100644 --- a/nixos/tests/incus/socket-activated.nix +++ b/nixos/tests/incus/socket-activated.nix @@ -12,6 +12,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... } : incus.enable = true; incus.socketActivation = true; }; + networking.nftables.enable = true; }; testScript = '' diff --git a/nixos/tests/incus/ui.nix b/nixos/tests/incus/ui.nix index 24ce1217d8df..837eb14844ce 100644 --- a/nixos/tests/incus/ui.nix +++ b/nixos/tests/incus/ui.nix @@ -10,6 +10,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: { incus.enable = true; incus.ui.enable = true; }; + networking.nftables.enable = true; environment.systemPackages = let diff --git a/nixos/tests/incus/virtual-machine.nix b/nixos/tests/incus/virtual-machine.nix index c76e4f448f2f..ab378c7b9490 100644 --- a/nixos/tests/incus/virtual-machine.nix +++ b/nixos/tests/incus/virtual-machine.nix @@ -32,6 +32,7 @@ in incus.enable = true; }; + networking.nftables.enable = true; }; testScript = '' diff --git a/nixos/tests/miriway.nix b/nixos/tests/miriway.nix index a0987d9fc41b..24e6ec6367cd 100644 --- a/nixos/tests/miriway.nix +++ b/nixos/tests/miriway.nix @@ -100,7 +100,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { # Test Wayland # We let Miriway start the first terminal, as we might get stuck if it's not ready to process the first keybind # machine.send_key("ctrl-alt-t") - machine.wait_for_text("alice@machine") + machine.wait_for_text(r"(alice|machine)") machine.send_chars("test-wayland\n") machine.wait_for_file("/tmp/test-wayland-exit-ok") machine.copy_from_vm("/tmp/test-wayland.out") @@ -112,7 +112,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { # Test XWayland machine.send_key("ctrl-alt-a") - machine.wait_for_text("alice@machine") + machine.wait_for_text(r"(alice|machine)") machine.send_chars("test-x11\n") machine.wait_for_file("/tmp/test-x11-exit-ok") machine.copy_from_vm("/tmp/test-x11.out") diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix index 89b91d89fcb3..6c468153d5b2 100644 --- a/nixos/tests/nebula.nix +++ b/nixos/tests/nebula.nix @@ -10,6 +10,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: let environment.systemPackages = [ pkgs.nebula ]; users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; services.openssh.enable = true; + networking.firewall.enable = true; # Implicitly true, but let's make sure. networking.interfaces.eth1.useDHCP = false; services.nebula.networks.smoke = { @@ -17,7 +18,10 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: let ca = "/etc/nebula/ca.crt"; cert = "/etc/nebula/${name}.crt"; key = "/etc/nebula/${name}.key"; - listen = { host = "0.0.0.0"; port = 4242; }; + listen = { + host = "0.0.0.0"; + port = if (config.services.nebula.networks.smoke.isLighthouse || config.services.nebula.networks.smoke.isRelay) then 4242 else 0; + }; }; } extraConfig diff --git a/nixos/tests/ollama.nix b/nixos/tests/ollama.nix new file mode 100644 index 000000000000..4b21f445cdbd --- /dev/null +++ b/nixos/tests/ollama.nix @@ -0,0 +1,56 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: +let + mainPort = "11434"; + altPort = "11435"; + + curlRequest = port: request: + "curl http://127.0.0.1:${port}/api/generate -d '${builtins.toJSON request}'"; + + prompt = { + model = "tinydolphin"; + prompt = "lorem ipsum"; + options = { + seed = 69; + temperature = 0; + }; + }; +in +{ + name = "ollama"; + meta = with lib.maintainers; { + maintainers = [ abysssol ]; + }; + + nodes = { + cpu = { ... }: { + services.ollama.enable = true; + }; + + rocm = { ... }: { + services.ollama.enable = true; + services.ollama.acceleration = "rocm"; + }; + + cuda = { ... }: { + services.ollama.enable = true; + services.ollama.acceleration = "cuda"; + }; + + altAddress = { ... }: { + services.ollama.enable = true; + services.ollama.listenAddress = "127.0.0.1:${altPort}"; + }; + }; + + testScript = '' + vms = [ cpu, rocm, cuda, altAddress ]; + + start_all() + for vm in vms: + vm.wait_for_unit("multi-user.target") + + stdout = cpu.succeed("""${curlRequest mainPort prompt}""", timeout=100) + + stdout = altAddress.succeed("""${curlRequest altPort prompt}""", timeout=100) + ''; +}) diff --git a/nixos/tests/pass-secret-service.nix b/nixos/tests/pass-secret-service.nix index e0dddf0ad29e..cdbdaa52dbc0 100644 --- a/nixos/tests/pass-secret-service.nix +++ b/nixos/tests/pass-secret-service.nix @@ -26,7 +26,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { programs.gnupg = { agent.enable = true; - agent.pinentryFlavor = "tty"; dirmngr.enable = true; }; }; diff --git a/nixos/tests/pgvecto-rs.nix b/nixos/tests/pgvecto-rs.nix new file mode 100644 index 000000000000..cd871dab6a0f --- /dev/null +++ b/nixos/tests/pgvecto-rs.nix @@ -0,0 +1,76 @@ +# mostly copied from ./timescaledb.nix which was copied from ./postgresql.nix +# as it seemed unapproriate to test additional extensions for postgresql there. + +{ system ? builtins.currentSystem +, config ? { } +, pkgs ? import ../.. { inherit system config; } +}: + +with import ../lib/testing-python.nix { inherit system pkgs; }; +with pkgs.lib; + +let + postgresql-versions = import ../../pkgs/servers/sql/postgresql pkgs; + # Test cases from https://docs.pgvecto.rs/use-cases/hybrid-search.html + test-sql = pkgs.writeText "postgresql-test" '' + CREATE EXTENSION vectors; + + CREATE TABLE items ( + id bigserial PRIMARY KEY, + content text NOT NULL, + embedding vectors.vector(3) NOT NULL -- 3 dimensions + ); + + INSERT INTO items (content, embedding) VALUES + ('a fat cat sat on a mat and ate a fat rat', '[1, 2, 3]'), + ('a fat dog sat on a mat and ate a fat rat', '[4, 5, 6]'), + ('a thin cat sat on a mat and ate a thin rat', '[7, 8, 9]'), + ('a thin dog sat on a mat and ate a thin rat', '[10, 11, 12]'); + ''; + make-postgresql-test = postgresql-name: postgresql-package: makeTest { + name = postgresql-name; + meta = with pkgs.lib.maintainers; { + maintainers = [ diogotcorreia ]; + }; + + nodes.machine = { ... }: + { + services.postgresql = { + enable = true; + package = postgresql-package; + extraPlugins = ps: with ps; [ + pgvecto-rs + ]; + settings.shared_preload_libraries = "vectors"; + }; + }; + + testScript = '' + def check_count(statement, lines): + return 'test $(sudo -u postgres psql postgres -tAc "{}"|wc -l) -eq {}'.format( + statement, lines + ) + + + machine.start() + machine.wait_for_unit("postgresql") + + with subtest("Postgresql with extension vectors is available just after unit start"): + machine.succeed(check_count("SELECT * FROM pg_available_extensions WHERE name = 'vectors' AND default_version = '${postgresql-package.pkgs.pgvecto-rs.version}';", 1)) + + machine.succeed("sudo -u postgres psql -f ${test-sql}") + + machine.succeed(check_count("SELECT content, embedding FROM items WHERE to_tsvector('english', content) @@ 'cat & rat'::tsquery;", 2)) + + machine.shutdown() + ''; + + }; + applicablePostgresqlVersions = filterAttrs (_: value: versionAtLeast value.version "12") postgresql-versions; +in +mapAttrs' + (name: package: { + inherit name; + value = make-postgresql-test name package; + }) + applicablePostgresqlVersions diff --git a/nixos/tests/privoxy.nix b/nixos/tests/privoxy.nix index 2d95c4522a01..2a18d332c877 100644 --- a/nixos/tests/privoxy.nix +++ b/nixos/tests/privoxy.nix @@ -77,6 +77,11 @@ in networking.proxy.httpsProxy = "http://localhost:8118"; }; + nodes.machine_socks4 = { ... }: { services.privoxy = { enable = true; settings.forward-socks4 = "/ 127.0.0.1:9050 ."; }; }; + nodes.machine_socks4a = { ... }: { services.privoxy = { enable = true; settings.forward-socks4a = "/ 127.0.0.1:9050 ."; }; }; + nodes.machine_socks5 = { ... }: { services.privoxy = { enable = true; settings.forward-socks5 = "/ 127.0.0.1:9050 ."; }; }; + nodes.machine_socks5t = { ... }: { services.privoxy = { enable = true; settings.forward-socks5t = "/ 127.0.0.1:9050 ."; }; }; + testScript = '' with subtest("Privoxy is running"): @@ -109,5 +114,13 @@ in machine.systemctl("start systemd-tmpfiles-clean") # ...and count again machine.succeed("test $(ls /run/privoxy/certs | wc -l) -eq 0") + + with subtest("Privoxy supports socks upstream proxies"): + for m in [machine_socks4, machine_socks4a, machine_socks5, machine_socks5t]: + m.wait_for_unit("privoxy") + m.wait_for_open_port(8118) + # We expect a 503 error because the dummy upstream proxy is not reachable. + # In issue #265654, instead privoxy segfaulted causing curl to exit with "Empty reply from server". + m.succeed("http_proxy=http://localhost:8118 curl -v http://does-not-exist/ 2>&1 | grep 'HTTP/1.1 503'") ''; }) diff --git a/nixos/tests/web-apps/gotosocial.nix b/nixos/tests/web-apps/gotosocial.nix index 6d279ab63a79..8c4e76b14e3b 100644 --- a/nixos/tests/web-apps/gotosocial.nix +++ b/nixos/tests/web-apps/gotosocial.nix @@ -1,7 +1,7 @@ { lib, ... }: { name = "gotosocial"; - meta.maintainers = with lib.maintainers; [ misuzu ]; + meta.maintainers = with lib.maintainers; [ misuzu blakesmith ]; nodes.machine = { pkgs, ... }: { environment.systemPackages = [ pkgs.jq ]; |