summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* nixos/tests: Add a basic test for ACMEaszlig2017-09-13
| | | | | | | | The test here is pretty basic and only tests nginx, but it should get us started to write tests for different webservers and different ACME implementations. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
* nixos/tests: Add common modules for letsencryptaszlig2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These modules implement a way to test ACME based on a test instance of Letsencrypt's Boulder service. The service implementation is in letsencrypt.nix and the second module (resolver.nix) is a support-module for the former, but can also be used for tests not involving ACME. The second module provides a DNS server which hosts a root zone containing all the zones and /etc/hosts entries (except loopback) in the entire test network, so this can be very useful for other modules that need DNS resolution. Originally, I wrote these modules for the Headcounter deployment, but I've refactored them a bit to be generally useful to NixOS users. The original implementation can be found here: https://github.com/headcounter/deployment/tree/89e7feafb/modules/testing Quoting parts from the commit message of the initial implementation of the Letsencrypt module in headcounter/deployment@95dfb31110397567534f2: This module is going to be used for tests where we need to impersonate an ACME service such as the one from Letsencrypt within VM tests, which is the reason why this module is a bit ugly (I only care if it's working not if it's beautiful). While the module isn't used anywhere, it will serve as a pluggable module for testing whether ACME works properly to fetch certificates and also as a replacement for our snakeoil certificate generator. Also quoting parts of the commit where I have refactored the same module in headcounter/deployment@85fa481b3431bbc450e8008fd25adc28ef0c6036: Now we have a fully pluggable module which automatically discovers in which network it's used via the nodes attribute. The test environment of Boulder used "dns-test-srv", which is a fake DNS server that's resolving almost everything to 127.0.0.1. On our setup this is not useful, so instead we're now running a local BIND name server which has a fake root zone and uses the mentioned node attribute to automatically discover other zones in the network of machines and generate delegations from the root zone to the respective zones with the primaryIPAddress of the node. ... We want to use real letsencrypt.org FQDNs here, so we can't get away with the snakeoil test certificates from the upstream project but now roll our own. This not only has the benefit that we can easily pass the snakeoil certificate to other nodes, but we can (and do) also use it for an nginx proxy that's now serving HTTPS for the Boulder web front end. The Headcounter deployment tests are simulating a production scenario with real IPs and nameservers so it won't need to rely on networking.extraHost. However in this implementation we don't necessarily want to do that, so I've added auto-discovery of networking.extraHosts in the resolver module. Another change here is that the letsencrypt module now falls back to using a local resolver, the Headcounter implementation on the other hand always required to add an extra test node which serves as a resolver. I could have squashed both modules into the final ACME test, but that would make it not very reusable, so that's the main reason why I put these modules in tests/common. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
* prometheus-node-exported: fix output cycle on darwinDaiderd Jordan2017-09-13
|
* nixos/redmine: fix create roleRobin Gloster2017-09-13
| | | | | | postgresql create role no longer supports NOCREATEUSER option. See https://www.postgresql.org/docs/9.6/static/release-9-6.html for details.
* bean-add: 2017-04-16 -> 2017-09-13Matthias Beyer2017-09-13
|
* rtv: 1.15.1 -> 1.18.0Matthias Beyer2017-09-13
| | | | Disable tests, which try to access the network.
* mdp: 1.0.9 -> 1.0.10Matthias Beyer2017-09-13
|
* ctodo: 1.2 -> 1.3Matthias Beyer2017-09-13
|
* buku: 3.0 -> 3.3.1Matthias Beyer2017-09-13
|
* sqlitebrowser: 3.9.1 -> 3.10.0Matthias Beyer2017-09-13
|
* toot: 0.13.0 -> 0.15.0Matthias Beyer2017-09-13
|
* Merge pull request #28874 from ryantm/mattermostJoachim F2017-09-13
|\ | | | | nixos/mattermost: fix create role
| * nixos/mattermost: fix create roleRyan Mulligan2017-09-01
| | | | | | | | | | | | postgresql create role no longer supports NOCREATEUSER option. See https://www.postgresql.org/docs/9.6/static/release-9-6.html for details.
* | Merge pull request #29035 from ryantm/update_mattermostJoachim F2017-09-13
|\ \ | | | | | | mattermost: 3.8.2 -> 4.1.0
| * | mattermost: 3.8.2 -> 4.1.0Ryan Mulligan2017-09-05
| | |
* | | meteor: 1.4.2.3 -> 1.5 (#28905)Gabriel Adomnicai2017-09-13
| | |
* | | Add atom-betaDomen Kožar2017-09-13
| | |
* | | Merge pull request #28869 from symphorien/bombonoJoachim F2017-09-13
|\ \ \ | | | | | | | | bombono: init at 1.2.4
| * | | bombono: init at 1.2.4Symphorien Gibol2017-09-02
| | | |
* | | | proverif: 1.95 -> 1.97pl1Vincent Laporte2017-09-13
| | | |
* | | | Remove Profpatsch from the CODEOWNERS fileProfpatsch2017-09-13
| | | | | | | | | | | | | | | | | | | | Since CODEOWNERS shall be interpreted as actual ownership (and not just a mentionbot replacement), I will remove myself again.
* | | | afewmail: update meta.homepage (#29313)Andreas Rammhold2017-09-13
| | | |
* | | | Merge pull request #29125 from geistesk/firehol-3.1.4Jörg Thalheim2017-09-13
|\ \ \ \ | | | | | | | | | | firehol: init at 3.1.4, iprange: init at 1.0.3
| * | | | nixos/fireqos: add servicegeistesk2017-09-09
| | | | |
| * | | | firehol: init at 3.1.4geistesk2017-09-09
| | | | |
| * | | | iprange: init at 1.0.3geistesk2017-09-09
| | | | |
* | | | | Merge pull request #29321 from NixOS/revert-29277-kde_frameworks_5_38Thomas Tuegel2017-09-13
|\ \ \ \ \ | | | | | | | | | | | | Revert "kdeFrameworks: 5.37 -> 5.38"
| * | | | | Revert "kdeFrameworks: 5.37 -> 5.38"Thomas Tuegel2017-09-13
|/ / / / /
* | | | | socklog: fixup implicit function declarationsJoachim Fasting2017-09-13
| | | | |
* | | | | socklog: properly disable the chkshsgr testJoachim Fasting2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | My previous attempt d438cbb0b6989491d9793469a8ca8d994679c13e was bogus ...
* | | | | Merge pull request #29314 from mdorman/emacs-updatesJoachim F2017-09-13
|\ \ \ \ \ | | | | | | | | | | | | Semi-automated Emacs package updates
| * | | | | melpa-packages: 2017-09-13Michael Alan Dorman2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removals: - debian-bug: removed from melpa - debian-changelog-mode: removed from melpa - rcirc-color: removed from melpa - sentence-highlight: removed from melpa
| * | | | | melpa-stable-packages: 2017-09-13Michael Alan Dorman2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removals: - sentence-highlight: removed from melpa
| * | | | | org-packages: 2017-09-13Michael Alan Dorman2017-09-13
| | | | | |
| * | | | | elpa-packages: 2017-09-13Michael Alan Dorman2017-09-13
| | | | | |
* | | | | | Merge pull request #29288 from florianjacob/piwik-3.1.0Joachim F2017-09-13
|\ \ \ \ \ \ | | | | | | | | | | | | | | piwik: 3.0.4 -> 3.1.0
| * | | | | | piwik: 3.0.4 -> 3.1.0Florian Jacob2017-09-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch for Nix was merged upstream and therefore could be removed.
* | | | | | | Merge pull request #29308 from taku0/flashplayer-27.0.0.130Joachim F2017-09-13
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | flashplayer: 26.0.0.151 -> 27.0.0.130 [Critical security fixes]
| * | | | | | | flashplayer: 26.0.0.151 -> 27.0.0.130taku02017-09-13
| | | | | | | |
* | | | | | | | Merge pull request #29310 from Infinisil/s-tuiFrederik Rietdijk2017-09-13
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | s-tui: init at 0.6.0
| * | | | | | | | s-tui: init at 0.6.0Silvan Mosberger2017-09-13
| | | | | | | | |
* | | | | | | | | OVMF: add 'src' attributeBjørn Forsman2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | No functional change, but allows getting the source via the standard attribute: `nix-build -A OVMF.src`.
* | | | | | | | | Merge pull request #29282 from obsidiansystems/soextJohn Ericson2017-09-13
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | lib, treewide: Add `*Platform.extensions` and use it where possible
| * | | | | | | | | treewide: Use `*Platform.extensions`John Ericson2017-09-13
| | | | | | | | | |
| * | | | | | | | | lib: Add `*Platform.extensions`John Ericson2017-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is used to platform specific library and exectuable extensions. In the next commit I'll replace a bunch of ad-hoc logic with it.
* | | | | | | | | | diffoscope: Update tool listTuomas Tynkkynen2017-09-13
| | | | | | | | | |
* | | | | | | | | | diffoscope: Remove obsolete and unreferenced patchTuomas Tynkkynen2017-09-13
| | | | | | | | | |
* | | | | | | | | | diffoscope: Revive hard links patchTuomas Tynkkynen2017-09-13
| | | | | | | | | |
* | | | | | | | | | diffoscope: 85 -> 86Tuomas Tynkkynen2017-09-13
| | | | | | | | | |
* | | | | | | | | | Merge pull request #29277 from bkchr/kde_frameworks_5_38Thomas Tuegel2017-09-13
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | kdeFrameworks: 5.37 -> 5.38
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-02 03:08:03 +0000