diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1803.xml | 14 | ||||
-rw-r--r-- | nixos/lib/make-disk-image.nix | 29 | ||||
-rw-r--r-- | nixos/modules/installer/tools/nixos-prepare-root.sh | 25 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/databases/postgresql.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/nzbget.nix | 47 | ||||
-rw-r--r-- | nixos/modules/services/networking/babeld.nix | 8 | ||||
-rw-r--r-- | nixos/modules/services/networking/wpa_supplicant.nix | 60 | ||||
-rw-r--r-- | nixos/modules/services/search/solr.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/x11/desktop-managers/enlightenment.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/x11/fractalart.nix | 36 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 8 | ||||
-rw-r--r-- | nixos/release-combined.nix | 1 | ||||
-rw-r--r-- | nixos/release-small.nix | 1 | ||||
-rw-r--r-- | nixos/release.nix | 1 | ||||
-rw-r--r-- | nixos/tests/boot-stage1.nix | 5 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 51 | ||||
-rw-r--r-- | nixos/tests/php-pcre.nix | 44 |
18 files changed, 267 insertions, 70 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1803.xml b/nixos/doc/manual/release-notes/rl-1803.xml index 17b385242f6f..bc0edf3c1c06 100644 --- a/nixos/doc/manual/release-notes/rl-1803.xml +++ b/nixos/doc/manual/release-notes/rl-1803.xml @@ -86,8 +86,18 @@ following incompatible changes:</para> <itemizedlist> <listitem> <para> - ZNC option <option>services.znc.mutable</option> now defaults to <literal>true</literal>. - That means that old configuration is not overwritten by default when update to the znc options are made. + ZNC option <option>services.znc.mutable</option> now defaults to + <literal>true</literal>. That means that old configuration is not + overwritten by default when update to the znc options are made. + </para> + </listitem> + <listitem> + <para> + The option <option>networking.wireless.networks.<name>.auth</option> + has been added for wireless networks with WPA-Enterprise authentication. + There is also a new <option>extraConfig</option> option to directly + configure <literal>wpa_supplicant</literal> and <option>hidden</option> + to connect to hidden networks. </para> </listitem> </itemizedlist> diff --git a/nixos/lib/make-disk-image.nix b/nixos/lib/make-disk-image.nix index 9fa848301f60..bf25e0cab259 100644 --- a/nixos/lib/make-disk-image.nix +++ b/nixos/lib/make-disk-image.nix @@ -33,19 +33,25 @@ , name ? "nixos-disk-image" -, format ? "raw" +, # Disk image format, one of qcow2, qcow2-compressed, vpc, raw. + format ? "raw" }: with lib; -let - extensions = { +let format' = format; in let + + format = if (format' == "qcow2-compressed") then "qcow2" else format'; + + compress = optionalString (format' == "qcow2-compressed") "-c"; + + filename = "nixos." + { qcow2 = "qcow2"; vpc = "vhd"; raw = "img"; - }; + }.${format}; - nixpkgs = lib.cleanSource pkgs.path; + nixpkgs = cleanSource pkgs.path; channelSources = pkgs.runCommand "nixos-${config.system.nixosVersion}" {} '' mkdir -p $out @@ -73,7 +79,7 @@ let targets = map (x: x.target) contents; prepareImage = '' - export PATH=${pkgs.lib.makeSearchPathOutput "bin" "bin" prepareImageInputs} + export PATH=${makeSearchPathOutput "bin" "bin" prepareImageInputs} mkdir $out diskImage=nixos.raw @@ -87,7 +93,7 @@ let ''} mkfs.${fsType} -F -L nixos -E offset=$offset $diskImage - + root="$PWD/root" mkdir -p $root @@ -124,7 +130,7 @@ let fakeroot nixos-prepare-root $root ${channelSources} ${config.system.build.toplevel} closure echo "copying staging root to image..." - cptofs ${pkgs.lib.optionalString partitioned "-P 1"} -t ${fsType} -i $diskImage $root/* / + cptofs ${optionalString partitioned "-P 1"} -t ${fsType} -i $diskImage $root/* / ''; in pkgs.vmTools.runInLinuxVM ( pkgs.runCommand name @@ -133,12 +139,11 @@ in pkgs.vmTools.runInLinuxVM ( exportReferencesGraph = [ "closure" metaClosure ]; postVM = '' ${if format == "raw" then '' - mv $diskImage $out/nixos.img - diskImage=$out/nixos.img + mv $diskImage $out/${filename} '' else '' - ${pkgs.qemu}/bin/qemu-img convert -f raw -O ${format} $diskImage $out/nixos.${extensions.${format}} - diskImage=$out/nixos.${extensions.${format}} + ${pkgs.qemu}/bin/qemu-img convert -f raw -O ${format} ${compress} $diskImage $out/${filename} ''} + diskImage=$out/${filename} ${postVM} ''; memSize = 1024; diff --git a/nixos/modules/installer/tools/nixos-prepare-root.sh b/nixos/modules/installer/tools/nixos-prepare-root.sh index 0bd70d2d349c..ed5af234fec9 100644 --- a/nixos/modules/installer/tools/nixos-prepare-root.sh +++ b/nixos/modules/installer/tools/nixos-prepare-root.sh @@ -31,16 +31,16 @@ if ! test -e "$mountPoint"; then fi # Create a few of the standard directories in the target root directory. -mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home -mkdir -m 01777 -p $mountPoint/tmp -mkdir -m 0755 -p $mountPoint/tmp/root -mkdir -m 0755 -p $mountPoint/var -mkdir -m 0700 -p $mountPoint/root +install -m 0755 -d $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home +install -m 01777 -d $mountPoint/tmp +install -m 0755 -d $mountPoint/tmp/root +install -m 0755 -d $mountPoint/var +install -m 0700 -d $mountPoint/root ln -sf /run $mountPoint/var/run # Create the necessary Nix directories on the target device -mkdir -m 0755 -p \ +install -m 0755 -d \ $mountPoint/nix/var/nix/gcroots \ $mountPoint/nix/var/nix/temproots \ $mountPoint/nix/var/nix/userpool \ @@ -48,7 +48,7 @@ mkdir -m 0755 -p \ $mountPoint/nix/var/nix/db \ $mountPoint/nix/var/log/nix/drvs -mkdir -m 1775 -p $mountPoint/nix/store +install -m 1775 -d $mountPoint/nix/store # All Nix operations below should operate on our target store, not /nix/store. # N.B: this relies on Nix 1.12 or higher @@ -80,7 +80,7 @@ if [ ! -x $mountPoint/@shell@ ]; then echo "Error: @shell@ wasn't included in the closure" >&2 exit 1 fi -mkdir -m 0755 -p $mountPoint/bin +install -m 0755 -d $mountPoint/bin ln -sf @shell@ $mountPoint/bin/sh echo "setting the system closure to '$system'..." @@ -89,17 +89,16 @@ nix-env "${extraBuildFlags[@]}" -p $mountPoint/nix/var/nix/profiles/system --set ln -sfn /nix/var/nix/profiles/system $mountPoint/run/current-system # Copy the NixOS/Nixpkgs sources to the target as the initial contents of the NixOS channel. -mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles -mkdir -m 1777 -p $mountPoint/nix/var/nix/profiles/per-user -mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles/per-user/root +install -m 0755 -d $mountPoint/nix/var/nix/profiles +install -m 1777 -d $mountPoint/nix/var/nix/profiles/per-user +install -m 0755 -d $mountPoint/nix/var/nix/profiles/per-user/root if [ -z "$noChannelCopy" ] && [ -n "$channel" ]; then echo "copying channel..." nix-env --option build-use-substitutes false "${extraBuildFlags[@]}" -p $mountPoint/nix/var/nix/profiles/per-user/root/channels --set "$channel" --quiet fi -mkdir -m 0700 -p $mountPoint/root/.nix-defexpr +install -m 0700 -d $mountPoint/root/.nix-defexpr ln -sfn /nix/var/nix/profiles/per-user/root/channels $mountPoint/root/.nix-defexpr/channels # Mark the target as a NixOS installation, otherwise switch-to-configuration will chicken out. touch $mountPoint/etc/NIXOS - diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 99d3c0112f2a..27c3fb471a94 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -639,6 +639,7 @@ ./services/x11/display-managers/sddm.nix ./services/x11/display-managers/slim.nix ./services/x11/display-managers/xpra.nix + ./services/x11/fractalart.nix ./services/x11/hardware/libinput.nix ./services/x11/hardware/multitouch.nix ./services/x11/hardware/synaptics.nix diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index a23a0ebc7366..9b5e3735239f 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -153,7 +153,7 @@ in default= if versionAtLeast config.system.stateVersion "17.09" then "postgres" else "root"; internal = true; description = '' - NixOS traditionally used `root` as superuser, most other distros use `postgres`. + NixOS traditionally used 'root' as superuser, most other distros use 'postgres'. From 17.09 we also try to follow this standard. Internal since changing this value would lead to breakage while setting up databases. ''; diff --git a/nixos/modules/services/misc/nzbget.nix b/nixos/modules/services/misc/nzbget.nix index b39511624c80..a186d57ceba2 100644 --- a/nixos/modules/services/misc/nzbget.nix +++ b/nixos/modules/services/misc/nzbget.nix @@ -4,9 +4,7 @@ with lib; let cfg = config.services.nzbget; - nzbget = pkgs.nzbget; -in -{ + nzbget = pkgs.nzbget; in { options = { services.nzbget = { enable = mkEnableOption "NZBGet"; @@ -42,21 +40,41 @@ in p7zip ]; preStart = '' - test -d /var/lib/nzbget || { - echo "Creating nzbget state directoy in /var/lib/" - mkdir -p /var/lib/nzbget + datadir=/var/lib/nzbget + cfgtemplate=${cfg.package}/share/nzbget/nzbget.conf + test -d $datadir || { + echo "Creating nzbget data directory in $datadir" + mkdir -p $datadir } - test -f /var/lib/nzbget/nzbget.conf || { - echo "nzbget.conf not found. Copying default config to /var/lib/nzbget/nzbget.conf" - cp ${cfg.package}/share/nzbget/nzbget.conf /var/lib/nzbget/nzbget.conf - echo "Setting file mode of nzbget.conf to 0700 (needs to be written and contains plaintext credentials)" - chmod 0700 /var/lib/nzbget/nzbget.conf + test -f $configfile || { + echo "nzbget.conf not found. Copying default config $cfgtemplate to $configfile" + cp $cfgtemplate $configfile + echo "Setting $configfile permissions to 0700 (needs to be written and contains plaintext credentials)" + chmod 0700 $configfile echo "Setting temporary \$MAINDIR variable in default config required in order to allow nzbget to complete initial start" echo "Remember to change this to a proper value once NZBGet startup has been completed" - sed -i -e 's/MainDir=.*/MainDir=\/tmp/g' /var/lib/nzbget/nzbget.conf + sed -i -e 's/MainDir=.*/MainDir=\/tmp/g' $configfile } - echo "Ensuring proper ownership of /var/lib/nzbget (${cfg.user}:${cfg.group})." - chown -R ${cfg.user}:${cfg.group} /var/lib/nzbget + echo "Ensuring proper ownership of $datadir (${cfg.user}:${cfg.group})." + chown -R ${cfg.user}:${cfg.group} $datadir + ''; + + script = '' + configfile=/var/lib/nzbget/nzbget.conf + args="--daemon --configfile $configfile" + # The script in preStart (above) copies nzbget's config template to datadir on first run, containing paths that point to the nzbget derivation installed at the time. + # These paths break when nzbget is upgraded & the original derivation is garbage collected. If such broken paths are found in the config file, override them to point to + # the currently installed nzbget derivation. + cfgfallback () { + local hit=`grep -Po "(?<=^$1=).*+" "$configfile" | sed 's/[ \t]*$//'` # Strip trailing whitespace + ( test $hit && test -e $hit ) || { + echo "In $configfile, valid $1 not found; falling back to $1=$2" + args+=" -o $1=$2" + } + } + cfgfallback ConfigTemplate ${cfg.package}/share/nzbget/nzbget.conf + cfgfallback WebDir ${cfg.package}/share/nzbget/webui + ${cfg.package}/bin/nzbget $args ''; serviceConfig = { @@ -64,7 +82,6 @@ in User = cfg.user; Group = cfg.group; PermissionsStartOnly = "true"; - ExecStart = "${cfg.package}/bin/nzbget --daemon --configfile /var/lib/nzbget/nzbget.conf"; Restart = "on-failure"; }; }; diff --git a/nixos/modules/services/networking/babeld.nix b/nixos/modules/services/networking/babeld.nix index dd76bac9df76..3dfd80f6ff52 100644 --- a/nixos/modules/services/networking/babeld.nix +++ b/nixos/modules/services/networking/babeld.nix @@ -6,8 +6,10 @@ let cfg = config.services.babeld; + conditionalBoolToString = value: if (isBool value) then (boolToString value) else (toString value); + paramsString = params: - concatMapStringsSep "" (name: "${name} ${boolToString (getAttr name params)}") + concatMapStringsSep " " (name: "${name} ${conditionalBoolToString (getAttr name params)}") (attrNames params); interfaceConfig = name: @@ -49,7 +51,7 @@ in type = types.nullOr (types.attrsOf types.unspecified); example = { - wired = true; + type = "tunnel"; "split-horizon" = true; }; }; @@ -63,7 +65,7 @@ in type = types.attrsOf (types.attrsOf types.unspecified); example = { enp0s2 = - { wired = true; + { type = "wired"; "hello-interval" = 5; "split-horizon" = "auto"; }; diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index 908c8730ad2a..4bae05b6dd30 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -8,17 +8,20 @@ let ${optionalString cfg.userControlled.enable '' ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group} update_config=1''} - ${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: let - psk = if networkConfig.psk != null - then ''"${networkConfig.psk}"'' - else networkConfig.pskRaw; - priority = networkConfig.priority; + ${concatStringsSep "\n" (mapAttrsToList (ssid: config: with config; let + key = if psk != null + then ''"${psk}"'' + else pskRaw; + baseAuth = if key != null + then ''psk=${key}'' + else ''key_mgmt=NONE''; in '' network={ ssid="${ssid}" - ${optionalString (psk != null) ''psk=${psk}''} - ${optionalString (psk == null) ''key_mgmt=NONE''} ${optionalString (priority != null) ''priority=${toString priority}''} + ${optionalString hidden "scan_ssid=1"} + ${if (auth != null) then auth else baseAuth} + ${extraConfig} } '') cfg.networks)} '' else "/etc/wpa_supplicant.conf"; @@ -70,6 +73,32 @@ in { Mutually exclusive with <varname>psk</varname>. ''; }; + + auth = mkOption { + type = types.nullOr types.str; + default = null; + example = '' + key_mgmt=WPA-EAP + eap=PEAP + identity="user@example.com" + password="secret" + ''; + description = '' + Use this option to configure advanced authentication methods like EAP. + See wpa_supplicant.conf(5) for example configurations. + + Mutually exclusive with <varname>psk</varname> and <varname>pskRaw</varname>. + ''; + }; + + hidden = mkOption { + type = types.bool; + default = false; + description = '' + Set this to <literal>true</literal> if the SSID of the network is hidden. + ''; + }; + priority = mkOption { type = types.nullOr types.int; default = null; @@ -83,6 +112,19 @@ in { policy, signal strength, etc. ''; }; + + extraConfig = mkOption { + type = types.str; + default = ""; + example = '' + bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66 + ''; + description = '' + Extra configuration lines appended to the network block. + See wpa_supplicant.conf(5) for available options. + ''; + }; + }; }); description = '' @@ -128,8 +170,8 @@ in { config = mkIf cfg.enable { assertions = flip mapAttrsToList cfg.networks (name: cfg: { - assertion = cfg.psk == null || cfg.pskRaw == null; - message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive''; + assertion = with cfg; count (x: x != null) [ psk pskRaw auth ] <= 1; + message = ''options networking.wireless."${name}".{psk,pskRaw,auth} are mutually exclusive''; }); environment.systemPackages = [ pkgs.wpa_supplicant ]; diff --git a/nixos/modules/services/search/solr.nix b/nixos/modules/services/search/solr.nix index 33d74e897237..90140a337ed8 100644 --- a/nixos/modules/services/search/solr.nix +++ b/nixos/modules/services/search/solr.nix @@ -15,8 +15,6 @@ let sha256 = "01mzvh53wrs1p2ym765jwd00gl6kn8f9k3nhdrnhdqr8dhimfb2p"; }; - buildPhases = [ "unpackPhase" "installPhase" ]; - installPhase = '' mkdir -p $out/lib cp common/lib/*.jar $out/lib/ diff --git a/nixos/modules/services/x11/desktop-managers/enlightenment.nix b/nixos/modules/services/x11/desktop-managers/enlightenment.nix index b02eaf861a0d..8a523f0d8036 100644 --- a/nixos/modules/services/x11/desktop-managers/enlightenment.nix +++ b/nixos/modules/services/x11/desktop-managers/enlightenment.nix @@ -61,7 +61,7 @@ in ''; }]; - security.wrappers.e_freqset.source = "${e.enlightenment.out}/bin/e_freqset"; + security.wrappers = (import (builtins.toPath "${e.enlightenment}/e-wrappers.nix")).security.wrappers; environment.etc = singleton { source = xcfg.xkbDir; diff --git a/nixos/modules/services/x11/fractalart.nix b/nixos/modules/services/x11/fractalart.nix new file mode 100644 index 000000000000..448248a58794 --- /dev/null +++ b/nixos/modules/services/x11/fractalart.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.fractalart; +in { + options.services.fractalart = { + enable = mkOption { + type = types.bool; + default = false; + example = true; + description = "Enable FractalArt for generating colorful wallpapers on login"; + }; + + width = mkOption { + type = types.nullOr types.int; + default = null; + example = 1920; + description = "Screen width"; + }; + + height = mkOption { + type = types.nullOr types.int; + default = null; + example = 1080; + description = "Screen height"; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ pkgs.haskellPackages.FractalArt ]; + services.xserver.displayManager.sessionCommands = + "${pkgs.haskellPackages.FractalArt}/bin/FractalArt --no-bg -f .background-image" + + optionalString (cfg.width != null) " -w ${toString cfg.width}" + + optionalString (cfg.height != null) " -h ${toString cfg.height}"; + }; +} diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 1741d2c7e1f7..b7e85e402aa9 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -923,7 +923,9 @@ in assertions = (flip map interfaces (i: { assertion = i.subnetMask == null; - message = "The networking.interfaces.${i.name}.subnetMask option is defunct. Use prefixLength instead."; + message = '' + The networking.interfaces."${i.name}".subnetMask option is defunct. Use prefixLength instead. + ''; })) ++ (flip map interfaces (i: { # With the linux kernel, interface name length is limited by IFNAMSIZ # to 16 bytes, including the trailing null byte. @@ -934,7 +936,9 @@ in ''; })) ++ (flip map slaveIfs (i: { assertion = i.ip4 == [ ] && i.ipAddress == null && i.ip6 == [ ] && i.ipv6Address == null; - message = "The networking.interfaces.${i.name} must not have any defined ips when it is a slave."; + message = '' + The networking.interfaces."${i.name}" must not have any defined ips when it is a slave. + ''; })) ++ [ { assertion = cfg.hostId == null || (stringLength cfg.hostId == 8 && isHexString cfg.hostId); diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix index 125e6b7050bc..7536bf3e48ef 100644 --- a/nixos/release-combined.nix +++ b/nixos/release-combined.nix @@ -109,6 +109,7 @@ in rec { (all nixos.tests.nfs3) (all nixos.tests.nfs4) (all nixos.tests.openssh) + (all nixos.tests.php-pcre) (all nixos.tests.printing) (all nixos.tests.proxy) (all nixos.tests.sddm.default) diff --git a/nixos/release-small.nix b/nixos/release-small.nix index 28f1340caf8d..e9f3cfb4de53 100644 --- a/nixos/release-small.nix +++ b/nixos/release-small.nix @@ -40,6 +40,7 @@ in rec { nat nfs3 openssh + php-pcre proxy simple; installer = { diff --git a/nixos/release.nix b/nixos/release.nix index 28eb76d888e4..e02851ac45ae 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -309,6 +309,7 @@ in rec { tests.pam-oath-login = callTest tests/pam-oath-login.nix {}; #tests.panamax = hydraJob (import tests/panamax.nix { system = "x86_64-linux"; }); tests.peerflix = callTest tests/peerflix.nix {}; + tests.php-pcre = callTest tests/php-pcre.nix {}; tests.postgresql = callSubTests tests/postgresql.nix {}; tests.pgmanage = callTest tests/pgmanage.nix {}; tests.postgis = callTest tests/postgis.nix {}; diff --git a/nixos/tests/boot-stage1.nix b/nixos/tests/boot-stage1.nix index 50186525cf39..eeaca9f50edc 100644 --- a/nixos/tests/boot-stage1.nix +++ b/nixos/tests/boot-stage1.nix @@ -21,11 +21,16 @@ import ./make-test.nix ({ pkgs, ... }: { # the boot process kills any kthread by accident, like what happened in # issue #15226. kcanary = compileKernelModule "kcanary" '' + #include <linux/version.h> #include <linux/init.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/kthread.h> #include <linux/sched.h> + #include <linux/signal.h> + #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) + #include <linux/sched/signal.h> + #endif struct task_struct *canaryTask; diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index da9582deec1d..43b166a38374 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -7,7 +7,7 @@ with pkgs.lib; let # The configuration to install. - makeConfig = { bootLoader, grubVersion, grubDevice, grubIdentifier + makeConfig = { bootLoader, grubVersion, grubDevice, grubIdentifier, grubUseEfi , extraConfig, forceGrubReinstallCount ? 0 }: pkgs.writeText "configuration.nix" '' @@ -26,9 +26,16 @@ let ${optionalString (grubVersion == 1) '' boot.loader.grub.splashImage = null; ''} - boot.loader.grub.device = "${grubDevice}"; + boot.loader.grub.extraConfig = "serial; terminal_output.serial"; - boot.loader.grub.fsIdentifier = "${grubIdentifier}"; + ${if grubUseEfi then '' + boot.loader.grub.device = "nodev"; + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; # XXX: needed for OVMF? + '' else '' + boot.loader.grub.device = "${grubDevice}"; + boot.loader.grub.fsIdentifier = "${grubIdentifier}"; + ''} boot.loader.grub.configurationLimit = 100 + ${toString forceGrubReinstallCount}; ''} @@ -57,16 +64,17 @@ let # disk, and then reboot from the hard disk. It's parameterized with # a test script fragment `createPartitions', which must create # partitions and filesystems. - testScriptFun = { bootLoader, createPartitions, grubVersion, grubDevice + testScriptFun = { bootLoader, createPartitions, grubVersion, grubDevice, grubUseEfi , grubIdentifier, preBootCommands, extraConfig }: let iface = if grubVersion == 1 then "ide" else "virtio"; + isEfi = bootLoader == "systemd-boot" || (bootLoader == "grub" && grubUseEfi); qemuFlags = (if system == "x86_64-linux" then "-m 768 " else "-m 512 ") + (optionalString (system == "x86_64-linux") "-cpu kvm64 "); hdFlags = ''hda => "vm-state-machine/machine.qcow2", hdaInterface => "${iface}", '' - + optionalString (bootLoader == "systemd-boot") ''bios => "${pkgs.OVMF.fd}/FV/OVMF.fd", ''; + + optionalString isEfi ''bios => "${pkgs.OVMF.fd}/FV/OVMF.fd", ''; in '' $machine->start; @@ -89,7 +97,7 @@ let $machine->succeed("cat /mnt/etc/nixos/hardware-configuration.nix >&2"); $machine->copyFileFromHost( - "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; } }", + "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier grubUseEfi extraConfig; } }", "/mnt/etc/nixos/configuration.nix"); # Perform the installation. @@ -140,7 +148,7 @@ let # We need to a writable nix-store on next boot. $machine->copyFileFromHost( - "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 1; } }", + "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier grubUseEfi extraConfig; forceGrubReinstallCount = 1; } }", "/etc/nixos/configuration.nix"); # Check whether nixos-rebuild works. @@ -158,7 +166,7 @@ let ${preBootCommands} $machine->waitForUnit("multi-user.target"); $machine->copyFileFromHost( - "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier extraConfig; forceGrubReinstallCount = 2; } }", + "${ makeConfig { inherit bootLoader grubVersion grubDevice grubIdentifier grubUseEfi extraConfig; forceGrubReinstallCount = 2; } }", "/etc/nixos/configuration.nix"); $machine->succeed("nixos-rebuild boot >&2"); $machine->shutdown; @@ -176,7 +184,7 @@ let { createPartitions, preBootCommands ? "", extraConfig ? "" , extraInstallerConfig ? {} , bootLoader ? "grub" # either "grub" or "systemd-boot" - , grubVersion ? 2, grubDevice ? "/dev/vda", grubIdentifier ? "uuid" + , grubVersion ? 2, grubDevice ? "/dev/vda", grubIdentifier ? "uuid", grubUseEfi ? false , enableOCR ? false, meta ? {} }: makeTest { @@ -244,7 +252,7 @@ let testScript = testScriptFun { inherit bootLoader createPartitions preBootCommands - grubVersion grubDevice grubIdentifier extraConfig; + grubVersion grubDevice grubIdentifier grubUseEfi extraConfig; }; }; @@ -295,6 +303,29 @@ in { bootLoader = "systemd-boot"; }; + simpleUefiGrub = makeInstallerTest "simpleUefiGrub" + { createPartitions = + '' + $machine->succeed( + "parted /dev/vda mklabel gpt", + "parted -s /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot + "parted -s /dev/vda -- set 1 boot on", + "parted -s /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB", + "parted -s /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # / + "udevadm settle", + "mkswap /dev/vda2 -L swap", + "swapon -L swap", + "mkfs.ext3 -L nixos /dev/vda3", + "mount LABEL=nixos /mnt", + "mkfs.vfat -n BOOT /dev/vda1", + "mkdir -p /mnt/boot", + "mount LABEL=BOOT /mnt/boot", + ); + ''; + bootLoader = "grub"; + grubUseEfi = true; + }; + # Same as the previous, but now with a separate /boot partition. separateBoot = makeInstallerTest "separateBoot" { createPartitions = diff --git a/nixos/tests/php-pcre.nix b/nixos/tests/php-pcre.nix new file mode 100644 index 000000000000..f618a39a2293 --- /dev/null +++ b/nixos/tests/php-pcre.nix @@ -0,0 +1,44 @@ + +let testString = "can-use-subgroups"; in + +import ./make-test.nix ({ pkgs, ...}: { + name = "php-httpd-pcre-jit-test"; + machine = { config, lib, pkgs, ... }: { + time.timeZone = "UTC"; + services.httpd = { + enable = true; + adminAddr = "please@dont.contact"; + extraSubservices = lib.singleton { + function = f: { + enablePHP = true; + phpOptions = "pcre.jit = true"; + + extraConfig = + let + testRoot = pkgs.writeText "index.php" + '' + <?php + preg_match('/(${testString})/', '${testString}', $result); + var_dump($result); + ?> + ''; + in + '' + Alias / ${testRoot}/ + + <Directory ${testRoot}> + Require all granted + </Directory> + ''; + }; + }; + }; + }; + testScript = { nodes, ... }: + '' + $machine->waitForUnit('httpd.service'); + # Ensure php evaluation by matching on the var_dump syntax + $machine->succeed('curl -vvv -s http://127.0.0.1:80/index.php \ + | grep "string(${toString (builtins.stringLength testString)}) \"${testString}\""'); + ''; +}) |