Project import generated by Copybara.
GitOrigin-RevId: 10ecda252ce1b3b1d6403caeadbcc8f30d5ab796
This commit is contained in:
parent
96a430125b
commit
5083ee08a2
1785 changed files with 42125 additions and 26113 deletions
1
third_party/nixpkgs/.github/CODEOWNERS
vendored
1
third_party/nixpkgs/.github/CODEOWNERS
vendored
|
@ -37,6 +37,7 @@
|
|||
/pkgs/top-level/splice.nix @Ericson2314 @matthewbauer
|
||||
/pkgs/top-level/release-cross.nix @Ericson2314 @matthewbauer
|
||||
/pkgs/stdenv/generic @Ericson2314 @matthewbauer
|
||||
/pkgs/stdenv/generic/check-meta.nix @Ericson2314 @matthewbauer @piegamesde
|
||||
/pkgs/stdenv/cross @Ericson2314 @matthewbauer
|
||||
/pkgs/build-support/cc-wrapper @Ericson2314
|
||||
/pkgs/build-support/bintools-wrapper @Ericson2314
|
||||
|
|
|
@ -26,14 +26,11 @@ jobs:
|
|||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
- name: Create backport PRs
|
||||
# should be kept in sync with `version`
|
||||
uses: zeebe-io/backport-action@v0.0.5
|
||||
uses: zeebe-io/backport-action@v0.0.8
|
||||
with:
|
||||
# Config README: https://github.com/zeebe-io/backport-action#backport-action
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_workspace: ${{ github.workspace }}
|
||||
# should be kept in sync with `uses`
|
||||
version: v0.0.5
|
||||
pull_description: |-
|
||||
Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.
|
||||
|
||||
|
|
1
third_party/nixpkgs/.mailmap
vendored
Normal file
1
third_party/nixpkgs/.mailmap
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
Daniel Løvbrøtte Olsen <me@dandellion.xyz> <daniel.olsen99@gmail.com>
|
|
@ -71,7 +71,7 @@ The `dotnetCorePackages.sdk` contains both a runtime and the full sdk of a given
|
|||
|
||||
To package Dotnet applications, you can use `buildDotnetModule`. This has similar arguments to `stdenv.mkDerivation`, with the following additions:
|
||||
|
||||
* `projectFile` has to be used for specifying the dotnet project file relative to the source root. These usually have `.sln` or `.csproj` file extensions. This can be an array of multiple projects as well.
|
||||
* `projectFile` is used for specifying the dotnet project file, relative to the source root. These usually have `.sln` or `.csproj` file extensions. This can be a list of multiple projects as well. Most of the time dotnet can figure this location out by itself, so this should only be set if necessary.
|
||||
* `nugetDeps` takes either a path to a `deps.nix` file, or a derivation. The `deps.nix` file can be generated using the script attached to `passthru.fetch-deps`. This file can also be generated manually using `nuget-to-nix` tool, which is available in nixpkgs. If the argument is a derivation, it will be used directly and assume it has the same output as `mkNugetDeps`.
|
||||
* `packNupkg` is used to pack project as a `nupkg`, and installs it to `$out/share`. If set to `true`, the derivation can be used as a dependency for another dotnet project by adding it to `projectReferences`.
|
||||
* `projectReferences` can be used to resolve `ProjectReference` project items. Referenced projects can be packed with `buildDotnetModule` by setting the `packNupkg = true` attribute and passing a list of derivations to `projectReferences`. Since we are sharing referenced projects as NuGets they must be added to csproj/fsproj files as `PackageReference` as well.
|
||||
|
@ -100,7 +100,7 @@ To package Dotnet applications, you can use `buildDotnetModule`. This has simila
|
|||
* `dotnetPackFlags` can be used to pass flags to `dotnet pack`. Used only if `packNupkg` is set to `true`.
|
||||
* `dotnetFlags` can be used to pass flags to all of the above phases.
|
||||
|
||||
When packaging a new application, you need to fetch it's dependencies. You can set `nugetDeps` to an empty string to make the derivation temporarily evaluate, and then run `nix-build -A package.passthru.fetch-deps` to generate it's dependency fetching script. After running the script, you should have the location of the generated lockfile printed to the console. This can be copied to a stable directory. Note that if either `projectFile` or `nugetDeps` are unset, this script cannot be generated!
|
||||
When packaging a new application, you need to fetch its dependencies. You can run `nix-build -A package.fetch-deps` to generate a script that will build a lockfile for you. After running the script you should have the location of the generated lockfile printed to the console, which can be copied to a stable directory. Then set `nugetDeps = ./deps.nix` and you're ready to build the derivation.
|
||||
|
||||
Here is an example `default.nix`, using some of the previously discussed arguments:
|
||||
```nix
|
||||
|
|
|
@ -213,6 +213,10 @@ runCommand "my-package-test" {
|
|||
|
||||
A timeout (in seconds) for building the derivation. If the derivation takes longer than this time to build, it can fail due to breaking the timeout. However, all computers do not have the same computing power, hence some builders may decide to apply a multiplicative factor to this value. When filling this value in, try to keep it approximately consistent with other values already present in `nixpkgs`.
|
||||
|
||||
`meta` attributes are not stored in the instantiated derivation.
|
||||
Therefore, this setting may be lost when the package is used as a dependency.
|
||||
To be effective, it must be presented directly to an evaluation process that handles the `meta.timeout` attribute.
|
||||
|
||||
### `hydraPlatforms` {#var-meta-hydraPlatforms}
|
||||
|
||||
The list of Nix platform types for which the Hydra instance at `hydra.nixos.org` will build the package. (Hydra is the Nix-based continuous build system.) It defaults to the value of `meta.platforms`. Thus, the only reason to set `meta.hydraPlatforms` is if you want `hydra.nixos.org` to build the package on a subset of `meta.platforms`, or not at all, e.g.
|
||||
|
|
|
@ -309,7 +309,7 @@ The attribute can also contain a list, a script followed by arguments to be pass
|
|||
passthru.updateScript = [ ../../update.sh pname "--requested-release=unstable" ];
|
||||
```
|
||||
|
||||
The script will be run with `UPDATE_NIX_ATTR_PATH` environment variable set to the attribute path it is supposed to update.
|
||||
The script will be run with the `UPDATE_NIX_NAME`, `UPDATE_NIX_PNAME`, `UPDATE_NIX_OLD_VERSION` and `UPDATE_NIX_ATTR_PATH` environment variables set respectively to the name, pname, old version and attribute path of the package it is supposed to update.
|
||||
|
||||
::: {.note}
|
||||
The script will be usually run from the root of the Nixpkgs repository but you should not rely on that. Also note that the update scripts will be run in parallel by default; you should avoid running `git commit` or any other commands that cannot handle that.
|
||||
|
|
2
third_party/nixpkgs/lib/default.nix
vendored
2
third_party/nixpkgs/lib/default.nix
vendored
|
@ -23,6 +23,7 @@ let
|
|||
|
||||
# packaging
|
||||
customisation = callLibs ./customisation.nix;
|
||||
derivations = callLibs ./derivations.nix;
|
||||
maintainers = import ../maintainers/maintainer-list.nix;
|
||||
teams = callLibs ../maintainers/team-list.nix;
|
||||
meta = callLibs ./meta.nix;
|
||||
|
@ -108,6 +109,7 @@ let
|
|||
inherit (self.customisation) overrideDerivation makeOverridable
|
||||
callPackageWith callPackagesWith extendDerivation hydraJob
|
||||
makeScope makeScopeWithSplicing;
|
||||
inherit (self.derivations) lazyDerivation;
|
||||
inherit (self.meta) addMetaAttrs dontDistribute setName updateName
|
||||
appendToName mapDerivationAttrset setPrio lowPrio lowPrioSet hiPrio
|
||||
hiPrioSet getLicenseFromSpdxId getExe;
|
||||
|
|
101
third_party/nixpkgs/lib/derivations.nix
vendored
Normal file
101
third_party/nixpkgs/lib/derivations.nix
vendored
Normal file
|
@ -0,0 +1,101 @@
|
|||
{ lib }:
|
||||
|
||||
let
|
||||
inherit (lib) throwIfNot;
|
||||
in
|
||||
{
|
||||
/*
|
||||
Restrict a derivation to a predictable set of attribute names, so
|
||||
that the returned attrset is not strict in the actual derivation,
|
||||
saving a lot of computation when the derivation is non-trivial.
|
||||
|
||||
This is useful in situations where a derivation might only be used for its
|
||||
passthru attributes, improving evaluation performance.
|
||||
|
||||
The returned attribute set is lazy in `derivation`. Specifically, this
|
||||
means that the derivation will not be evaluated in at least the
|
||||
situations below.
|
||||
|
||||
For illustration and/or testing, we define derivation such that its
|
||||
evaluation is very noticable.
|
||||
|
||||
let derivation = throw "This won't be evaluated.";
|
||||
|
||||
In the following expressions, `derivation` will _not_ be evaluated:
|
||||
|
||||
(lazyDerivation { inherit derivation; }).type
|
||||
|
||||
attrNames (lazyDerivation { inherit derivation; })
|
||||
|
||||
(lazyDerivation { inherit derivation; } // { foo = true; }).foo
|
||||
|
||||
(lazyDerivation { inherit derivation; meta.foo = true; }).meta
|
||||
|
||||
In these expressions, it `derivation` _will_ be evaluated:
|
||||
|
||||
"${lazyDerivation { inherit derivation }}"
|
||||
|
||||
(lazyDerivation { inherit derivation }).outPath
|
||||
|
||||
(lazyDerivation { inherit derivation }).meta
|
||||
|
||||
And the following expressions are not valid, because the refer to
|
||||
implementation details and/or attributes that may not be present on
|
||||
some derivations:
|
||||
|
||||
(lazyDerivation { inherit derivation }).buildInputs
|
||||
|
||||
(lazyDerivation { inherit derivation }).passthru
|
||||
|
||||
(lazyDerivation { inherit derivation }).pythonPath
|
||||
|
||||
*/
|
||||
lazyDerivation =
|
||||
args@{
|
||||
# The derivation to be wrapped.
|
||||
derivation
|
||||
, # Optional meta attribute.
|
||||
#
|
||||
# While this function is primarily about derivations, it can improve
|
||||
# the `meta` package attribute, which is usually specified through
|
||||
# `mkDerivation`.
|
||||
meta ? null
|
||||
, # Optional extra values to add to the returned attrset.
|
||||
#
|
||||
# This can be used for adding package attributes, such as `tests`.
|
||||
passthru ? { }
|
||||
}:
|
||||
let
|
||||
# These checks are strict in `drv` and some `drv` attributes, but the
|
||||
# attrset spine returned by lazyDerivation does not depend on it.
|
||||
# Instead, the individual derivation attributes do depend on it.
|
||||
checked =
|
||||
throwIfNot (derivation.type or null == "derivation")
|
||||
"lazySimpleDerivation: input must be a derivation."
|
||||
throwIfNot
|
||||
(derivation.outputs == [ "out" ])
|
||||
# Supporting multiple outputs should be a matter of inheriting more attrs.
|
||||
"The derivation ${derivation.name or "<unknown>"} has multiple outputs. This is not supported by lazySimpleDerivation yet. Support could be added, and be useful as long as the set of outputs is known in advance, without evaluating the actual derivation."
|
||||
derivation;
|
||||
in
|
||||
{
|
||||
# Hardcoded `type`
|
||||
#
|
||||
# `lazyDerivation` requires its `derivation` argument to be a derivation,
|
||||
# so if it is not, that is a programming error by the caller and not
|
||||
# something that `lazyDerivation` consumers should be able to correct
|
||||
# for after the fact.
|
||||
# So, to improve laziness, we assume correctness here and check it only
|
||||
# when actual derivation values are accessed later.
|
||||
type = "derivation";
|
||||
|
||||
# A fixed set of derivation values, so that `lazyDerivation` can return
|
||||
# its attrset before evaluating `derivation`.
|
||||
# This must only list attributes that are available on _all_ derivations.
|
||||
inherit (checked) outputs out outPath outputName drvPath name system;
|
||||
|
||||
# The meta attribute can either be taken from the derivation, or if the
|
||||
# `lazyDerivation` caller knew a shortcut, be taken from there.
|
||||
meta = args.meta or checked.meta;
|
||||
} // passthru;
|
||||
}
|
5
third_party/nixpkgs/lib/licenses.nix
vendored
5
third_party/nixpkgs/lib/licenses.nix
vendored
|
@ -103,6 +103,11 @@ in mkLicense lset) ({
|
|||
fullName = "Apache License 2.0";
|
||||
};
|
||||
|
||||
bola11 = {
|
||||
url = "https://blitiri.com.ar/p/bola/";
|
||||
fullName = "Buena Onda License Agreement 1.1";
|
||||
};
|
||||
|
||||
boost = {
|
||||
spdxId = "BSL-1.0";
|
||||
fullName = "Boost Software License 1.0";
|
||||
|
|
4
third_party/nixpkgs/lib/modules.nix
vendored
4
third_party/nixpkgs/lib/modules.nix
vendored
|
@ -440,13 +440,14 @@ rec {
|
|||
config = addFreeformType (addMeta (m.config or {}));
|
||||
}
|
||||
else
|
||||
# shorthand syntax
|
||||
lib.throwIfNot (isAttrs m) "module ${file} (${key}) does not look like a module."
|
||||
{ _file = toString m._file or file;
|
||||
key = toString m.key or key;
|
||||
disabledModules = m.disabledModules or [];
|
||||
imports = m.require or [] ++ m.imports or [];
|
||||
options = {};
|
||||
config = addFreeformType (addMeta (removeAttrs m ["_file" "key" "disabledModules" "require" "imports" "freeformType"]));
|
||||
config = addFreeformType (removeAttrs m ["_file" "key" "disabledModules" "require" "imports" "freeformType"]);
|
||||
};
|
||||
|
||||
applyModuleArgsIfFunction = key: f: args@{ config, options, lib, ... }: if isFunction f then
|
||||
|
@ -720,6 +721,7 @@ rec {
|
|||
inherit (res.defsFinal') highestPrio;
|
||||
definitions = map (def: def.value) res.defsFinal;
|
||||
files = map (def: def.file) res.defsFinal;
|
||||
definitionsWithLocations = res.defsFinal;
|
||||
inherit (res) isDefined;
|
||||
# This allows options to be correctly displayed using `${options.path.to.it}`
|
||||
__toString = _: showOption loc;
|
||||
|
|
8
third_party/nixpkgs/lib/systems/default.nix
vendored
8
third_party/nixpkgs/lib/systems/default.nix
vendored
|
@ -141,6 +141,14 @@ rec {
|
|||
powerpc64le = "ppc64le";
|
||||
}.${final.parsed.cpu.name} or final.parsed.cpu.name;
|
||||
|
||||
# Name used by UEFI for architectures.
|
||||
efiArch =
|
||||
if final.isx86_32 then "ia32"
|
||||
else if final.isx86_64 then "x64"
|
||||
else if final.isAarch32 then "arm"
|
||||
else if final.isAarch64 then "aa64"
|
||||
else final.parsed.cpu.name;
|
||||
|
||||
darwinArch = {
|
||||
armv7a = "armv7";
|
||||
aarch64 = "arm64";
|
||||
|
|
53
third_party/nixpkgs/lib/tests/misc.nix
vendored
53
third_party/nixpkgs/lib/tests/misc.nix
vendored
|
@ -1207,6 +1207,59 @@ runTests {
|
|||
expected = true;
|
||||
};
|
||||
|
||||
# lazyDerivation
|
||||
|
||||
testLazyDerivationIsLazyInDerivationForAttrNames = {
|
||||
expr = attrNames (lazyDerivation {
|
||||
derivation = throw "not lazy enough";
|
||||
});
|
||||
# It's ok to add attribute names here when lazyDerivation is improved
|
||||
# in accordance with its inline comments.
|
||||
expected = [ "drvPath" "meta" "name" "out" "outPath" "outputName" "outputs" "system" "type" ];
|
||||
};
|
||||
|
||||
testLazyDerivationIsLazyInDerivationForPassthruAttr = {
|
||||
expr = (lazyDerivation {
|
||||
derivation = throw "not lazy enough";
|
||||
passthru.tests = "whatever is in tests";
|
||||
}).tests;
|
||||
expected = "whatever is in tests";
|
||||
};
|
||||
|
||||
testLazyDerivationIsLazyInDerivationForPassthruAttr2 = {
|
||||
# passthru.tests is not a special case. It works for any attr.
|
||||
expr = (lazyDerivation {
|
||||
derivation = throw "not lazy enough";
|
||||
passthru.foo = "whatever is in foo";
|
||||
}).foo;
|
||||
expected = "whatever is in foo";
|
||||
};
|
||||
|
||||
testLazyDerivationIsLazyInDerivationForMeta = {
|
||||
expr = (lazyDerivation {
|
||||
derivation = throw "not lazy enough";
|
||||
meta = "whatever is in meta";
|
||||
}).meta;
|
||||
expected = "whatever is in meta";
|
||||
};
|
||||
|
||||
testLazyDerivationReturnsDerivationAttrs = let
|
||||
derivation = {
|
||||
type = "derivation";
|
||||
outputs = ["out"];
|
||||
out = "test out";
|
||||
outPath = "test outPath";
|
||||
outputName = "out";
|
||||
drvPath = "test drvPath";
|
||||
name = "test name";
|
||||
system = "test system";
|
||||
meta = "test meta";
|
||||
};
|
||||
in {
|
||||
expr = lazyDerivation { inherit derivation; };
|
||||
expected = derivation;
|
||||
};
|
||||
|
||||
testTypeDescriptionInt = {
|
||||
expr = (with types; int).description;
|
||||
expected = "signed integer";
|
||||
|
|
3
third_party/nixpkgs/lib/tests/modules.sh
vendored
3
third_party/nixpkgs/lib/tests/modules.sh
vendored
|
@ -58,6 +58,9 @@ checkConfigError() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Shorthand meta attribute does not duplicate the config
|
||||
checkConfigOutput '^"one two"$' config.result ./shorthand-meta.nix
|
||||
|
||||
# Check boolean option.
|
||||
checkConfigOutput '^false$' config.enable ./declare-enable.nix
|
||||
checkConfigError 'The option .* does not exist. Definition values:\n\s*- In .*: true' config.enable ./define-enable.nix
|
||||
|
|
19
third_party/nixpkgs/lib/tests/modules/shorthand-meta.nix
vendored
Normal file
19
third_party/nixpkgs/lib/tests/modules/shorthand-meta.nix
vendored
Normal file
|
@ -0,0 +1,19 @@
|
|||
{ lib, ... }:
|
||||
let
|
||||
inherit (lib) types mkOption;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
({ config, ... }: {
|
||||
options = {
|
||||
meta.foo = mkOption {
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
result = mkOption { default = lib.concatStringsSep " " config.meta.foo; };
|
||||
};
|
||||
})
|
||||
{
|
||||
meta.foo = [ "one" "two" ];
|
||||
}
|
||||
];
|
||||
}
|
18
third_party/nixpkgs/lib/types.nix
vendored
18
third_party/nixpkgs/lib/types.nix
vendored
|
@ -119,8 +119,22 @@ rec {
|
|||
# - "composite": a phrase with an "of" connective
|
||||
# See the `optionDescriptionPhrase` function.
|
||||
, descriptionClass ? null
|
||||
, # Function applied to each definition that should return true if
|
||||
# its type-correct, false otherwise.
|
||||
, # DO NOT USE WITHOUT KNOWING WHAT YOU ARE DOING!
|
||||
# Function applied to each definition that must return false when a definition
|
||||
# does not match the type. It should not check more than the root of the value,
|
||||
# because checking nested values reduces laziness, leading to unnecessary
|
||||
# infinite recursions in the module system.
|
||||
# Further checks of nested values should be performed by throwing in
|
||||
# the merge function.
|
||||
# Strict and deep type checking can be performed by calling lib.deepSeq on
|
||||
# the merged value.
|
||||
#
|
||||
# See https://github.com/NixOS/nixpkgs/pull/6794 that introduced this change,
|
||||
# https://github.com/NixOS/nixpkgs/pull/173568 and
|
||||
# https://github.com/NixOS/nixpkgs/pull/168295 that attempted to revert this,
|
||||
# https://github.com/NixOS/nixpkgs/issues/191124 and
|
||||
# https://github.com/NixOS/nixos-search/issues/391 for what happens if you ignore
|
||||
# this disclaimer.
|
||||
check ? (x: true)
|
||||
, # Merge a list of definitions together into a single value.
|
||||
# This function is called with two arguments: the location of
|
||||
|
|
113
third_party/nixpkgs/maintainers/maintainer-list.nix
vendored
113
third_party/nixpkgs/maintainers/maintainer-list.nix
vendored
|
@ -641,7 +641,7 @@
|
|||
};
|
||||
alkeryn = {
|
||||
email = "plbraundev@gmail.com";
|
||||
github = "Alkeryn";
|
||||
github = "alkeryn";
|
||||
githubId = 11599075;
|
||||
name = "Pierre-Louis Braun";
|
||||
};
|
||||
|
@ -1071,7 +1071,7 @@
|
|||
};
|
||||
arcticlimer = {
|
||||
email = "vinigm.nho@gmail.com";
|
||||
github = "arcticlimer";
|
||||
github = "viniciusmuller";
|
||||
githubId = 59743220;
|
||||
name = "Vinícius Müller";
|
||||
};
|
||||
|
@ -2038,6 +2038,12 @@
|
|||
githubId = 157330;
|
||||
name = "Ben Burdette";
|
||||
};
|
||||
bwlang = {
|
||||
email = "brad@langhorst.com";
|
||||
github = "bwlang";
|
||||
githubId = 61636;
|
||||
name = "Brad Langhorst";
|
||||
};
|
||||
bzizou = {
|
||||
email = "Bruno@bzizou.net";
|
||||
github = "bzizou";
|
||||
|
@ -2137,6 +2143,12 @@
|
|||
githubId = 91694;
|
||||
name = "Javier Candeira";
|
||||
};
|
||||
candyc1oud = {
|
||||
email = "candyc1oud@outlook.com";
|
||||
github = "candyc1oud";
|
||||
githubId = 113157395;
|
||||
name = "Candy Cloud";
|
||||
};
|
||||
canndrew = {
|
||||
email = "shum@canndrew.org";
|
||||
github = "canndrew";
|
||||
|
@ -4107,7 +4119,7 @@
|
|||
};
|
||||
ersin = {
|
||||
email = "me@ersinakinci.com";
|
||||
github = "DesertDevErsin";
|
||||
github = "ersinakinci";
|
||||
githubId = 5427394;
|
||||
name = "Ersin Akinci";
|
||||
};
|
||||
|
@ -5223,6 +5235,12 @@
|
|||
fingerprint = "3F35 E4CA CBF4 2DE1 2E90 53E5 03A6 E6F7 8693 6619";
|
||||
}];
|
||||
};
|
||||
harvidsen = {
|
||||
email = "harvidsen@gmail.com";
|
||||
github = "harvidsen";
|
||||
githubId = 62279738;
|
||||
name = "Håkon Arvidsen";
|
||||
};
|
||||
haslersn = {
|
||||
email = "haslersn@fius.informatik.uni-stuttgart.de";
|
||||
github = "haslersn";
|
||||
|
@ -5476,6 +5494,13 @@
|
|||
githubId = 25618740;
|
||||
name = "Vincent Cui";
|
||||
};
|
||||
houstdav000 = {
|
||||
email = "houstdav000@gmail.com";
|
||||
github = "houstdav000";
|
||||
githubId = 17628961;
|
||||
matrix = "@houstdav000:gh0st.ems.host";
|
||||
name = "David Houston";
|
||||
};
|
||||
hoverbear = {
|
||||
email = "operator+nix@hoverbear.org";
|
||||
matrix = "@hoverbear:matrix.org";
|
||||
|
@ -6042,7 +6067,7 @@
|
|||
jayesh-bhoot = {
|
||||
name = "Jayesh Bhoot";
|
||||
email = "jayesh@bhoot.sh";
|
||||
github = "jayesh-bhoot";
|
||||
github = "jayeshbhoot";
|
||||
githubId = 1915507;
|
||||
};
|
||||
jb55 = {
|
||||
|
@ -6533,7 +6558,7 @@
|
|||
name = "Jona Enzinger";
|
||||
email = "5xt3zyy5l@mozmail.com";
|
||||
matrix = "@jona:matrix.jonaenz.de";
|
||||
github = "jonaenz";
|
||||
github = "JonaEnz";
|
||||
githubId = 57130301;
|
||||
keys = [{
|
||||
fingerprint = "1CC5 B67C EB9A 13A5 EDF6 F10E 0B4A 3662 FC58 9202";
|
||||
|
@ -6590,7 +6615,7 @@
|
|||
};
|
||||
joshvanl = {
|
||||
email = " me@joshvanl.dev ";
|
||||
github = "joshvanl";
|
||||
github = "JoshVanL";
|
||||
githubId = 15893072;
|
||||
name = "Josh van Leeuwen";
|
||||
};
|
||||
|
@ -6825,9 +6850,6 @@
|
|||
github = "jyooru";
|
||||
githubId = 63786778;
|
||||
name = "Joel";
|
||||
keys = [{
|
||||
fingerprint = "9148 DC9E F4D5 3EB6 A30E 8EF0 1855 0BD2 05E9 EF64";
|
||||
}];
|
||||
};
|
||||
jyp = {
|
||||
email = "jeanphilippe.bernardy@gmail.com";
|
||||
|
@ -6847,12 +6869,6 @@
|
|||
github = "k3a";
|
||||
githubId = 966992;
|
||||
};
|
||||
k4leg = {
|
||||
name = "k4leg";
|
||||
email = "python.bogdan@gmail.com";
|
||||
github = "k4leg";
|
||||
githubId = 39882583;
|
||||
};
|
||||
k900 = {
|
||||
name = "Ilya K.";
|
||||
email = "me@0upti.me";
|
||||
|
@ -8110,6 +8126,12 @@
|
|||
githubId = 42545625;
|
||||
name = "Maas Lalani";
|
||||
};
|
||||
maddiethecafebabe = {
|
||||
email = "maddie@cafebabe.date";
|
||||
github = "maddiethecafebabe";
|
||||
githubId = 75337286;
|
||||
name = "Madeline S.";
|
||||
};
|
||||
madjar = {
|
||||
email = "georges.dubus@compiletoi.net";
|
||||
github = "madjar";
|
||||
|
@ -8283,7 +8305,7 @@
|
|||
};
|
||||
marsupialgutz = {
|
||||
email = "mars@possums.xyz";
|
||||
github = "marsupialgutz";
|
||||
github = "pupbrained";
|
||||
githubId = 33522919;
|
||||
name = "Marshall Arruda";
|
||||
};
|
||||
|
@ -8594,6 +8616,13 @@
|
|||
fingerprint = "D709 03C8 0BE9 ACDC 14F0 3BFB 77BF E531 397E DE94";
|
||||
}];
|
||||
};
|
||||
meain = {
|
||||
email = "mail@meain.io";
|
||||
matrix = "@meain:matrix.org";
|
||||
github = "meain";
|
||||
githubId = 14259816;
|
||||
name = "Abin Simon";
|
||||
};
|
||||
meatcar = {
|
||||
email = "nixpkgs@denys.me";
|
||||
github = "meatcar";
|
||||
|
@ -9170,6 +9199,12 @@
|
|||
githubId = 15896005;
|
||||
name = "Vladyslav Burzakovskyy";
|
||||
};
|
||||
mrtarantoga = {
|
||||
email = "goetz-dev@web.de";
|
||||
name = "Götz Grimmer";
|
||||
github = "MrTarantoga";
|
||||
githubId = 53876219;
|
||||
};
|
||||
mrVanDalo = {
|
||||
email = "contact@ingolf-wagner.de";
|
||||
github = "mrVanDalo";
|
||||
|
@ -9610,7 +9645,7 @@
|
|||
};
|
||||
NieDzejkob = {
|
||||
email = "kuba@kadziolka.net";
|
||||
github = "NieDzejkob";
|
||||
github = "meithecatte";
|
||||
githubId = 23580910;
|
||||
name = "Jakub Kądziołka";
|
||||
keys = [{
|
||||
|
@ -10559,6 +10594,12 @@
|
|||
githubId = 3737;
|
||||
name = "Peter Jones";
|
||||
};
|
||||
pkharvey = {
|
||||
email = "kayharvey@protonmail.com";
|
||||
github = "pkharvey";
|
||||
githubId = 50750875;
|
||||
name = "Paul Harvey";
|
||||
};
|
||||
pkmx = {
|
||||
email = "pkmx.tw@gmail.com";
|
||||
github = "PkmX";
|
||||
|
@ -11079,7 +11120,7 @@
|
|||
};
|
||||
ratsclub = {
|
||||
email = "victor@freire.dev.br";
|
||||
github = "ratsclub";
|
||||
github = "vtrf";
|
||||
githubId = 25647735;
|
||||
name = "Victor Freire";
|
||||
};
|
||||
|
@ -13273,6 +13314,12 @@
|
|||
githubId = 57180880;
|
||||
name = "Ansh Tyagi";
|
||||
};
|
||||
therishidesai = {
|
||||
email = "desai.rishi1@gmail.com";
|
||||
github = "therishidesai";
|
||||
githubId = 5409166;
|
||||
name = "Rishi Desai";
|
||||
};
|
||||
thesola10 = {
|
||||
email = "me@thesola.io";
|
||||
github = "Thesola10";
|
||||
|
@ -13284,7 +13331,7 @@
|
|||
};
|
||||
thetallestjj = {
|
||||
email = "me+nixpkgs@jeroen-jetten.com";
|
||||
github = "thetallestjj";
|
||||
github = "TheTallestJJ";
|
||||
githubId = 6579555;
|
||||
name = "Jeroen Jetten";
|
||||
};
|
||||
|
@ -13636,6 +13683,12 @@
|
|||
githubId = 9870613;
|
||||
name = "Hubert Mühlhans";
|
||||
};
|
||||
trobert = {
|
||||
email = "thibaut.robert@gmail.com";
|
||||
github = "trobert";
|
||||
githubId = 504580;
|
||||
name = "Thibaut Robert";
|
||||
};
|
||||
troydm = {
|
||||
email = "d.geurkov@gmail.com";
|
||||
github = "troydm";
|
||||
|
@ -13814,7 +13867,7 @@
|
|||
};
|
||||
urandom = {
|
||||
email = "colin@urandom.co.uk";
|
||||
github = "arnottcr";
|
||||
github = "urandom2";
|
||||
githubId = 2526260;
|
||||
keys = [{
|
||||
fingerprint = "04A3 A2C6 0042 784A AEA7 D051 0447 A663 F7F3 E236";
|
||||
|
@ -13845,6 +13898,12 @@
|
|||
githubId = 120451;
|
||||
name = "Urban Skudnik";
|
||||
};
|
||||
usrfriendly = {
|
||||
name = "Arin Lares";
|
||||
email = "arinlares@gmail.com";
|
||||
github = "usrfriendly";
|
||||
githubId = 2502060;
|
||||
};
|
||||
utdemir = {
|
||||
email = "me@utdemir.com";
|
||||
github = "utdemir";
|
||||
|
@ -13991,7 +14050,7 @@
|
|||
name = "Dmitry Kalinkin";
|
||||
};
|
||||
victormignot = {
|
||||
email = "victor.mignot@protonmail.com";
|
||||
email = "root@victormignot.fr";
|
||||
github = "victormignot";
|
||||
githubId = 58660971;
|
||||
name = "Victor Mignot";
|
||||
|
@ -14418,7 +14477,7 @@
|
|||
wrmilling = {
|
||||
name = "Winston R. Milling";
|
||||
email = "Winston@Milli.ng";
|
||||
github = "WRMilling";
|
||||
github = "wrmilling";
|
||||
githubId = 6162814;
|
||||
keys = [{
|
||||
fingerprint = "21E1 6B8D 2EE8 7530 6A6C 9968 D830 77B9 9F8C 6643";
|
||||
|
@ -14473,6 +14532,12 @@
|
|||
github = "x3rAx";
|
||||
githubId = 2268851;
|
||||
};
|
||||
xanderio = {
|
||||
name = "Alexander Sieg";
|
||||
email = "alex@xanderio.de";
|
||||
github = "xanderio";
|
||||
githubId = 6298052;
|
||||
};
|
||||
xaverdh = {
|
||||
email = "hoe.dom@gmx.de";
|
||||
github = "xaverdh";
|
||||
|
@ -14585,7 +14650,7 @@
|
|||
};
|
||||
yana = {
|
||||
email = "yana@riseup.net";
|
||||
github = "sowelisuwi";
|
||||
github = "yanalunaterra";
|
||||
githubId = 1643293;
|
||||
name = "Yana Timoshenko";
|
||||
};
|
||||
|
@ -15352,7 +15417,7 @@
|
|||
yisuidenghua = {
|
||||
email = "bileiner@gmail.com";
|
||||
name = "Milena Yisui";
|
||||
github = "yisuidenghua";
|
||||
github = "YisuiDenghua";
|
||||
githubId = 102890144;
|
||||
};
|
||||
macalinao = {
|
||||
|
|
|
@ -14,6 +14,7 @@ cqueues,,,,,,vcunat
|
|||
cyrussasl,https://github.com/JorjBauer/lua-cyrussasl.git,,,,,
|
||||
digestif,https://github.com/astoff/digestif.git,,,0.2-1,5.3,
|
||||
dkjson,,,,,,
|
||||
fennel,,,,,,misterio77
|
||||
fifo,,,,,,
|
||||
fluent,,,,,,alerque
|
||||
gitsigns.nvim,https://github.com/lewis6991/gitsigns.nvim.git,,,,5.1,
|
||||
|
|
|
|
@ -52,7 +52,17 @@ async def run_update_script(nixpkgs_root: str, merge_lock: asyncio.Lock, temp_di
|
|||
eprint(f" - {package['name']}: UPDATING ...")
|
||||
|
||||
try:
|
||||
update_process = await check_subprocess('env', f"UPDATE_NIX_ATTR_PATH={package['attrPath']}", *update_script_command, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE, cwd=worktree)
|
||||
update_process = await check_subprocess(
|
||||
'env',
|
||||
f"UPDATE_NIX_NAME={package['name']}",
|
||||
f"UPDATE_NIX_PNAME={package['pname']}",
|
||||
f"UPDATE_NIX_OLD_VERSION={package['oldVersion']}",
|
||||
f"UPDATE_NIX_ATTR_PATH={package['attrPath']}",
|
||||
*update_script_command,
|
||||
stdout=asyncio.subprocess.PIPE,
|
||||
stderr=asyncio.subprocess.PIPE,
|
||||
cwd=worktree,
|
||||
)
|
||||
update_info = await update_process.stdout.read()
|
||||
|
||||
await merge_changes(merge_lock, package, update_info, temp_dir)
|
||||
|
|
30
third_party/nixpkgs/nixos/doc/manual/default.nix
vendored
30
third_party/nixpkgs/nixos/doc/manual/default.nix
vendored
|
@ -13,6 +13,8 @@
|
|||
with pkgs;
|
||||
|
||||
let
|
||||
inherit (lib) hasPrefix removePrefix;
|
||||
|
||||
lib = pkgs.lib;
|
||||
|
||||
docbook_xsl_ns = pkgs.docbook-xsl-ns.override {
|
||||
|
@ -36,6 +38,33 @@ let
|
|||
};
|
||||
};
|
||||
|
||||
nixos-lib = import ../../lib { };
|
||||
|
||||
testOptionsDoc = let
|
||||
eval = nixos-lib.evalTest {
|
||||
# Avoid evaluating a NixOS config prototype.
|
||||
config.node.type = lib.types.deferredModule;
|
||||
options._module.args = lib.mkOption { internal = true; };
|
||||
};
|
||||
in buildPackages.nixosOptionsDoc {
|
||||
inherit (eval) options;
|
||||
inherit (revision);
|
||||
transformOptions = opt: opt // {
|
||||
# Clean up declaration sites to not refer to the NixOS source tree.
|
||||
declarations =
|
||||
map
|
||||
(decl:
|
||||
if hasPrefix (toString ../../..) (toString decl)
|
||||
then
|
||||
let subpath = removePrefix "/" (removePrefix (toString ../../..) (toString decl));
|
||||
in { url = "https://github.com/NixOS/nixpkgs/blob/master/${subpath}"; name = subpath; }
|
||||
else decl)
|
||||
opt.declarations;
|
||||
};
|
||||
documentType = "none";
|
||||
variablelistId = "test-options-list";
|
||||
};
|
||||
|
||||
sources = lib.sourceFilesBySuffices ./. [".xml"];
|
||||
|
||||
modulesDoc = builtins.toFile "modules.xml" ''
|
||||
|
@ -50,6 +79,7 @@ let
|
|||
mkdir $out
|
||||
ln -s ${modulesDoc} $out/modules.xml
|
||||
ln -s ${optionsDoc.optionsDocBook} $out/options-db.xml
|
||||
ln -s ${testOptionsDoc.optionsDocBook} $out/test-options-db.xml
|
||||
printf "%s" "${version}" > $out/version
|
||||
'';
|
||||
|
||||
|
|
|
@ -24,6 +24,8 @@ back into the test driver command line upon its completion. This allows
|
|||
you to inspect the state of the VMs after the test (e.g. to debug the
|
||||
test script).
|
||||
|
||||
## Reuse VM state {#sec-nixos-test-reuse-vm-state}
|
||||
|
||||
You can re-use the VM states coming from a previous run by setting the
|
||||
`--keep-vm-state` flag.
|
||||
|
||||
|
@ -33,3 +35,15 @@ $ ./result/bin/nixos-test-driver --keep-vm-state
|
|||
|
||||
The machine state is stored in the `$TMPDIR/vm-state-machinename`
|
||||
directory.
|
||||
|
||||
## Interactive-only test configuration {#sec-nixos-test-interactive-configuration}
|
||||
|
||||
The `.driverInteractive` attribute combines the regular test configuration with
|
||||
definitions from the [`interactive` submodule](#opt-interactive). This gives you
|
||||
a more usable, graphical, but slightly different configuration.
|
||||
|
||||
You can add your own interactive-only test configuration by adding extra
|
||||
configuration to the [`interactive` submodule](#opt-interactive).
|
||||
|
||||
To interactively run only the regular configuration, build the `<test>.driver` attribute
|
||||
instead, and call it with the flag `result/bin/nixos-test-driver --interactive`.
|
||||
|
|
|
@ -2,22 +2,11 @@
|
|||
|
||||
You can run tests using `nix-build`. For example, to run the test
|
||||
[`login.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix),
|
||||
you just do:
|
||||
you do:
|
||||
|
||||
```ShellSession
|
||||
$ nix-build '<nixpkgs/nixos/tests/login.nix>'
|
||||
```
|
||||
|
||||
or, if you don't want to rely on `NIX_PATH`:
|
||||
|
||||
```ShellSession
|
||||
$ cd /my/nixpkgs/nixos/tests
|
||||
$ nix-build login.nix
|
||||
…
|
||||
running the VM test script
|
||||
machine: QEMU running (pid 8841)
|
||||
…
|
||||
6 out of 6 tests succeeded
|
||||
$ cd /my/git/clone/of/nixpkgs
|
||||
$ nix-build -A nixosTests.login
|
||||
```
|
||||
|
||||
After building/downloading all required dependencies, this will perform
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Writing Tests {#sec-writing-nixos-tests}
|
||||
|
||||
A NixOS test is a Nix expression that has the following structure:
|
||||
A NixOS test is a module that has the following structure:
|
||||
|
||||
```nix
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
|
||||
# One or more machines:
|
||||
nodes =
|
||||
|
@ -21,10 +21,13 @@ import ./make-test-python.nix {
|
|||
}
|
||||
```
|
||||
|
||||
The attribute `testScript` is a bit of Python code that executes the
|
||||
We refer to the whole test above as a test module, whereas the values
|
||||
in [`nodes.<name>`](#opt-nodes) are NixOS modules themselves.
|
||||
|
||||
The option [`testScript`](#opt-testScript) is a piece of Python code that executes the
|
||||
test (described below). During the test, it will start one or more
|
||||
virtual machines, the configuration of which is described by
|
||||
the attribute `nodes`.
|
||||
the option [`nodes`](#opt-nodes).
|
||||
|
||||
An example of a single-node test is
|
||||
[`login.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix).
|
||||
|
@ -34,7 +37,54 @@ when switching between consoles, and so on. An interesting multi-node test is
|
|||
[`nfs/simple.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/nfs/simple.nix).
|
||||
It uses two client nodes to test correct locking across server crashes.
|
||||
|
||||
There are a few special NixOS configuration options for test VMs:
|
||||
## Calling a test {#sec-calling-nixos-tests}
|
||||
|
||||
Tests are invoked differently depending on whether the test is part of NixOS or lives in a different project.
|
||||
|
||||
### Testing within NixOS {#sec-call-nixos-test-in-nixos}
|
||||
|
||||
Tests that are part of NixOS are added to [`nixos/tests/all-tests.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/all-tests.nix).
|
||||
|
||||
```nix
|
||||
hostname = runTest ./hostname.nix;
|
||||
```
|
||||
|
||||
Overrides can be added by defining an anonymous module in `all-tests.nix`.
|
||||
|
||||
```nix
|
||||
hostname = runTest {
|
||||
imports = [ ./hostname.nix ];
|
||||
defaults.networking.firewall.enable = false;
|
||||
};
|
||||
```
|
||||
|
||||
You can run a test with attribute name `hostname` in `nixos/tests/all-tests.nix` by invoking:
|
||||
|
||||
```shell
|
||||
cd /my/git/clone/of/nixpkgs
|
||||
nix-build -A nixosTests.hostname
|
||||
```
|
||||
|
||||
### Testing outside the NixOS project {#sec-call-nixos-test-outside-nixos}
|
||||
|
||||
Outside the `nixpkgs` repository, you can instantiate the test by first importing the NixOS library,
|
||||
|
||||
```nix
|
||||
let nixos-lib = import (nixpkgs + "/nixos/lib") { };
|
||||
in
|
||||
|
||||
nixos-lib.runTest {
|
||||
imports = [ ./test.nix ];
|
||||
hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs
|
||||
defaults.services.foo.package = mypkg;
|
||||
}
|
||||
```
|
||||
|
||||
`runTest` returns a derivation that runs the test.
|
||||
|
||||
## Configuring the nodes {#sec-nixos-test-nodes}
|
||||
|
||||
There are a few special NixOS options for test VMs:
|
||||
|
||||
`virtualisation.memorySize`
|
||||
|
||||
|
@ -121,7 +171,7 @@ The following methods are available on machine objects:
|
|||
least one will be returned.
|
||||
|
||||
::: {.note}
|
||||
This requires passing `enableOCR` to the test attribute set.
|
||||
This requires [`enableOCR`](#opt-enableOCR) to be set to `true`.
|
||||
:::
|
||||
|
||||
`get_screen_text`
|
||||
|
@ -130,7 +180,7 @@ The following methods are available on machine objects:
|
|||
machine\'s screen using optical character recognition.
|
||||
|
||||
::: {.note}
|
||||
This requires passing `enableOCR` to the test attribute set.
|
||||
This requires [`enableOCR`](#opt-enableOCR) to be set to `true`.
|
||||
:::
|
||||
|
||||
`send_monitor_command`
|
||||
|
@ -241,7 +291,7 @@ The following methods are available on machine objects:
|
|||
`get_screen_text` and `get_screen_text_variants`).
|
||||
|
||||
::: {.note}
|
||||
This requires passing `enableOCR` to the test attribute set.
|
||||
This requires [`enableOCR`](#opt-enableOCR) to be set to `true`.
|
||||
:::
|
||||
|
||||
`wait_for_console_text`
|
||||
|
@ -304,7 +354,7 @@ For faster dev cycles it\'s also possible to disable the code-linters
|
|||
(this shouldn\'t be commited though):
|
||||
|
||||
```nix
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
skipLint = true;
|
||||
nodes.machine =
|
||||
{ config, pkgs, ... }:
|
||||
|
@ -336,7 +386,7 @@ Similarly, the type checking of test scripts can be disabled in the following
|
|||
way:
|
||||
|
||||
```nix
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
skipTypeCheck = true;
|
||||
nodes.machine =
|
||||
{ config, pkgs, ... }:
|
||||
|
@ -400,7 +450,6 @@ added using the parameter `extraPythonPackages`. For example, you could add
|
|||
`numpy` like this:
|
||||
|
||||
```nix
|
||||
import ./make-test-python.nix
|
||||
{
|
||||
extraPythonPackages = p: [ p.numpy ];
|
||||
|
||||
|
@ -417,3 +466,11 @@ import ./make-test-python.nix
|
|||
```
|
||||
|
||||
In that case, `numpy` is chosen from the generic `python3Packages`.
|
||||
|
||||
## Test Options Reference {#sec-test-options-reference}
|
||||
|
||||
The following options can be used when writing tests.
|
||||
|
||||
```{=docbook}
|
||||
<xi:include href="../../generated/test-options-db.xml" xpointer="test-options-list"/>
|
||||
```
|
||||
|
|
|
@ -25,6 +25,8 @@ $ ./result/bin/nixos-test-driver
|
|||
completion. This allows you to inspect the state of the VMs after
|
||||
the test (e.g. to debug the test script).
|
||||
</para>
|
||||
<section xml:id="sec-nixos-test-reuse-vm-state">
|
||||
<title>Reuse VM state</title>
|
||||
<para>
|
||||
You can re-use the VM states coming from a previous run by setting
|
||||
the <literal>--keep-vm-state</literal> flag.
|
||||
|
@ -36,4 +38,27 @@ $ ./result/bin/nixos-test-driver --keep-vm-state
|
|||
The machine state is stored in the
|
||||
<literal>$TMPDIR/vm-state-machinename</literal> directory.
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="sec-nixos-test-interactive-configuration">
|
||||
<title>Interactive-only test configuration</title>
|
||||
<para>
|
||||
The <literal>.driverInteractive</literal> attribute combines the
|
||||
regular test configuration with definitions from the
|
||||
<link linkend="opt-interactive"><literal>interactive</literal>
|
||||
submodule</link>. This gives you a more usable, graphical, but
|
||||
slightly different configuration.
|
||||
</para>
|
||||
<para>
|
||||
You can add your own interactive-only test configuration by adding
|
||||
extra configuration to the
|
||||
<link linkend="opt-interactive"><literal>interactive</literal>
|
||||
submodule</link>.
|
||||
</para>
|
||||
<para>
|
||||
To interactively run only the regular configuration, build the
|
||||
<literal><test>.driver</literal> attribute instead, and call
|
||||
it with the flag
|
||||
<literal>result/bin/nixos-test-driver --interactive</literal>.
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -4,22 +4,11 @@
|
|||
You can run tests using <literal>nix-build</literal>. For example,
|
||||
to run the test
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix"><literal>login.nix</literal></link>,
|
||||
you just do:
|
||||
you do:
|
||||
</para>
|
||||
<programlisting>
|
||||
$ nix-build '<nixpkgs/nixos/tests/login.nix>'
|
||||
</programlisting>
|
||||
<para>
|
||||
or, if you don’t want to rely on <literal>NIX_PATH</literal>:
|
||||
</para>
|
||||
<programlisting>
|
||||
$ cd /my/nixpkgs/nixos/tests
|
||||
$ nix-build login.nix
|
||||
…
|
||||
running the VM test script
|
||||
machine: QEMU running (pid 8841)
|
||||
…
|
||||
6 out of 6 tests succeeded
|
||||
$ cd /my/git/clone/of/nixpkgs
|
||||
$ nix-build -A nixosTests.login
|
||||
</programlisting>
|
||||
<para>
|
||||
After building/downloading all required dependencies, this will
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-writing-nixos-tests">
|
||||
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" xml:id="sec-writing-nixos-tests">
|
||||
<title>Writing Tests</title>
|
||||
<para>
|
||||
A NixOS test is a Nix expression that has the following structure:
|
||||
A NixOS test is a module that has the following structure:
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
|
||||
# One or more machines:
|
||||
nodes =
|
||||
|
@ -22,10 +22,18 @@ import ./make-test-python.nix {
|
|||
}
|
||||
</programlisting>
|
||||
<para>
|
||||
The attribute <literal>testScript</literal> is a bit of Python code
|
||||
that executes the test (described below). During the test, it will
|
||||
start one or more virtual machines, the configuration of which is
|
||||
described by the attribute <literal>nodes</literal>.
|
||||
We refer to the whole test above as a test module, whereas the
|
||||
values in
|
||||
<link linkend="opt-nodes"><literal>nodes.<name></literal></link>
|
||||
are NixOS modules themselves.
|
||||
</para>
|
||||
<para>
|
||||
The option
|
||||
<link linkend="opt-testScript"><literal>testScript</literal></link>
|
||||
is a piece of Python code that executes the test (described below).
|
||||
During the test, it will start one or more virtual machines, the
|
||||
configuration of which is described by the option
|
||||
<link linkend="opt-nodes"><literal>nodes</literal></link>.
|
||||
</para>
|
||||
<para>
|
||||
An example of a single-node test is
|
||||
|
@ -38,8 +46,67 @@ import ./make-test-python.nix {
|
|||
It uses two client nodes to test correct locking across server
|
||||
crashes.
|
||||
</para>
|
||||
<section xml:id="sec-calling-nixos-tests">
|
||||
<title>Calling a test</title>
|
||||
<para>
|
||||
There are a few special NixOS configuration options for test VMs:
|
||||
Tests are invoked differently depending on whether the test is
|
||||
part of NixOS or lives in a different project.
|
||||
</para>
|
||||
<section xml:id="sec-call-nixos-test-in-nixos">
|
||||
<title>Testing within NixOS</title>
|
||||
<para>
|
||||
Tests that are part of NixOS are added to
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/all-tests.nix"><literal>nixos/tests/all-tests.nix</literal></link>.
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
hostname = runTest ./hostname.nix;
|
||||
</programlisting>
|
||||
<para>
|
||||
Overrides can be added by defining an anonymous module in
|
||||
<literal>all-tests.nix</literal>.
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
hostname = runTest {
|
||||
imports = [ ./hostname.nix ];
|
||||
defaults.networking.firewall.enable = false;
|
||||
};
|
||||
</programlisting>
|
||||
<para>
|
||||
You can run a test with attribute name
|
||||
<literal>hostname</literal> in
|
||||
<literal>nixos/tests/all-tests.nix</literal> by invoking:
|
||||
</para>
|
||||
<programlisting>
|
||||
cd /my/git/clone/of/nixpkgs
|
||||
nix-build -A nixosTests.hostname
|
||||
</programlisting>
|
||||
</section>
|
||||
<section xml:id="sec-call-nixos-test-outside-nixos">
|
||||
<title>Testing outside the NixOS project</title>
|
||||
<para>
|
||||
Outside the <literal>nixpkgs</literal> repository, you can
|
||||
instantiate the test by first importing the NixOS library,
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
let nixos-lib = import (nixpkgs + "/nixos/lib") { };
|
||||
in
|
||||
|
||||
nixos-lib.runTest {
|
||||
imports = [ ./test.nix ];
|
||||
hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs
|
||||
defaults.services.foo.package = mypkg;
|
||||
}
|
||||
</programlisting>
|
||||
<para>
|
||||
<literal>runTest</literal> returns a derivation that runs the
|
||||
test.
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
<section xml:id="sec-nixos-test-nodes">
|
||||
<title>Configuring the nodes</title>
|
||||
<para>
|
||||
There are a few special NixOS options for test VMs:
|
||||
</para>
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
|
@ -71,8 +138,8 @@ import ./make-test-python.nix {
|
|||
<listitem>
|
||||
<para>
|
||||
By default, the Nix store in the VM is not writable. If you
|
||||
enable this option, a writable union file system is mounted on
|
||||
top of the Nix store to make it appear writable. This is
|
||||
enable this option, a writable union file system is mounted
|
||||
on top of the Nix store to make it appear writable. This is
|
||||
necessary for tests that run Nix operations that modify the
|
||||
store.
|
||||
</para>
|
||||
|
@ -103,13 +170,14 @@ if not "Linux" in machine.succeed("uname"):
|
|||
<para>
|
||||
The first line is technically unnecessary; machines are implicitly
|
||||
started when you first execute an action on them (such as
|
||||
<literal>wait_for_unit</literal> or <literal>succeed</literal>). If
|
||||
you have multiple machines, you can speed up the test by starting
|
||||
them in parallel:
|
||||
<literal>wait_for_unit</literal> or <literal>succeed</literal>).
|
||||
If you have multiple machines, you can speed up the test by
|
||||
starting them in parallel:
|
||||
</para>
|
||||
<programlisting language="python">
|
||||
start_all()
|
||||
</programlisting>
|
||||
</section>
|
||||
<section xml:id="ssec-machine-objects">
|
||||
<title>Machine objects</title>
|
||||
<para>
|
||||
|
@ -194,8 +262,9 @@ start_all()
|
|||
</para>
|
||||
<note>
|
||||
<para>
|
||||
This requires passing <literal>enableOCR</literal> to the
|
||||
test attribute set.
|
||||
This requires
|
||||
<link linkend="opt-enableOCR"><literal>enableOCR</literal></link>
|
||||
to be set to <literal>true</literal>.
|
||||
</para>
|
||||
</note>
|
||||
</listitem>
|
||||
|
@ -211,8 +280,9 @@ start_all()
|
|||
</para>
|
||||
<note>
|
||||
<para>
|
||||
This requires passing <literal>enableOCR</literal> to the
|
||||
test attribute set.
|
||||
This requires
|
||||
<link linkend="opt-enableOCR"><literal>enableOCR</literal></link>
|
||||
to be set to <literal>true</literal>.
|
||||
</para>
|
||||
</note>
|
||||
</listitem>
|
||||
|
@ -451,8 +521,9 @@ start_all()
|
|||
</para>
|
||||
<note>
|
||||
<para>
|
||||
This requires passing <literal>enableOCR</literal> to the
|
||||
test attribute set.
|
||||
This requires
|
||||
<link linkend="opt-enableOCR"><literal>enableOCR</literal></link>
|
||||
to be set to <literal>true</literal>.
|
||||
</para>
|
||||
</note>
|
||||
</listitem>
|
||||
|
@ -563,7 +634,7 @@ machine.wait_for_unit("xautolock.service", "x-session-user")
|
|||
code-linters (this shouldn't be commited though):
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
skipLint = true;
|
||||
nodes.machine =
|
||||
{ config, pkgs, ... }:
|
||||
|
@ -595,7 +666,7 @@ import ./make-test-python.nix {
|
|||
the following way:
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
import ./make-test-python.nix {
|
||||
{
|
||||
skipTypeCheck = true;
|
||||
nodes.machine =
|
||||
{ config, pkgs, ... }:
|
||||
|
@ -669,7 +740,6 @@ def foo_running():
|
|||
<literal>numpy</literal> like this:
|
||||
</para>
|
||||
<programlisting language="bash">
|
||||
import ./make-test-python.nix
|
||||
{
|
||||
extraPythonPackages = p: [ p.numpy ];
|
||||
|
||||
|
@ -689,4 +759,11 @@ import ./make-test-python.nix
|
|||
<literal>python3Packages</literal>.
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="sec-test-options-reference">
|
||||
<title>Test Options Reference</title>
|
||||
<para>
|
||||
The following options can be used when writing tests.
|
||||
</para>
|
||||
<xi:include href="../../generated/test-options-db.xml" xpointer="test-options-list"/>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -142,6 +142,13 @@
|
|||
OpenSSL now defaults to OpenSSL 3, updated from 1.1.1.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
An image configuration and generator has been added for Linode
|
||||
images, largely based on the present GCE configuration and
|
||||
image.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>hardware.nvidia</literal> has a new option
|
||||
|
@ -210,6 +217,14 @@
|
|||
<link xlink:href="options.html#opt-services.infnoise.enable">services.infnoise</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/prymitive/kthxbye">kthxbye</link>,
|
||||
an alert acknowledgement management daemon for Prometheus
|
||||
Alertmanager. Available as
|
||||
<link xlink:href="options.html#opt-services.kthxbye.enable">services.kthxbye</link>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/jtroo/kanata">kanata</link>,
|
||||
|
@ -225,6 +240,13 @@
|
|||
<link xlink:href="options.html#opt-services.languagetool.enable">services.languagetool</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master">OpenRGB</link>,
|
||||
a FOSS tool for controlling RGB lighting. Available as
|
||||
<link xlink:href="options.html#opt-services-hardware-openrgb-enable">services.hardware.openrgb.enable</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://www.getoutline.com/">Outline</link>,
|
||||
|
@ -270,6 +292,13 @@
|
|||
<link linkend="opt-services.dolibarr.enable">services.dolibarr</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://freshrss.org/">FreshRSS</link>, a
|
||||
free, self-hostable RSS feed aggregator. Available as
|
||||
<link linkend="opt-services.freshrss.enable">services.freshrss</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://www.expressvpn.com">expressvpn</link>,
|
||||
|
@ -474,6 +503,14 @@
|
|||
maintainer to update the package.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The (previously undocumented) Nixpkgs configuration option
|
||||
<literal>checkMeta</literal> now defaults to
|
||||
<literal>true</literal>. This may cause evaluation failures
|
||||
for packages with incorrect <literal>meta</literal> attribute.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
xow package removed along with the
|
||||
|
@ -617,6 +654,12 @@
|
|||
guide</link> on how to migrate your Neo4j instance.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>networking.wireguard</literal> module now can set
|
||||
the mtu on interfaces and tag its packets with an fwmark.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>services.matrix-synapse</literal> systemd unit
|
||||
|
@ -694,6 +737,21 @@
|
|||
Add udev rules for the Teensy family of microcontrollers.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
systemd-oomd is enabled by default. Depending on which systemd
|
||||
units have <literal>ManagedOOMSwap=kill</literal> or
|
||||
<literal>ManagedOOMMemoryPressure=kill</literal>, systemd-oomd
|
||||
will SIGKILL all the processes under the appropriate
|
||||
descendant cgroups when the configured limits are exceeded.
|
||||
NixOS does currently not configure cgroups with oomd by
|
||||
default, this can be enabled using
|
||||
<link xlink:href="options.html#opt-systemd.oomd.enableRootSlice">systemd.oomd.enableRootSlice</link>,
|
||||
<link xlink:href="options.html#opt-systemd.oomd.enableSystemSlice">systemd.oomd.enableSystemSlice</link>,
|
||||
and
|
||||
<link xlink:href="options.html#opt-systemd.oomd.enableUserServices">systemd.oomd.enableUserServices</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>pass-secret-service</literal> package now
|
||||
|
@ -734,6 +792,18 @@
|
|||
which no longer has a downgrade path to releases 1.2 or older.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>nodePackages</literal> package set now defaults
|
||||
to the LTS release in the <literal>nodejs</literal> package
|
||||
again, instead of being pinned to
|
||||
<literal>nodejs-14_x</literal>. Several updates to node2nix
|
||||
have been made for compatibility with newer Node.js and npm
|
||||
versions and a new <literal>postRebuild</literal> hook has
|
||||
been added for packages to perform extra build steps before
|
||||
the npm install step prunes dev dependencies.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -57,6 +57,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- OpenSSL now defaults to OpenSSL 3, updated from 1.1.1.
|
||||
|
||||
- An image configuration and generator has been added for Linode images, largely based on the present GCE configuration and image.
|
||||
|
||||
- `hardware.nvidia` has a new option `open` that can be used to opt in the opensource version of NVIDIA kernel driver. Note that the driver's support for GeForce and Workstation GPUs is still alpha quality, see [NVIDIA Releases Open-Source GPU Kernel Modules](https://developer.nvidia.com/blog/nvidia-releases-open-source-gpu-kernel-modules/) for the official announcement.
|
||||
|
||||
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
||||
|
@ -77,12 +79,16 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
- [infnoise](https://github.com/leetronics/infnoise), a hardware True Random Number Generator dongle.
|
||||
Available as [services.infnoise](options.html#opt-services.infnoise.enable).
|
||||
|
||||
- [kthxbye](https://github.com/prymitive/kthxbye), an alert acknowledgement management daemon for Prometheus Alertmanager. Available as [services.kthxbye](options.html#opt-services.kthxbye.enable)
|
||||
|
||||
- [kanata](https://github.com/jtroo/kanata), a tool to improve keyboard comfort and usability with advanced customization.
|
||||
Available as [services.kanata](options.html#opt-services.kanata.enable).
|
||||
|
||||
- [languagetool](https://languagetool.org/), a multilingual grammar, style, and spell checker.
|
||||
Available as [services.languagetool](options.html#opt-services.languagetool.enable).
|
||||
|
||||
- [OpenRGB](https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master), a FOSS tool for controlling RGB lighting. Available as [services.hardware.openrgb.enable](options.html#opt-services-hardware-openrgb-enable).
|
||||
|
||||
- [Outline](https://www.getoutline.com/), a wiki and knowledge base similar to Notion. Available as [services.outline](#opt-services.outline.enable).
|
||||
|
||||
- [alps](https://git.sr.ht/~migadu/alps), a simple and extensible webmail. Available as [services.alps](#opt-services.alps.enable).
|
||||
|
@ -96,6 +102,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- [Dolibarr](https://www.dolibarr.org/), an enterprise resource planning and customer relationship manager. Enable using [services.dolibarr](#opt-services.dolibarr.enable).
|
||||
|
||||
- [FreshRSS](https://freshrss.org/), a free, self-hostable RSS feed aggregator. Available as [services.freshrss](#opt-services.freshrss.enable).
|
||||
|
||||
- [expressvpn](https://www.expressvpn.com), the CLI client for ExpressVPN. Available as [services.expressvpn](#opt-services.expressvpn.enable).
|
||||
|
||||
- [go-autoconfig](https://github.com/L11R/go-autoconfig), IMAP/SMTP autodiscover server. Available as [services.go-autoconfig](#opt-services.go-autoconfig.enable).
|
||||
|
@ -164,6 +172,9 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- riak package removed along with `services.riak` module, due to lack of maintainer to update the package.
|
||||
|
||||
- The (previously undocumented) Nixpkgs configuration option `checkMeta` now defaults to `true`. This may cause evaluation
|
||||
failures for packages with incorrect `meta` attribute.
|
||||
|
||||
- xow package removed along with the `hardware.xow` module, due to the project being deprecated in favor of `xone`, which is available via the `hardware.xone` module.
|
||||
|
||||
- dd-agent package removed along with the `services.dd-agent` module, due to the project being deprecated in favor of `datadog-agent`, which is available via the `services.datadog-agent` module.
|
||||
|
@ -208,6 +219,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- Neo4j was updated from version 3 to version 4. See this [migration guide](https://neo4j.com/docs/upgrade-migration-guide/current/) on how to migrate your Neo4j instance.
|
||||
|
||||
- The `networking.wireguard` module now can set the mtu on interfaces and tag its packets with an fwmark.
|
||||
|
||||
- The `services.matrix-synapse` systemd unit has been hardened.
|
||||
|
||||
- Matrix Synapse now requires entries in the `state_group_edges` table to be unique, in order to prevent accidentally introducing duplicate information (for example, because a database backup was restored multiple times). If your Synapse database already has duplicate rows in this table, this could fail with an error and require manual remediation.
|
||||
|
@ -228,6 +241,15 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- Add udev rules for the Teensy family of microcontrollers.
|
||||
|
||||
- systemd-oomd is enabled by default. Depending on which systemd units have
|
||||
`ManagedOOMSwap=kill` or `ManagedOOMMemoryPressure=kill`, systemd-oomd will
|
||||
SIGKILL all the processes under the appropriate descendant cgroups when the
|
||||
configured limits are exceeded. NixOS does currently not configure cgroups
|
||||
with oomd by default, this can be enabled using
|
||||
[systemd.oomd.enableRootSlice](options.html#opt-systemd.oomd.enableRootSlice),
|
||||
[systemd.oomd.enableSystemSlice](options.html#opt-systemd.oomd.enableSystemSlice),
|
||||
and [systemd.oomd.enableUserServices](options.html#opt-systemd.oomd.enableUserServices).
|
||||
|
||||
- The `pass-secret-service` package now includes systemd units from upstream, so adding it to the NixOS `services.dbus.packages` option will make it start automatically as a systemd user service when an application tries to talk to the libsecret D-Bus API.
|
||||
|
||||
- There is a new module for AMD SEV CPU functionality, which grants access to the hardware.
|
||||
|
@ -238,4 +260,6 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
|
|||
|
||||
- The `nomad` package now defaults to 1.3, which no longer has a downgrade path to releases 1.2 or older.
|
||||
|
||||
- The `nodePackages` package set now defaults to the LTS release in the `nodejs` package again, instead of being pinned to `nodejs-14_x`. Several updates to node2nix have been made for compatibility with newer Node.js and npm versions and a new `postRebuild` hook has been added for packages to perform extra build steps before the npm install step prunes dev dependencies.
|
||||
|
||||
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
||||
|
|
113
third_party/nixpkgs/nixos/lib/build-vms.nix
vendored
113
third_party/nixpkgs/nixos/lib/build-vms.nix
vendored
|
@ -1,113 +0,0 @@
|
|||
{ system
|
||||
, # Use a minimal kernel?
|
||||
minimal ? false
|
||||
, # Ignored
|
||||
config ? null
|
||||
, # Nixpkgs, for qemu, lib and more
|
||||
pkgs, lib
|
||||
, # !!! See comment about args in lib/modules.nix
|
||||
specialArgs ? {}
|
||||
, # NixOS configuration to add to the VMs
|
||||
extraConfigurations ? []
|
||||
}:
|
||||
|
||||
with lib;
|
||||
|
||||
rec {
|
||||
|
||||
inherit pkgs;
|
||||
|
||||
# Build a virtual network from an attribute set `{ machine1 =
|
||||
# config1; ... machineN = configN; }', where `machineX' is the
|
||||
# hostname and `configX' is a NixOS system configuration. Each
|
||||
# machine is given an arbitrary IP address in the virtual network.
|
||||
buildVirtualNetwork =
|
||||
nodes: let nodesOut = mapAttrs (n: buildVM nodesOut) (assignIPAddresses nodes); in nodesOut;
|
||||
|
||||
|
||||
buildVM =
|
||||
nodes: configurations:
|
||||
|
||||
import ./eval-config.nix {
|
||||
inherit system specialArgs;
|
||||
modules = configurations ++ extraConfigurations;
|
||||
baseModules = (import ../modules/module-list.nix) ++
|
||||
[ ../modules/virtualisation/qemu-vm.nix
|
||||
../modules/testing/test-instrumentation.nix # !!! should only get added for automated test runs
|
||||
{ key = "no-manual"; documentation.nixos.enable = false; }
|
||||
{ key = "no-revision";
|
||||
# Make the revision metadata constant, in order to avoid needless retesting.
|
||||
# The human version (e.g. 21.05-pre) is left as is, because it is useful
|
||||
# for external modules that test with e.g. testers.nixosTest and rely on that
|
||||
# version number.
|
||||
config.system.nixos.revision = mkForce "constant-nixos-revision";
|
||||
}
|
||||
{ key = "nodes"; _module.args.nodes = nodes; }
|
||||
] ++ optional minimal ../modules/testing/minimal-kernel.nix;
|
||||
};
|
||||
|
||||
|
||||
# Given an attribute set { machine1 = config1; ... machineN =
|
||||
# configN; }, sequentially assign IP addresses in the 192.168.1.0/24
|
||||
# range to each machine, and set the hostname to the attribute name.
|
||||
assignIPAddresses = nodes:
|
||||
|
||||
let
|
||||
|
||||
machines = attrNames nodes;
|
||||
|
||||
machinesNumbered = zipLists machines (range 1 254);
|
||||
|
||||
nodes_ = forEach machinesNumbered (m: nameValuePair m.fst
|
||||
[ ( { config, nodes, ... }:
|
||||
let
|
||||
interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255);
|
||||
interfaces = forEach interfacesNumbered ({ fst, snd }:
|
||||
nameValuePair "eth${toString snd}" { ipv4.addresses =
|
||||
[ { address = "192.168.${toString fst}.${toString m.snd}";
|
||||
prefixLength = 24;
|
||||
} ];
|
||||
});
|
||||
|
||||
networkConfig =
|
||||
{ networking.hostName = mkDefault m.fst;
|
||||
|
||||
networking.interfaces = listToAttrs interfaces;
|
||||
|
||||
networking.primaryIPAddress =
|
||||
optionalString (interfaces != []) (head (head interfaces).value.ipv4.addresses).address;
|
||||
|
||||
# Put the IP addresses of all VMs in this machine's
|
||||
# /etc/hosts file. If a machine has multiple
|
||||
# interfaces, use the IP address corresponding to
|
||||
# the first interface (i.e. the first network in its
|
||||
# virtualisation.vlans option).
|
||||
networking.extraHosts = flip concatMapStrings machines
|
||||
(m': let config = (getAttr m' nodes).config; in
|
||||
optionalString (config.networking.primaryIPAddress != "")
|
||||
("${config.networking.primaryIPAddress} " +
|
||||
optionalString (config.networking.domain != null)
|
||||
"${config.networking.hostName}.${config.networking.domain} " +
|
||||
"${config.networking.hostName}\n"));
|
||||
|
||||
virtualisation.qemu.options =
|
||||
let qemu-common = import ../lib/qemu-common.nix { inherit lib pkgs; };
|
||||
in flip concatMap interfacesNumbered
|
||||
({ fst, snd }: qemu-common.qemuNICFlags snd fst m.snd);
|
||||
};
|
||||
|
||||
in
|
||||
{ key = "ip-address";
|
||||
config = networkConfig // {
|
||||
# Expose the networkConfig items for tests like nixops
|
||||
# that need to recreate the network config.
|
||||
system.build.networkConfig = networkConfig;
|
||||
};
|
||||
}
|
||||
)
|
||||
(getAttr m.fst nodes)
|
||||
] );
|
||||
|
||||
in listToAttrs nodes_;
|
||||
|
||||
}
|
8
third_party/nixpkgs/nixos/lib/default.nix
vendored
8
third_party/nixpkgs/nixos/lib/default.nix
vendored
|
@ -21,6 +21,8 @@ let
|
|||
seqAttrsIf = cond: a: lib.mapAttrs (_: v: seqIf cond a v);
|
||||
|
||||
eval-config-minimal = import ./eval-config-minimal.nix { inherit lib; };
|
||||
|
||||
testing-lib = import ./testing/default.nix { inherit lib; };
|
||||
in
|
||||
/*
|
||||
This attribute set appears as lib.nixos in the flake, or can be imported
|
||||
|
@ -30,4 +32,10 @@ in
|
|||
inherit (seqAttrsIf (!featureFlags?minimalModules) minimalModulesWarning eval-config-minimal)
|
||||
evalModules
|
||||
;
|
||||
|
||||
inherit (testing-lib)
|
||||
evalTest
|
||||
runTest
|
||||
;
|
||||
|
||||
}
|
||||
|
|
|
@ -17,6 +17,8 @@ evalConfigArgs@
|
|||
# be set modularly anyway.
|
||||
pkgs ? null
|
||||
, # !!! what do we gain by making this configurable?
|
||||
# we can add modules that are included in specialisations, regardless
|
||||
# of inheritParentConfig.
|
||||
baseModules ? import ../modules/module-list.nix
|
||||
, # !!! See comment about args in lib/modules.nix
|
||||
extraArgs ? {}
|
||||
|
|
|
@ -259,20 +259,24 @@ def is_docbook(o, key):
|
|||
# check that every option has a description
|
||||
hasWarnings = False
|
||||
hasErrors = False
|
||||
hasDocBookErrors = False
|
||||
for (k, v) in options.items():
|
||||
if errorOnDocbook:
|
||||
if isinstance(v.value.get('description', {}), str):
|
||||
hasErrors = True
|
||||
hasDocBookErrors = True
|
||||
print(
|
||||
f"\x1b[1;31merror: option {v.name} description uses DocBook\x1b[0m",
|
||||
file=sys.stderr)
|
||||
elif is_docbook(v.value, 'defaultText'):
|
||||
hasErrors = True
|
||||
hasDocBookErrors = True
|
||||
print(
|
||||
f"\x1b[1;31merror: option {v.name} default uses DocBook\x1b[0m",
|
||||
file=sys.stderr)
|
||||
elif is_docbook(v.value, 'example'):
|
||||
hasErrors = True
|
||||
hasDocBookErrors = True
|
||||
print(
|
||||
f"\x1b[1;31merror: option {v.name} example uses DocBook\x1b[0m",
|
||||
file=sys.stderr)
|
||||
|
@ -287,6 +291,20 @@ for (k, v) in options.items():
|
|||
f"\x1b[1;31m{severity}: option {v.name} has no type. Please specify a valid type, see " +
|
||||
"https://nixos.org/manual/nixos/stable/index.html#sec-option-types\x1b[0m", file=sys.stderr)
|
||||
|
||||
if hasDocBookErrors:
|
||||
print("Explanation: The documentation contains descriptions, examples, or defaults written in DocBook. " +
|
||||
"NixOS is in the process of migrating from DocBook to Markdown, and " +
|
||||
"DocBook is disallowed for in-tree modules. To change your contribution to "+
|
||||
"use Markdown, apply mdDoc and literalMD. For example:\n" +
|
||||
"\n" +
|
||||
" example.foo = mkOption {\n" +
|
||||
" description = lib.mdDoc ''your description'';\n" +
|
||||
" defaultText = lib.literalMD ''your description of default'';\n" +
|
||||
" }\n" +
|
||||
"\n" +
|
||||
" example.enable = mkEnableOption (lib.mdDoc ''your thing'');",
|
||||
file = sys.stderr)
|
||||
|
||||
if hasErrors:
|
||||
sys.exit(1)
|
||||
if hasWarnings and warningsAreErrors:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
# Extra tar arguments
|
||||
, extraArgs ? ""
|
||||
# Command used for compression
|
||||
, compressCommand ? "pixz"
|
||||
, compressCommand ? "pixz -t"
|
||||
# Extension for the compressed tarball
|
||||
, compressionExtension ? ".xz"
|
||||
# extra inputs, like the compressor to use
|
||||
|
|
246
third_party/nixpkgs/nixos/lib/testing-python.nix
vendored
246
third_party/nixpkgs/nixos/lib/testing-python.nix
vendored
|
@ -12,160 +12,23 @@
|
|||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
nixos-lib = import ./default.nix { inherit (pkgs) lib; };
|
||||
in
|
||||
|
||||
rec {
|
||||
|
||||
inherit pkgs;
|
||||
|
||||
# Run an automated test suite in the given virtual network.
|
||||
runTests = { driver, driverInteractive, pos }:
|
||||
stdenv.mkDerivation {
|
||||
name = "vm-test-run-${driver.testName}";
|
||||
evalTest = module: nixos-lib.evalTest { imports = [ extraTestModule module ]; };
|
||||
runTest = module: nixos-lib.runTest { imports = [ extraTestModule module ]; };
|
||||
|
||||
requiredSystemFeatures = [ "kvm" "nixos-test" ];
|
||||
|
||||
buildCommand =
|
||||
''
|
||||
mkdir -p $out
|
||||
|
||||
# effectively mute the XMLLogger
|
||||
export LOGFILE=/dev/null
|
||||
|
||||
${driver}/bin/nixos-test-driver -o $out
|
||||
'';
|
||||
|
||||
passthru = driver.passthru // {
|
||||
inherit driver driverInteractive;
|
||||
extraTestModule = {
|
||||
config = {
|
||||
hostPkgs = pkgs;
|
||||
};
|
||||
|
||||
inherit pos; # for better debugging
|
||||
};
|
||||
|
||||
# Generate convenience wrappers for running the test driver
|
||||
# has vlans, vms and test script defaulted through env variables
|
||||
# also instantiates test script with nodes, if it's a function (contract)
|
||||
setupDriverForTest = {
|
||||
testScript
|
||||
, testName
|
||||
, nodes
|
||||
, qemu_pkg ? pkgs.qemu_test
|
||||
, enableOCR ? false
|
||||
, skipLint ? false
|
||||
, skipTypeCheck ? false
|
||||
, passthru ? {}
|
||||
, interactive ? false
|
||||
, extraPythonPackages ? (_ :[])
|
||||
}:
|
||||
let
|
||||
# Reifies and correctly wraps the python test driver for
|
||||
# the respective qemu version and with or without ocr support
|
||||
testDriver = pkgs.callPackage ./test-driver {
|
||||
inherit enableOCR extraPythonPackages;
|
||||
qemu_pkg = qemu_test;
|
||||
imagemagick_light = imagemagick_light.override { inherit libtiff; };
|
||||
tesseract4 = tesseract4.override { enableLanguages = [ "eng" ]; };
|
||||
};
|
||||
|
||||
|
||||
testDriverName =
|
||||
let
|
||||
# A standard store path to the vm monitor is built like this:
|
||||
# /tmp/nix-build-vm-test-run-$name.drv-0/vm-state-machine/monitor
|
||||
# The max filename length of a unix domain socket is 108 bytes.
|
||||
# This means $name can at most be 50 bytes long.
|
||||
maxTestNameLen = 50;
|
||||
testNameLen = builtins.stringLength testName;
|
||||
in with builtins;
|
||||
if testNameLen > maxTestNameLen then
|
||||
abort
|
||||
("The name of the test '${testName}' must not be longer than ${toString maxTestNameLen} " +
|
||||
"it's currently ${toString testNameLen} characters long.")
|
||||
else
|
||||
"nixos-test-driver-${testName}";
|
||||
|
||||
vlans = map (m: m.config.virtualisation.vlans) (lib.attrValues nodes);
|
||||
vms = map (m: m.config.system.build.vm) (lib.attrValues nodes);
|
||||
|
||||
nodeHostNames = let
|
||||
nodesList = map (c: c.config.system.name) (lib.attrValues nodes);
|
||||
in nodesList ++ lib.optional (lib.length nodesList == 1 && !lib.elem "machine" nodesList) "machine";
|
||||
|
||||
# TODO: This is an implementation error and needs fixing
|
||||
# the testing famework cannot legitimately restrict hostnames further
|
||||
# beyond RFC1035
|
||||
invalidNodeNames = lib.filter
|
||||
(node: builtins.match "^[A-z_]([A-z0-9_]+)?$" node == null)
|
||||
nodeHostNames;
|
||||
|
||||
testScript' =
|
||||
# Call the test script with the computed nodes.
|
||||
if lib.isFunction testScript
|
||||
then testScript { inherit nodes; }
|
||||
else testScript;
|
||||
|
||||
uniqueVlans = lib.unique (builtins.concatLists vlans);
|
||||
vlanNames = map (i: "vlan${toString i}: VLan;") uniqueVlans;
|
||||
machineNames = map (name: "${name}: Machine;") nodeHostNames;
|
||||
in
|
||||
if lib.length invalidNodeNames > 0 then
|
||||
throw ''
|
||||
Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})!
|
||||
All machines are referenced as python variables in the testing framework which will break the
|
||||
script when special characters are used.
|
||||
|
||||
This is an IMPLEMENTATION ERROR and needs to be fixed. Meanwhile,
|
||||
please stick to alphanumeric chars and underscores as separation.
|
||||
''
|
||||
else lib.warnIf skipLint "Linting is disabled" (runCommand testDriverName
|
||||
{
|
||||
inherit testName;
|
||||
nativeBuildInputs = [ makeWrapper mypy ];
|
||||
buildInputs = [ testDriver ];
|
||||
testScript = testScript';
|
||||
preferLocalBuild = true;
|
||||
passthru = passthru // {
|
||||
inherit nodes;
|
||||
};
|
||||
meta.mainProgram = "nixos-test-driver";
|
||||
}
|
||||
''
|
||||
mkdir -p $out/bin
|
||||
|
||||
vmStartScripts=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done))
|
||||
|
||||
${lib.optionalString (!skipTypeCheck) ''
|
||||
# prepend type hints so the test script can be type checked with mypy
|
||||
cat "${./test-script-prepend.py}" >> testScriptWithTypes
|
||||
echo "${builtins.toString machineNames}" >> testScriptWithTypes
|
||||
echo "${builtins.toString vlanNames}" >> testScriptWithTypes
|
||||
echo -n "$testScript" >> testScriptWithTypes
|
||||
|
||||
mypy --no-implicit-optional \
|
||||
--pretty \
|
||||
--no-color-output \
|
||||
testScriptWithTypes
|
||||
''}
|
||||
|
||||
echo -n "$testScript" >> $out/test-script
|
||||
|
||||
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-test-driver
|
||||
|
||||
${testDriver}/bin/generate-driver-symbols
|
||||
${lib.optionalString (!skipLint) ''
|
||||
PYFLAKES_BUILTINS="$(
|
||||
echo -n ${lib.escapeShellArg (lib.concatStringsSep "," nodeHostNames)},
|
||||
< ${lib.escapeShellArg "driver-symbols"}
|
||||
)" ${python3Packages.pyflakes}/bin/pyflakes $out/test-script
|
||||
''}
|
||||
|
||||
# set defaults through environment
|
||||
# see: ./test-driver/test-driver.py argparse implementation
|
||||
wrapProgram $out/bin/nixos-test-driver \
|
||||
--set startScripts "''${vmStartScripts[*]}" \
|
||||
--set testScript "$out/test-script" \
|
||||
--set vlans '${toString vlans}' \
|
||||
${lib.optionalString (interactive) "--add-flags --interactive"}
|
||||
'');
|
||||
|
||||
# Make a full-blown test
|
||||
makeTest =
|
||||
{ machine ? null
|
||||
|
@ -184,90 +47,19 @@ rec {
|
|||
then builtins.unsafeGetAttrPos "description" meta
|
||||
else builtins.unsafeGetAttrPos "testScript" t)
|
||||
, extraPythonPackages ? (_ : [])
|
||||
, interactive ? {}
|
||||
} @ t:
|
||||
let
|
||||
mkNodes = qemu_pkg:
|
||||
let
|
||||
testScript' =
|
||||
# Call the test script with the computed nodes.
|
||||
if lib.isFunction testScript
|
||||
then testScript { nodes = mkNodes qemu_pkg; }
|
||||
else testScript;
|
||||
|
||||
build-vms = import ./build-vms.nix {
|
||||
inherit system lib pkgs minimal specialArgs;
|
||||
extraConfigurations = extraConfigurations ++ [(
|
||||
{ config, ... }:
|
||||
(evalTest {
|
||||
imports = [
|
||||
{ _file = "makeTest parameters"; config = t; }
|
||||
{
|
||||
virtualisation.qemu.package = qemu_pkg;
|
||||
|
||||
# Make sure all derivations referenced by the test
|
||||
# script are available on the nodes. When the store is
|
||||
# accessed through 9p, this isn't important, since
|
||||
# everything in the store is available to the guest,
|
||||
# but when building a root image it is, as all paths
|
||||
# that should be available to the guest has to be
|
||||
# copied to the image.
|
||||
virtualisation.additionalPaths =
|
||||
lib.optional
|
||||
# A testScript may evaluate nodes, which has caused
|
||||
# infinite recursions. The demand cycle involves:
|
||||
# testScript -->
|
||||
# nodes -->
|
||||
# toplevel -->
|
||||
# additionalPaths -->
|
||||
# hasContext testScript' -->
|
||||
# testScript (ad infinitum)
|
||||
# If we don't need to build an image, we can break this
|
||||
# cycle by short-circuiting when useNixStoreImage is false.
|
||||
(config.virtualisation.useNixStoreImage && builtins.hasContext testScript')
|
||||
(pkgs.writeStringReferencesToFile testScript');
|
||||
|
||||
# Ensure we do not use aliases. Ideally this is only set
|
||||
# when the test framework is used by Nixpkgs NixOS tests.
|
||||
nixpkgs.config.allowAliases = false;
|
||||
defaults = {
|
||||
_file = "makeTest: extraConfigurations";
|
||||
imports = extraConfigurations;
|
||||
};
|
||||
}
|
||||
)];
|
||||
};
|
||||
in
|
||||
lib.warnIf (t?machine) "In test `${name}': The `machine' attribute in NixOS tests (pkgs.nixosTest / make-test-python.nix / testing-python.nix / makeTest) is deprecated. Please use the equivalent `nodes.machine'."
|
||||
build-vms.buildVirtualNetwork (
|
||||
nodes // lib.optionalAttrs (machine != null) { inherit machine; }
|
||||
);
|
||||
|
||||
driver = setupDriverForTest {
|
||||
inherit testScript enableOCR skipTypeCheck skipLint passthru extraPythonPackages;
|
||||
testName = name;
|
||||
qemu_pkg = pkgs.qemu_test;
|
||||
nodes = mkNodes pkgs.qemu_test;
|
||||
};
|
||||
driverInteractive = setupDriverForTest {
|
||||
inherit testScript enableOCR skipTypeCheck skipLint passthru extraPythonPackages;
|
||||
testName = name;
|
||||
qemu_pkg = pkgs.qemu;
|
||||
nodes = mkNodes pkgs.qemu;
|
||||
interactive = true;
|
||||
};
|
||||
|
||||
test = lib.addMetaAttrs meta (runTests { inherit driver pos driverInteractive; });
|
||||
|
||||
in
|
||||
test // {
|
||||
inherit test driver driverInteractive;
|
||||
inherit (driver) nodes;
|
||||
};
|
||||
|
||||
abortForFunction = functionName: abort ''The ${functionName} function was
|
||||
removed because it is not an essential part of the NixOS testing
|
||||
infrastructure. It had no usage in NixOS or Nixpkgs and it had no designated
|
||||
maintainer. You are free to reintroduce it by documenting it in the manual
|
||||
and adding yourself as maintainer. It was removed in
|
||||
https://github.com/NixOS/nixpkgs/pull/137013
|
||||
'';
|
||||
|
||||
runInMachine = abortForFunction "runInMachine";
|
||||
|
||||
runInMachineWithX = abortForFunction "runInMachineWithX";
|
||||
];
|
||||
}).config;
|
||||
|
||||
simpleTest = as: (makeTest as).test;
|
||||
|
||||
|
|
12
third_party/nixpkgs/nixos/lib/testing/call-test.nix
vendored
Normal file
12
third_party/nixpkgs/nixos/lib/testing/call-test.nix
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
result = mkOption {
|
||||
internal = true;
|
||||
default = config;
|
||||
};
|
||||
};
|
||||
}
|
24
third_party/nixpkgs/nixos/lib/testing/default.nix
vendored
Normal file
24
third_party/nixpkgs/nixos/lib/testing/default.nix
vendored
Normal file
|
@ -0,0 +1,24 @@
|
|||
{ lib }:
|
||||
let
|
||||
|
||||
evalTest = module: lib.evalModules { modules = testModules ++ [ module ]; };
|
||||
runTest = module: (evalTest ({ config, ... }: { imports = [ module ]; result = config.test; })).config.result;
|
||||
|
||||
testModules = [
|
||||
./call-test.nix
|
||||
./driver.nix
|
||||
./interactive.nix
|
||||
./legacy.nix
|
||||
./meta.nix
|
||||
./name.nix
|
||||
./network.nix
|
||||
./nodes.nix
|
||||
./pkgs.nix
|
||||
./run.nix
|
||||
./testScript.nix
|
||||
];
|
||||
|
||||
in
|
||||
{
|
||||
inherit evalTest runTest testModules;
|
||||
}
|
188
third_party/nixpkgs/nixos/lib/testing/driver.nix
vendored
Normal file
188
third_party/nixpkgs/nixos/lib/testing/driver.nix
vendored
Normal file
|
@ -0,0 +1,188 @@
|
|||
{ config, lib, hostPkgs, ... }:
|
||||
let
|
||||
inherit (lib) mkOption types literalMD mdDoc;
|
||||
|
||||
# Reifies and correctly wraps the python test driver for
|
||||
# the respective qemu version and with or without ocr support
|
||||
testDriver = hostPkgs.callPackage ../test-driver {
|
||||
inherit (config) enableOCR extraPythonPackages;
|
||||
qemu_pkg = config.qemu.package;
|
||||
imagemagick_light = hostPkgs.imagemagick_light.override { inherit (hostPkgs) libtiff; };
|
||||
tesseract4 = hostPkgs.tesseract4.override { enableLanguages = [ "eng" ]; };
|
||||
};
|
||||
|
||||
|
||||
vlans = map (m: m.virtualisation.vlans) (lib.attrValues config.nodes);
|
||||
vms = map (m: m.system.build.vm) (lib.attrValues config.nodes);
|
||||
|
||||
nodeHostNames =
|
||||
let
|
||||
nodesList = map (c: c.system.name) (lib.attrValues config.nodes);
|
||||
in
|
||||
nodesList ++ lib.optional (lib.length nodesList == 1 && !lib.elem "machine" nodesList) "machine";
|
||||
|
||||
# TODO: This is an implementation error and needs fixing
|
||||
# the testing famework cannot legitimately restrict hostnames further
|
||||
# beyond RFC1035
|
||||
invalidNodeNames = lib.filter
|
||||
(node: builtins.match "^[A-z_]([A-z0-9_]+)?$" node == null)
|
||||
nodeHostNames;
|
||||
|
||||
uniqueVlans = lib.unique (builtins.concatLists vlans);
|
||||
vlanNames = map (i: "vlan${toString i}: VLan;") uniqueVlans;
|
||||
machineNames = map (name: "${name}: Machine;") nodeHostNames;
|
||||
|
||||
withChecks =
|
||||
if lib.length invalidNodeNames > 0 then
|
||||
throw ''
|
||||
Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})!
|
||||
All machines are referenced as python variables in the testing framework which will break the
|
||||
script when special characters are used.
|
||||
|
||||
This is an IMPLEMENTATION ERROR and needs to be fixed. Meanwhile,
|
||||
please stick to alphanumeric chars and underscores as separation.
|
||||
''
|
||||
else
|
||||
lib.warnIf config.skipLint "Linting is disabled";
|
||||
|
||||
driver =
|
||||
hostPkgs.runCommand "nixos-test-driver-${config.name}"
|
||||
{
|
||||
# inherit testName; TODO (roberth): need this?
|
||||
nativeBuildInputs = [
|
||||
hostPkgs.makeWrapper
|
||||
] ++ lib.optionals (!config.skipTypeCheck) [ hostPkgs.mypy ];
|
||||
buildInputs = [ testDriver ];
|
||||
testScript = config.testScriptString;
|
||||
preferLocalBuild = true;
|
||||
passthru = config.passthru;
|
||||
meta = config.meta // {
|
||||
mainProgram = "nixos-test-driver";
|
||||
};
|
||||
}
|
||||
''
|
||||
mkdir -p $out/bin
|
||||
|
||||
vmStartScripts=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done))
|
||||
|
||||
${lib.optionalString (!config.skipTypeCheck) ''
|
||||
# prepend type hints so the test script can be type checked with mypy
|
||||
cat "${../test-script-prepend.py}" >> testScriptWithTypes
|
||||
echo "${builtins.toString machineNames}" >> testScriptWithTypes
|
||||
echo "${builtins.toString vlanNames}" >> testScriptWithTypes
|
||||
echo -n "$testScript" >> testScriptWithTypes
|
||||
|
||||
cat -n testScriptWithTypes
|
||||
|
||||
mypy --no-implicit-optional \
|
||||
--pretty \
|
||||
--no-color-output \
|
||||
testScriptWithTypes
|
||||
''}
|
||||
|
||||
echo -n "$testScript" >> $out/test-script
|
||||
|
||||
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-test-driver
|
||||
|
||||
${testDriver}/bin/generate-driver-symbols
|
||||
${lib.optionalString (!config.skipLint) ''
|
||||
PYFLAKES_BUILTINS="$(
|
||||
echo -n ${lib.escapeShellArg (lib.concatStringsSep "," nodeHostNames)},
|
||||
< ${lib.escapeShellArg "driver-symbols"}
|
||||
)" ${hostPkgs.python3Packages.pyflakes}/bin/pyflakes $out/test-script
|
||||
''}
|
||||
|
||||
# set defaults through environment
|
||||
# see: ./test-driver/test-driver.py argparse implementation
|
||||
wrapProgram $out/bin/nixos-test-driver \
|
||||
--set startScripts "''${vmStartScripts[*]}" \
|
||||
--set testScript "$out/test-script" \
|
||||
--set vlans '${toString vlans}' \
|
||||
${lib.escapeShellArgs (lib.concatMap (arg: ["--add-flags" arg]) config.extraDriverArgs)}
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
|
||||
driver = mkOption {
|
||||
description = mdDoc "Package containing a script that runs the test.";
|
||||
type = types.package;
|
||||
defaultText = literalMD "set by the test framework";
|
||||
};
|
||||
|
||||
hostPkgs = mkOption {
|
||||
description = mdDoc "Nixpkgs attrset used outside the nodes.";
|
||||
type = types.raw;
|
||||
example = lib.literalExpression ''
|
||||
import nixpkgs { inherit system config overlays; }
|
||||
'';
|
||||
};
|
||||
|
||||
qemu.package = mkOption {
|
||||
description = mdDoc "Which qemu package to use for the virtualisation of [{option}`nodes`](#opt-nodes).";
|
||||
type = types.package;
|
||||
default = hostPkgs.qemu_test;
|
||||
defaultText = "hostPkgs.qemu_test";
|
||||
};
|
||||
|
||||
enableOCR = mkOption {
|
||||
description = mdDoc ''
|
||||
Whether to enable Optical Character Recognition functionality for
|
||||
testing graphical programs. See [Machine objects](`ssec-machine-objects`).
|
||||
'';
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
extraPythonPackages = mkOption {
|
||||
description = mdDoc ''
|
||||
Python packages to add to the test driver.
|
||||
|
||||
The argument is a Python package set, similar to `pkgs.pythonPackages`.
|
||||
'';
|
||||
example = lib.literalExpression ''
|
||||
p: [ p.numpy ]
|
||||
'';
|
||||
type = types.functionTo (types.listOf types.package);
|
||||
default = ps: [ ];
|
||||
};
|
||||
|
||||
extraDriverArgs = mkOption {
|
||||
description = mdDoc ''
|
||||
Extra arguments to pass to the test driver.
|
||||
|
||||
They become part of [{option}`driver`](#opt-driver) via `wrapProgram`.
|
||||
'';
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
};
|
||||
|
||||
skipLint = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Do not run the linters. This may speed up your iteration cycle, but it is not something you should commit.
|
||||
'';
|
||||
};
|
||||
|
||||
skipTypeCheck = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Disable type checking. This must not be enabled for new NixOS tests.
|
||||
|
||||
This may speed up your iteration cycle, unless you're working on the [{option}`testScript`](#opt-testScript).
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
_module.args.hostPkgs = config.hostPkgs;
|
||||
|
||||
driver = withChecks driver;
|
||||
|
||||
# make available on the test runner
|
||||
passthru.driver = config.driver;
|
||||
};
|
||||
}
|
45
third_party/nixpkgs/nixos/lib/testing/interactive.nix
vendored
Normal file
45
third_party/nixpkgs/nixos/lib/testing/interactive.nix
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
{ config, lib, moduleType, hostPkgs, ... }:
|
||||
let
|
||||
inherit (lib) mkOption types mdDoc;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
interactive = mkOption {
|
||||
description = mdDoc ''
|
||||
Tests [can be run interactively](#sec-running-nixos-tests-interactively)
|
||||
using the program in the test derivation's `.driverInteractive` attribute.
|
||||
|
||||
When they are, the configuration will include anything set in this submodule.
|
||||
|
||||
You can set any top-level test option here.
|
||||
|
||||
Example test module:
|
||||
|
||||
```nix
|
||||
{ config, lib, ... }: {
|
||||
|
||||
nodes.rabbitmq = {
|
||||
services.rabbitmq.enable = true;
|
||||
};
|
||||
|
||||
# When running interactively ...
|
||||
interactive.nodes.rabbitmq = {
|
||||
# ... enable the web ui.
|
||||
services.rabbitmq.managementPlugin.enable = true;
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
For details, see the section about [running tests interactively](#sec-running-nixos-tests-interactively).
|
||||
'';
|
||||
type = moduleType;
|
||||
visible = "shallow";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
interactive.qemu.package = hostPkgs.qemu;
|
||||
interactive.extraDriverArgs = [ "--interactive" ];
|
||||
passthru.driverInteractive = config.interactive.driver;
|
||||
};
|
||||
}
|
25
third_party/nixpkgs/nixos/lib/testing/legacy.nix
vendored
Normal file
25
third_party/nixpkgs/nixos/lib/testing/legacy.nix
vendored
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ config, options, lib, ... }:
|
||||
let
|
||||
inherit (lib) mkIf mkOption types;
|
||||
in
|
||||
{
|
||||
# This needs options.warnings, which we don't have (yet?).
|
||||
# imports = [
|
||||
# (lib.mkRenamedOptionModule [ "machine" ] [ "nodes" "machine" ])
|
||||
# ];
|
||||
|
||||
options = {
|
||||
machine = mkOption {
|
||||
internal = true;
|
||||
type = types.raw;
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
nodes = mkIf options.machine.isDefined (
|
||||
lib.warn
|
||||
"In test `${config.name}': The `machine' attribute in NixOS tests (pkgs.nixosTest / make-test-python.nix / testing-python.nix / makeTest) is deprecated. Please set the equivalent `nodes.machine'."
|
||||
{ inherit (config) machine; }
|
||||
);
|
||||
};
|
||||
}
|
42
third_party/nixpkgs/nixos/lib/testing/meta.nix
vendored
Normal file
42
third_party/nixpkgs/nixos/lib/testing/meta.nix
vendored
Normal file
|
@ -0,0 +1,42 @@
|
|||
{ lib, ... }:
|
||||
let
|
||||
inherit (lib) types mkOption mdDoc;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
meta = lib.mkOption {
|
||||
description = mdDoc ''
|
||||
The [`meta`](https://nixos.org/manual/nixpkgs/stable/#chap-meta) attributes that will be set on the returned derivations.
|
||||
|
||||
Not all [`meta`](https://nixos.org/manual/nixpkgs/stable/#chap-meta) attributes are supported, but more can be added as desired.
|
||||
'';
|
||||
apply = lib.filterAttrs (k: v: v != null);
|
||||
type = types.submodule {
|
||||
options = {
|
||||
maintainers = lib.mkOption {
|
||||
type = types.listOf types.raw;
|
||||
default = [];
|
||||
description = mdDoc ''
|
||||
The [list of maintainers](https://nixos.org/manual/nixpkgs/stable/#var-meta-maintainers) for this test.
|
||||
'';
|
||||
};
|
||||
timeout = lib.mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null; # NOTE: null values are filtered out by `meta`.
|
||||
description = mdDoc ''
|
||||
The [{option}`test`](#opt-test)'s [`meta.timeout`](https://nixos.org/manual/nixpkgs/stable/#var-meta-timeout) in seconds.
|
||||
'';
|
||||
};
|
||||
broken = lib.mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Sets the [`meta.broken`](https://nixos.org/manual/nixpkgs/stable/#var-meta-broken) attribute on the [{option}`test`](#opt-test) derivation.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
}
|
14
third_party/nixpkgs/nixos/lib/testing/name.nix
vendored
Normal file
14
third_party/nixpkgs/nixos/lib/testing/name.nix
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ lib, ... }:
|
||||
let
|
||||
inherit (lib) mkOption types mdDoc;
|
||||
in
|
||||
{
|
||||
options.name = mkOption {
|
||||
description = mdDoc ''
|
||||
The name of the test.
|
||||
|
||||
This is used in the derivation names of the [{option}`driver`](#opt-driver) and [{option}`test`](#opt-test) runner.
|
||||
'';
|
||||
type = types.str;
|
||||
};
|
||||
}
|
117
third_party/nixpkgs/nixos/lib/testing/network.nix
vendored
Normal file
117
third_party/nixpkgs/nixos/lib/testing/network.nix
vendored
Normal file
|
@ -0,0 +1,117 @@
|
|||
{ lib, nodes, ... }:
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
attrNames concatMap concatMapStrings flip forEach head
|
||||
listToAttrs mkDefault mkOption nameValuePair optionalString
|
||||
range types zipListsWith zipLists
|
||||
mdDoc
|
||||
;
|
||||
|
||||
nodeNumbers =
|
||||
listToAttrs
|
||||
(zipListsWith
|
||||
nameValuePair
|
||||
(attrNames nodes)
|
||||
(range 1 254)
|
||||
);
|
||||
|
||||
networkModule = { config, nodes, pkgs, ... }:
|
||||
let
|
||||
interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255);
|
||||
interfaces = forEach interfacesNumbered ({ fst, snd }:
|
||||
nameValuePair "eth${toString snd}" {
|
||||
ipv4.addresses =
|
||||
[{
|
||||
address = "192.168.${toString fst}.${toString config.virtualisation.test.nodeNumber}";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
});
|
||||
|
||||
networkConfig =
|
||||
{
|
||||
networking.hostName = mkDefault config.virtualisation.test.nodeName;
|
||||
|
||||
networking.interfaces = listToAttrs interfaces;
|
||||
|
||||
networking.primaryIPAddress =
|
||||
optionalString (interfaces != [ ]) (head (head interfaces).value.ipv4.addresses).address;
|
||||
|
||||
# Put the IP addresses of all VMs in this machine's
|
||||
# /etc/hosts file. If a machine has multiple
|
||||
# interfaces, use the IP address corresponding to
|
||||
# the first interface (i.e. the first network in its
|
||||
# virtualisation.vlans option).
|
||||
networking.extraHosts = flip concatMapStrings (attrNames nodes)
|
||||
(m':
|
||||
let config = nodes.${m'}; in
|
||||
optionalString (config.networking.primaryIPAddress != "")
|
||||
("${config.networking.primaryIPAddress} " +
|
||||
optionalString (config.networking.domain != null)
|
||||
"${config.networking.hostName}.${config.networking.domain} " +
|
||||
"${config.networking.hostName}\n"));
|
||||
|
||||
virtualisation.qemu.options =
|
||||
let qemu-common = import ../qemu-common.nix { inherit lib pkgs; };
|
||||
in
|
||||
flip concatMap interfacesNumbered
|
||||
({ fst, snd }: qemu-common.qemuNICFlags snd fst config.virtualisation.test.nodeNumber);
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
key = "ip-address";
|
||||
config = networkConfig // {
|
||||
# Expose the networkConfig items for tests like nixops
|
||||
# that need to recreate the network config.
|
||||
system.build.networkConfig = networkConfig;
|
||||
};
|
||||
};
|
||||
|
||||
nodeNumberModule = (regular@{ config, name, ... }: {
|
||||
options = {
|
||||
virtualisation.test.nodeName = mkOption {
|
||||
internal = true;
|
||||
default = name;
|
||||
# We need to force this in specilisations, otherwise it'd be
|
||||
# readOnly = true;
|
||||
description = mdDoc ''
|
||||
The `name` in `nodes.<name>`; stable across `specialisations`.
|
||||
'';
|
||||
};
|
||||
virtualisation.test.nodeNumber = mkOption {
|
||||
internal = true;
|
||||
type = types.int;
|
||||
readOnly = true;
|
||||
default = nodeNumbers.${config.virtualisation.test.nodeName};
|
||||
description = mdDoc ''
|
||||
A unique number assigned for each node in `nodes`.
|
||||
'';
|
||||
};
|
||||
|
||||
# specialisations override the `name` module argument,
|
||||
# so we push the real `virtualisation.test.nodeName`.
|
||||
specialisation = mkOption {
|
||||
type = types.attrsOf (types.submodule {
|
||||
options.configuration = mkOption {
|
||||
type = types.submoduleWith {
|
||||
modules = [
|
||||
{
|
||||
config.virtualisation.test.nodeName =
|
||||
# assert regular.config.virtualisation.test.nodeName != "configuration";
|
||||
regular.config.virtualisation.test.nodeName;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
};
|
||||
});
|
||||
|
||||
in
|
||||
{
|
||||
config = {
|
||||
extraBaseModules = { imports = [ networkModule nodeNumberModule ]; };
|
||||
};
|
||||
}
|
23
third_party/nixpkgs/nixos/lib/testing/nixos-test-base.nix
vendored
Normal file
23
third_party/nixpkgs/nixos/lib/testing/nixos-test-base.nix
vendored
Normal file
|
@ -0,0 +1,23 @@
|
|||
# A module containing the base imports and overrides that
|
||||
# are always applied in NixOS VM tests, unconditionally,
|
||||
# even in `inheritParentConfig = false` specialisations.
|
||||
{ lib, ... }:
|
||||
let
|
||||
inherit (lib) mkForce;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../../modules/virtualisation/qemu-vm.nix
|
||||
../../modules/testing/test-instrumentation.nix # !!! should only get added for automated test runs
|
||||
{ key = "no-manual"; documentation.nixos.enable = false; }
|
||||
{
|
||||
key = "no-revision";
|
||||
# Make the revision metadata constant, in order to avoid needless retesting.
|
||||
# The human version (e.g. 21.05-pre) is left as is, because it is useful
|
||||
# for external modules that test with e.g. testers.nixosTest and rely on that
|
||||
# version number.
|
||||
config.system.nixos.revision = mkForce "constant-nixos-revision";
|
||||
}
|
||||
|
||||
];
|
||||
}
|
112
third_party/nixpkgs/nixos/lib/testing/nodes.nix
vendored
Normal file
112
third_party/nixpkgs/nixos/lib/testing/nodes.nix
vendored
Normal file
|
@ -0,0 +1,112 @@
|
|||
testModuleArgs@{ config, lib, hostPkgs, nodes, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkOption mkForce optional types mapAttrs mkDefault mdDoc;
|
||||
|
||||
system = hostPkgs.stdenv.hostPlatform.system;
|
||||
|
||||
baseOS =
|
||||
import ../eval-config.nix {
|
||||
inherit system;
|
||||
inherit (config.node) specialArgs;
|
||||
modules = [ config.defaults ];
|
||||
baseModules = (import ../../modules/module-list.nix) ++
|
||||
[
|
||||
./nixos-test-base.nix
|
||||
{ key = "nodes"; _module.args.nodes = config.nodesCompat; }
|
||||
({ config, ... }:
|
||||
{
|
||||
virtualisation.qemu.package = testModuleArgs.config.qemu.package;
|
||||
|
||||
# Ensure we do not use aliases. Ideally this is only set
|
||||
# when the test framework is used by Nixpkgs NixOS tests.
|
||||
nixpkgs.config.allowAliases = false;
|
||||
})
|
||||
testModuleArgs.config.extraBaseModules
|
||||
] ++ optional config.minimal ../../modules/testing/minimal-kernel.nix;
|
||||
};
|
||||
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options = {
|
||||
node.type = mkOption {
|
||||
type = types.raw;
|
||||
default = baseOS.type;
|
||||
internal = true;
|
||||
};
|
||||
|
||||
nodes = mkOption {
|
||||
type = types.lazyAttrsOf config.node.type;
|
||||
visible = "shallow";
|
||||
description = mdDoc ''
|
||||
An attribute set of NixOS configuration modules.
|
||||
|
||||
The configurations are augmented by the [`defaults`](#opt-defaults) option.
|
||||
|
||||
They are assigned network addresses according to the `nixos/lib/testing/network.nix` module.
|
||||
|
||||
A few special options are available, that aren't in a plain NixOS configuration. See [Configuring the nodes](#sec-nixos-test-nodes)
|
||||
'';
|
||||
};
|
||||
|
||||
defaults = mkOption {
|
||||
description = mdDoc ''
|
||||
NixOS configuration that is applied to all [{option}`nodes`](#opt-nodes).
|
||||
'';
|
||||
type = types.deferredModule;
|
||||
default = { };
|
||||
};
|
||||
|
||||
extraBaseModules = mkOption {
|
||||
description = mdDoc ''
|
||||
NixOS configuration that, like [{option}`defaults`](#opt-defaults), is applied to all [{option}`nodes`](#opt-nodes) and can not be undone with [`specialisation.<name>.inheritParentConfig`](https://search.nixos.org/options?show=specialisation.%3Cname%3E.inheritParentConfig&from=0&size=50&sort=relevance&type=packages&query=specialisation).
|
||||
'';
|
||||
type = types.deferredModule;
|
||||
default = { };
|
||||
};
|
||||
|
||||
node.specialArgs = mkOption {
|
||||
type = types.lazyAttrsOf types.raw;
|
||||
default = { };
|
||||
description = mdDoc ''
|
||||
An attribute set of arbitrary values that will be made available as module arguments during the resolution of module `imports`.
|
||||
|
||||
Note that it is not possible to override these from within the NixOS configurations. If you argument is not relevant to `imports`, consider setting {option}`defaults._module.args.<name>` instead.
|
||||
'';
|
||||
};
|
||||
|
||||
minimal = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Enable to configure all [{option}`nodes`](#opt-nodes) to run with a minimal kernel.
|
||||
'';
|
||||
};
|
||||
|
||||
nodesCompat = mkOption {
|
||||
internal = true;
|
||||
description = mdDoc ''
|
||||
Basically `_module.args.nodes`, but with backcompat and warnings added.
|
||||
|
||||
This will go away.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
_module.args.nodes = config.nodesCompat;
|
||||
nodesCompat =
|
||||
mapAttrs
|
||||
(name: config: config // {
|
||||
config = lib.warn
|
||||
"Module argument `nodes.${name}.config` is deprecated. Use `nodes.${name}` instead."
|
||||
config;
|
||||
})
|
||||
config.nodes;
|
||||
|
||||
passthru.nodes = config.nodesCompat;
|
||||
};
|
||||
}
|
11
third_party/nixpkgs/nixos/lib/testing/pkgs.nix
vendored
Normal file
11
third_party/nixpkgs/nixos/lib/testing/pkgs.nix
vendored
Normal file
|
@ -0,0 +1,11 @@
|
|||
{ config, lib, hostPkgs, ... }:
|
||||
{
|
||||
config = {
|
||||
# default pkgs for use in VMs
|
||||
_module.args.pkgs = hostPkgs;
|
||||
|
||||
defaults = {
|
||||
# TODO: a module to set a shared pkgs, if options.nixpkgs.* is untouched by user (highestPrio) */
|
||||
};
|
||||
};
|
||||
}
|
57
third_party/nixpkgs/nixos/lib/testing/run.nix
vendored
Normal file
57
third_party/nixpkgs/nixos/lib/testing/run.nix
vendored
Normal file
|
@ -0,0 +1,57 @@
|
|||
{ config, hostPkgs, lib, ... }:
|
||||
let
|
||||
inherit (lib) types mkOption mdDoc;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
passthru = mkOption {
|
||||
type = types.lazyAttrsOf types.raw;
|
||||
description = mdDoc ''
|
||||
Attributes to add to the returned derivations,
|
||||
which are not necessarily part of the build.
|
||||
|
||||
This is a bit like doing `drv // { myAttr = true; }` (which would be lost by `overrideAttrs`).
|
||||
It does not change the actual derivation, but adds the attribute nonetheless, so that
|
||||
consumers of what would be `drv` have more information.
|
||||
'';
|
||||
};
|
||||
|
||||
test = mkOption {
|
||||
type = types.package;
|
||||
# TODO: can the interactive driver be configured to access the network?
|
||||
description = mdDoc ''
|
||||
Derivation that runs the test as its "build" process.
|
||||
|
||||
This implies that NixOS tests run isolated from the network, making them
|
||||
more dependable.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
test = lib.lazyDerivation { # lazyDerivation improves performance when only passthru items and/or meta are used.
|
||||
derivation = hostPkgs.stdenv.mkDerivation {
|
||||
name = "vm-test-run-${config.name}";
|
||||
|
||||
requiredSystemFeatures = [ "kvm" "nixos-test" ];
|
||||
|
||||
buildCommand = ''
|
||||
mkdir -p $out
|
||||
|
||||
# effectively mute the XMLLogger
|
||||
export LOGFILE=/dev/null
|
||||
|
||||
${config.driver}/bin/nixos-test-driver -o $out
|
||||
'';
|
||||
|
||||
passthru = config.passthru;
|
||||
|
||||
meta = config.meta;
|
||||
};
|
||||
inherit (config) passthru meta;
|
||||
};
|
||||
|
||||
# useful for inspection (debugging / exploration)
|
||||
passthru.config = config;
|
||||
};
|
||||
}
|
84
third_party/nixpkgs/nixos/lib/testing/testScript.nix
vendored
Normal file
84
third_party/nixpkgs/nixos/lib/testing/testScript.nix
vendored
Normal file
|
@ -0,0 +1,84 @@
|
|||
testModuleArgs@{ config, lib, hostPkgs, nodes, moduleType, ... }:
|
||||
let
|
||||
inherit (lib) mkOption types mdDoc;
|
||||
inherit (types) either str functionTo;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
testScript = mkOption {
|
||||
type = either str (functionTo str);
|
||||
description = ''
|
||||
A series of python declarations and statements that you write to perform
|
||||
the test.
|
||||
'';
|
||||
};
|
||||
testScriptString = mkOption {
|
||||
type = str;
|
||||
readOnly = true;
|
||||
internal = true;
|
||||
};
|
||||
|
||||
includeTestScriptReferences = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
internal = true;
|
||||
};
|
||||
withoutTestScriptReferences = mkOption {
|
||||
type = moduleType;
|
||||
description = mdDoc ''
|
||||
A parallel universe where the testScript is invalid and has no references.
|
||||
'';
|
||||
internal = true;
|
||||
visible = false;
|
||||
};
|
||||
};
|
||||
config = {
|
||||
withoutTestScriptReferences.includeTestScriptReferences = false;
|
||||
withoutTestScriptReferences.testScript = lib.mkForce "testscript omitted";
|
||||
|
||||
testScriptString =
|
||||
if lib.isFunction config.testScript
|
||||
then
|
||||
config.testScript
|
||||
{
|
||||
nodes =
|
||||
lib.mapAttrs
|
||||
(k: v:
|
||||
if v.virtualisation.useNixStoreImage
|
||||
then
|
||||
# prevent infinite recursion when testScript would
|
||||
# reference v's toplevel
|
||||
config.withoutTestScriptReferences.nodesCompat.${k}
|
||||
else
|
||||
# reuse memoized config
|
||||
v
|
||||
)
|
||||
config.nodesCompat;
|
||||
}
|
||||
else config.testScript;
|
||||
|
||||
defaults = { config, name, ... }: {
|
||||
# Make sure all derivations referenced by the test
|
||||
# script are available on the nodes. When the store is
|
||||
# accessed through 9p, this isn't important, since
|
||||
# everything in the store is available to the guest,
|
||||
# but when building a root image it is, as all paths
|
||||
# that should be available to the guest has to be
|
||||
# copied to the image.
|
||||
virtualisation.additionalPaths =
|
||||
lib.optional
|
||||
# A testScript may evaluate nodes, which has caused
|
||||
# infinite recursions. The demand cycle involves:
|
||||
# testScript -->
|
||||
# nodes -->
|
||||
# toplevel -->
|
||||
# additionalPaths -->
|
||||
# hasContext testScript' -->
|
||||
# testScript (ad infinitum)
|
||||
# If we don't need to build an image, we can break this
|
||||
# cycle by short-circuiting when useNixStoreImage is false.
|
||||
(config.virtualisation.useNixStoreImage && builtins.hasContext testModuleArgs.config.testScriptString && testModuleArgs.config.includeTestScriptReferences)
|
||||
(hostPkgs.writeStringReferencesToFile testModuleArgs.config.testScriptString);
|
||||
};
|
||||
};
|
||||
}
|
|
@ -10,12 +10,12 @@ with lib;
|
|||
i18n = {
|
||||
glibcLocales = mkOption {
|
||||
type = types.path;
|
||||
default = pkgs.buildPackages.glibcLocales.override {
|
||||
default = pkgs.glibcLocales.override {
|
||||
allLocales = any (x: x == "all") config.i18n.supportedLocales;
|
||||
locales = config.i18n.supportedLocales;
|
||||
};
|
||||
defaultText = literalExpression ''
|
||||
pkgs.buildPackages.glibcLocales.override {
|
||||
pkgs.glibcLocales.override {
|
||||
allLocales = any (x: x == "all") config.i18n.supportedLocales;
|
||||
locales = config.i18n.supportedLocales;
|
||||
}
|
||||
|
|
|
@ -35,17 +35,21 @@ let
|
|||
;
|
||||
|
||||
/**
|
||||
* Given a `config`, builds the default options.
|
||||
* Builds the default options.
|
||||
*/
|
||||
buildMenuGrub2 = config:
|
||||
buildMenuAdditionalParamsGrub2 config ""
|
||||
;
|
||||
buildMenuGrub2 = buildMenuAdditionalParamsGrub2 "";
|
||||
|
||||
targetArch =
|
||||
if config.boot.loader.grub.forcei686 then
|
||||
"ia32"
|
||||
else
|
||||
pkgs.stdenv.hostPlatform.efiArch;
|
||||
|
||||
/**
|
||||
* Given a `config` and params to add to `params`, build a set of default options.
|
||||
* Given params to add to `params`, build a set of default options.
|
||||
* Use this one when creating a variant (e.g. hidpi)
|
||||
*/
|
||||
buildMenuAdditionalParamsGrub2 = config: additional:
|
||||
buildMenuAdditionalParamsGrub2 = additional:
|
||||
let
|
||||
finalCfg = {
|
||||
name = "NixOS ${config.system.nixos.label}${config.isoImage.appendToMenuLabel}";
|
||||
|
@ -53,6 +57,7 @@ let
|
|||
image = "/boot/${config.system.boot.loader.kernelFile}";
|
||||
initrd = "/boot/initrd";
|
||||
};
|
||||
|
||||
in
|
||||
menuBuilderGrub2
|
||||
finalCfg
|
||||
|
@ -314,16 +319,16 @@ let
|
|||
# Menu entries
|
||||
#
|
||||
|
||||
${buildMenuGrub2 config}
|
||||
${buildMenuGrub2}
|
||||
submenu "HiDPI, Quirks and Accessibility" --class hidpi --class submenu {
|
||||
${grubMenuCfg}
|
||||
submenu "Suggests resolution @720p" --class hidpi-720p {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "video=1280x720@60"}
|
||||
${buildMenuAdditionalParamsGrub2 "video=1280x720@60"}
|
||||
}
|
||||
submenu "Suggests resolution @1080p" --class hidpi-1080p {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "video=1920x1080@60"}
|
||||
${buildMenuAdditionalParamsGrub2 "video=1920x1080@60"}
|
||||
}
|
||||
|
||||
# If we boot into a graphical environment where X is autoran
|
||||
|
@ -331,7 +336,7 @@ let
|
|||
# to disable this.
|
||||
submenu "Disable display-manager" --class quirk-disable-displaymanager {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "systemd.mask=display-manager.service"}
|
||||
${buildMenuAdditionalParamsGrub2 "systemd.mask=display-manager.service"}
|
||||
}
|
||||
|
||||
# Some laptop and convertibles have the panel installed in an
|
||||
|
@ -340,29 +345,29 @@ let
|
|||
submenu "" {return}
|
||||
submenu "Rotate framebuffer Clockwise" --class rotate-90cw {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "fbcon=rotate:1"}
|
||||
${buildMenuAdditionalParamsGrub2 "fbcon=rotate:1"}
|
||||
}
|
||||
submenu "Rotate framebuffer Upside-Down" --class rotate-180 {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "fbcon=rotate:2"}
|
||||
${buildMenuAdditionalParamsGrub2 "fbcon=rotate:2"}
|
||||
}
|
||||
submenu "Rotate framebuffer Counter-Clockwise" --class rotate-90ccw {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "fbcon=rotate:3"}
|
||||
${buildMenuAdditionalParamsGrub2 "fbcon=rotate:3"}
|
||||
}
|
||||
|
||||
# As a proof of concept, mainly. (Not sure it has accessibility merits.)
|
||||
submenu "" {return}
|
||||
submenu "Use black on white" --class accessibility-blakconwhite {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "vt.default_red=0xFF,0xBC,0x4F,0xB4,0x56,0xBC,0x4F,0x00,0xA1,0xCF,0x84,0xCA,0x8D,0xB4,0x84,0x68 vt.default_grn=0xFF,0x55,0xBA,0xBA,0x4D,0x4D,0xB3,0x00,0xA0,0x8F,0xB3,0xCA,0x88,0x93,0xA4,0x68 vt.default_blu=0xFF,0x58,0x5F,0x58,0xC5,0xBD,0xC5,0x00,0xA8,0xBB,0xAB,0x97,0xBD,0xC7,0xC5,0x68"}
|
||||
${buildMenuAdditionalParamsGrub2 "vt.default_red=0xFF,0xBC,0x4F,0xB4,0x56,0xBC,0x4F,0x00,0xA1,0xCF,0x84,0xCA,0x8D,0xB4,0x84,0x68 vt.default_grn=0xFF,0x55,0xBA,0xBA,0x4D,0x4D,0xB3,0x00,0xA0,0x8F,0xB3,0xCA,0x88,0x93,0xA4,0x68 vt.default_blu=0xFF,0x58,0x5F,0x58,0xC5,0xBD,0xC5,0x00,0xA8,0xBB,0xAB,0x97,0xBD,0xC7,0xC5,0x68"}
|
||||
}
|
||||
|
||||
# Serial access is a must!
|
||||
submenu "" {return}
|
||||
submenu "Serial console=ttyS0,115200n8" --class serial {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "console=ttyS0,115200n8"}
|
||||
${buildMenuAdditionalParamsGrub2 "console=ttyS0,115200n8"}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -431,19 +436,6 @@ let
|
|||
fsck.vfat -vn "$out"
|
||||
''; # */
|
||||
|
||||
# Name used by UEFI for architectures.
|
||||
targetArch =
|
||||
if pkgs.stdenv.isi686 || config.boot.loader.grub.forcei686 then
|
||||
"ia32"
|
||||
else if pkgs.stdenv.isx86_64 then
|
||||
"x64"
|
||||
else if pkgs.stdenv.isAarch32 then
|
||||
"arm"
|
||||
else if pkgs.stdenv.isAarch64 then
|
||||
"aa64"
|
||||
else
|
||||
throw "Unsupported architecture";
|
||||
|
||||
# Syslinux (and isolinux) only supports x86-based architectures.
|
||||
canx86BiosBoot = pkgs.stdenv.hostPlatform.isx86;
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ let
|
|||
inherit system pkgs;
|
||||
};
|
||||
|
||||
interactiveDriver = (testing.makeTest { inherit nodes; testScript = "start_all(); join_all();"; }).driverInteractive;
|
||||
interactiveDriver = (testing.makeTest { inherit nodes; name = "network"; testScript = "start_all(); join_all();"; }).driverInteractive;
|
||||
in
|
||||
|
||||
|
||||
|
|
|
@ -455,6 +455,7 @@
|
|||
./services/hardware/lcd.nix
|
||||
./services/hardware/lirc.nix
|
||||
./services/hardware/nvidia-optimus.nix
|
||||
./services/hardware/openrgb.nix
|
||||
./services/hardware/pcscd.nix
|
||||
./services/hardware/pommed.nix
|
||||
./services/hardware/power-profiles-daemon.nix
|
||||
|
@ -681,6 +682,7 @@
|
|||
./services/monitoring/heapster.nix
|
||||
./services/monitoring/incron.nix
|
||||
./services/monitoring/kapacitor.nix
|
||||
./services/monitoring/kthxbye.nix
|
||||
./services/monitoring/loki.nix
|
||||
./services/monitoring/longview.nix
|
||||
./services/monitoring/mackerel-agent.nix
|
||||
|
@ -1072,6 +1074,7 @@
|
|||
./services/web-apps/engelsystem.nix
|
||||
./services/web-apps/ethercalc.nix
|
||||
./services/web-apps/fluidd.nix
|
||||
./services/web-apps/freshrss.nix
|
||||
./services/web-apps/galene.nix
|
||||
./services/web-apps/gerrit.nix
|
||||
./services/web-apps/gotify-server.nix
|
||||
|
@ -1234,6 +1237,7 @@
|
|||
./system/boot/systemd/journald.nix
|
||||
./system/boot/systemd/logind.nix
|
||||
./system/boot/systemd/nspawn.nix
|
||||
./system/boot/systemd/oomd.nix
|
||||
./system/boot/systemd/shutdown.nix
|
||||
./system/boot/systemd/tmpfiles.nix
|
||||
./system/boot/systemd/user.nix
|
||||
|
|
|
@ -1279,7 +1279,7 @@ in
|
|||
mr ${pkgs.pam_mount}/lib/security/pam_mount.so,
|
||||
'' +
|
||||
optionalString (isEnabled (cfg: cfg.enableGnomeKeyring)) ''
|
||||
mr ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so,
|
||||
mr ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so,
|
||||
'' +
|
||||
optionalString (isEnabled (cfg: cfg.startSession)) ''
|
||||
mr ${config.systemd.package}/lib/security/pam_systemd.so,
|
||||
|
|
|
@ -37,27 +37,76 @@ in
|
|||
};
|
||||
|
||||
initialEmail = mkOption {
|
||||
description = lib.mdDoc "Initial email for the pgAdmin account.";
|
||||
description = lib.mdDoc "Initial email for the pgAdmin account";
|
||||
type = types.str;
|
||||
};
|
||||
|
||||
initialPasswordFile = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
Initial password file for the pgAdmin account.
|
||||
NOTE: Should be string not a store path, to prevent the password from being world readable.
|
||||
NOTE: Should be string not a store path, to prevent the password from being world readable
|
||||
'';
|
||||
type = types.path;
|
||||
};
|
||||
|
||||
emailServer = {
|
||||
enable = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
Enable SMTP email server. This is necessary, if you want to use password recovery or change your own password
|
||||
'';
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
address = mkOption {
|
||||
description = lib.mdDoc "SMTP server for email delivery";
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
};
|
||||
port = mkOption {
|
||||
description = lib.mdDoc "SMTP server port for email delivery";
|
||||
type = types.port;
|
||||
default = 25;
|
||||
};
|
||||
useSSL = mkOption {
|
||||
description = lib.mdDoc "SMTP server should use SSL";
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
useTLS = mkOption {
|
||||
description = lib.mdDoc "SMTP server should use TLS";
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
username = mkOption {
|
||||
description = lib.mdDoc "SMTP server username for email delivery";
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
};
|
||||
sender = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
SMTP server sender email for email delivery. Some servers require this to be a valid email address from that server
|
||||
'';
|
||||
type = types.str;
|
||||
example = "noreply@example.com";
|
||||
};
|
||||
passwordFile = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
Password for SMTP email account.
|
||||
NOTE: Should be string not a store path, to prevent the password from being world readable
|
||||
'';
|
||||
type = types.path;
|
||||
};
|
||||
};
|
||||
|
||||
openFirewall = mkEnableOption (lib.mdDoc "firewall passthrough for pgadmin4");
|
||||
|
||||
settings = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
Settings for pgadmin4.
|
||||
[Documentation](https://www.pgadmin.org/docs/pgadmin4/development/config_py.html).
|
||||
[Documentation](https://www.pgadmin.org/docs/pgadmin4/development/config_py.html)
|
||||
'';
|
||||
type = pyType;
|
||||
default= {};
|
||||
default = { };
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -69,6 +118,13 @@ in
|
|||
SERVER_MODE = true;
|
||||
} // (optionalAttrs cfg.openFirewall {
|
||||
DEFAULT_SERVER = mkDefault "::";
|
||||
}) // (optionalAttrs cfg.emailServer.enable {
|
||||
MAIL_SERVER = cfg.emailServer.address;
|
||||
MAIL_PORT = cfg.emailServer.port;
|
||||
MAIL_USE_SSL = cfg.emailServer.useSSL;
|
||||
MAIL_USE_TLS = cfg.emailServer.useTLS;
|
||||
MAIL_USERNAME = cfg.emailServer.username;
|
||||
SECURITY_EMAIL_SENDER = cfg.emailServer.sender;
|
||||
});
|
||||
|
||||
systemd.services.pgadmin = {
|
||||
|
@ -115,10 +171,14 @@ in
|
|||
group = "pgadmin";
|
||||
};
|
||||
|
||||
users.groups.pgadmin = {};
|
||||
users.groups.pgadmin = { };
|
||||
|
||||
environment.etc."pgadmin/config_system.py" = {
|
||||
text = formatPy cfg.settings;
|
||||
text = lib.optionalString cfg.emailServer.enable ''
|
||||
with open("${cfg.emailServer.passwordFile}") as f:
|
||||
pw = f.read()
|
||||
MAIL_PASSWORD = pw
|
||||
'' + formatPy cfg.settings;
|
||||
mode = "0600";
|
||||
user = "pgadmin";
|
||||
group = "pgadmin";
|
||||
|
|
52
third_party/nixpkgs/nixos/modules/services/hardware/openrgb.nix
vendored
Normal file
52
third_party/nixpkgs/nixos/modules/services/hardware/openrgb.nix
vendored
Normal file
|
@ -0,0 +1,52 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.hardware.openrgb;
|
||||
in {
|
||||
options.services.hardware.openrgb = {
|
||||
enable = mkEnableOption (lib.mdDoc "OpenRGB server");
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.openrgb;
|
||||
defaultText = literalMD "pkgs.openrgb";
|
||||
description = lib.mdDoc "Set version of openrgb package to use.";
|
||||
};
|
||||
|
||||
motherboard = mkOption {
|
||||
type = types.nullOr (types.enum [ "amd" "intel" ]);
|
||||
default = null;
|
||||
description = lib.mdDoc "CPU family of motherboard. Allows for addition motherboard i2c support.";
|
||||
};
|
||||
|
||||
server.port = mkOption {
|
||||
type = types.port;
|
||||
default = 6742;
|
||||
description = lib.mdDoc "Set server port of openrgb.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
services.udev.packages = [ cfg.package ];
|
||||
|
||||
boot.kernelModules = [ "i2c-dev" ]
|
||||
++ lib.optionals (cfg.motherboard == "amd") [ "i2c-piix" ]
|
||||
++ lib.optionals (cfg.motherboard == "intel") [ "i2c-i801" ];
|
||||
|
||||
systemd.services.openrgb = {
|
||||
description = "OpenRGB server daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/openrgb --server --server-port ${toString cfg.server.port}";
|
||||
Restart = "always";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ jonringer ];
|
||||
}
|
|
@ -35,6 +35,30 @@ in
|
|||
description = lib.mdDoc "Path of the API socket to create.";
|
||||
};
|
||||
|
||||
mutableConfig = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
example = true;
|
||||
description = lib.mdDoc ''
|
||||
Whether to copy the config to a mutable directory instead of using the one directly from the nix store.
|
||||
This will only copy the config if the file at `services.klipper.mutableConfigPath` doesn't exist.
|
||||
'';
|
||||
};
|
||||
|
||||
mutableConfigFolder = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/klipper";
|
||||
description = lib.mdDoc "Path to mutable Klipper config file.";
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Path to default Klipper config.
|
||||
'';
|
||||
};
|
||||
|
||||
octoprintIntegration = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
@ -62,8 +86,8 @@ in
|
|||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = format.type;
|
||||
default = { };
|
||||
type = types.nullOr format.type;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Configuration for Klipper. See the [documentation](https://www.klipper3d.org/Overview.html#configuration-and-tuning-guides)
|
||||
for supported values.
|
||||
|
@ -80,6 +104,10 @@ in
|
|||
building of firmware and addition of klipper-flash tools for manual flashing.
|
||||
This will add `klipper-flash-$mcu` scripts to your environment which can be called to flash the firmware.
|
||||
'');
|
||||
serial = mkOption {
|
||||
type = types.nullOr path;
|
||||
description = lib.mdDoc "Path to serial port this printer is connected to. Leave `null` to derive it from `service.klipper.settings`.";
|
||||
};
|
||||
configFile = mkOption {
|
||||
type = path;
|
||||
description = lib.mdDoc "Path to firmware config which is generated using `klipper-genconf`";
|
||||
|
@ -95,19 +123,25 @@ in
|
|||
assertions = [
|
||||
{
|
||||
assertion = cfg.octoprintIntegration -> config.services.octoprint.enable;
|
||||
message = "Option klipper.octoprintIntegration requires Octoprint to be enabled on this system. Please enable services.octoprint to use it.";
|
||||
message = "Option services.klipper.octoprintIntegration requires Octoprint to be enabled on this system. Please enable services.octoprint to use it.";
|
||||
}
|
||||
{
|
||||
assertion = cfg.user != null -> cfg.group != null;
|
||||
message = "Option klipper.group is not set when a user is specified.";
|
||||
message = "Option services.klipper.group is not set when services.klipper.user is specified.";
|
||||
}
|
||||
{
|
||||
assertion = foldl (a: b: a && b) true (mapAttrsToList (mcu: _: mcu != null -> (hasAttrByPath [ "${mcu}" "serial" ] cfg.settings)) cfg.firmwares);
|
||||
message = "Option klipper.settings.$mcu.serial must be set when klipper.firmware.$mcu is specified";
|
||||
assertion = cfg.settings != null -> foldl (a: b: a && b) true (mapAttrsToList (mcu: _: mcu != null -> (hasAttrByPath [ "${mcu}" "serial" ] cfg.settings)) cfg.firmwares);
|
||||
message = "Option services.klipper.settings.$mcu.serial must be set when settings.klipper.firmware.$mcu is specified";
|
||||
}
|
||||
{
|
||||
assertion = (cfg.configFile != null) != (cfg.settings != null);
|
||||
message = "You need to either specify services.klipper.settings or services.klipper.defaultConfig.";
|
||||
}
|
||||
];
|
||||
|
||||
environment.etc."klipper.cfg".source = format.generate "klipper.cfg" cfg.settings;
|
||||
environment.etc = mkIf (!cfg.mutableConfig) {
|
||||
"klipper.cfg".source = if cfg.settings != null then format.generate "klipper.cfg" cfg.settings else cfg.configFile;
|
||||
};
|
||||
|
||||
services.klipper = mkIf cfg.octoprintIntegration {
|
||||
user = config.services.octoprint.user;
|
||||
|
@ -118,15 +152,34 @@ in
|
|||
let
|
||||
klippyArgs = "--input-tty=${cfg.inputTTY}"
|
||||
+ optionalString (cfg.apiSocket != null) " --api-server=${cfg.apiSocket}";
|
||||
printerConfigPath =
|
||||
if cfg.mutableConfig
|
||||
then cfg.mutableConfigFolder + "/printer.cfg"
|
||||
else "/etc/klipper.cfg";
|
||||
printerConfigFile =
|
||||
if cfg.settings != null
|
||||
then format.generate "klipper.cfg" cfg.settings
|
||||
else cfg.configFile;
|
||||
in
|
||||
{
|
||||
description = "Klipper 3D Printer Firmware";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.mutableConfigFolder}
|
||||
${lib.optionalString (cfg.mutableConfig) ''
|
||||
[ -e ${printerConfigPath} ] || {
|
||||
cp ${printerConfigFile} ${printerConfigPath}
|
||||
chmod +w ${printerConfigPath}
|
||||
}
|
||||
''}
|
||||
mkdir -p ${cfg.mutableConfigFolder}/gcodes
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} /etc/klipper.cfg";
|
||||
ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} ${printerConfigPath}";
|
||||
RuntimeDirectory = "klipper";
|
||||
StateDirectory = "klipper";
|
||||
SupplementaryGroups = [ "dialout" ];
|
||||
WorkingDirectory = "${cfg.package}/lib";
|
||||
OOMScoreAdjust = "-999";
|
||||
|
@ -134,6 +187,7 @@ in
|
|||
CPUSchedulingPriority = 99;
|
||||
IOSchedulingClass = "realtime";
|
||||
IOSchedulingPriority = 0;
|
||||
UMask = "0002";
|
||||
} // (if cfg.user != null then {
|
||||
Group = cfg.group;
|
||||
User = cfg.user;
|
||||
|
@ -146,8 +200,9 @@ in
|
|||
environment.systemPackages =
|
||||
with pkgs;
|
||||
let
|
||||
default = a: b: if a != null then a else b;
|
||||
firmwares = filterAttrs (n: v: v!= null) (mapAttrs
|
||||
(mcu: { enable, configFile }: if enable then pkgs.klipper-firmware.override {
|
||||
(mcu: { enable, configFile, serial }: if enable then pkgs.klipper-firmware.override {
|
||||
mcu = lib.strings.sanitizeDerivationName mcu;
|
||||
firmwareConfig = configFile;
|
||||
} else null)
|
||||
|
@ -156,11 +211,14 @@ in
|
|||
(mcu: firmware: pkgs.klipper-flash.override {
|
||||
mcu = lib.strings.sanitizeDerivationName mcu;
|
||||
klipper-firmware = firmware;
|
||||
flashDevice = cfg.settings."${mcu}".serial;
|
||||
flashDevice = default cfg.firmwares."${mcu}".serial cfg.settings."${mcu}".serial;
|
||||
firmwareConfig = cfg.firmwares."${mcu}".configFile;
|
||||
})
|
||||
firmwares;
|
||||
in
|
||||
[ klipper-genconf ] ++ firmwareFlasher ++ attrValues firmwares;
|
||||
};
|
||||
meta.maintainers = [
|
||||
maintainers.cab404
|
||||
];
|
||||
}
|
||||
|
|
|
@ -123,7 +123,11 @@ in {
|
|||
host = cfg.address;
|
||||
port = cfg.port;
|
||||
klippy_uds_address = cfg.klipperSocket;
|
||||
};
|
||||
file_manager = {
|
||||
config_path = cfg.configDir;
|
||||
};
|
||||
database = {
|
||||
database_path = "${cfg.stateDir}/database";
|
||||
};
|
||||
};
|
||||
|
@ -153,6 +157,7 @@ in {
|
|||
|
||||
serviceConfig = {
|
||||
WorkingDirectory = cfg.stateDir;
|
||||
PrivateTmp = true;
|
||||
Group = cfg.group;
|
||||
User = cfg.user;
|
||||
};
|
||||
|
@ -175,4 +180,9 @@ in {
|
|||
});
|
||||
'';
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [
|
||||
cab404
|
||||
vtuan10
|
||||
];
|
||||
}
|
||||
|
|
|
@ -228,13 +228,16 @@ in
|
|||
'';
|
||||
};
|
||||
protocol = mkOption {
|
||||
type = types.enum [ "ssh" "ssh-ng" ];
|
||||
type = types.enum [ null "ssh" "ssh-ng" ];
|
||||
default = "ssh";
|
||||
example = "ssh-ng";
|
||||
description = lib.mdDoc ''
|
||||
The protocol used for communicating with the build machine.
|
||||
Use `ssh-ng` if your remote builder and your
|
||||
local Nix version support that improved protocol.
|
||||
|
||||
Use `null` when trying to change the special localhost builder
|
||||
without a protocol which is for example used by hydra.
|
||||
'';
|
||||
};
|
||||
system = mkOption {
|
||||
|
@ -680,13 +683,15 @@ in
|
|||
concatMapStrings
|
||||
(machine:
|
||||
(concatStringsSep " " ([
|
||||
"${machine.protocol}://${optionalString (machine.sshUser != null) "${machine.sshUser}@"}${machine.hostName}"
|
||||
"${optionalString (machine.protocol != null) "${machine.protocol}://"}${optionalString (machine.sshUser != null) "${machine.sshUser}@"}${machine.hostName}"
|
||||
(if machine.system != null then machine.system else if machine.systems != [ ] then concatStringsSep "," machine.systems else "-")
|
||||
(if machine.sshKey != null then machine.sshKey else "-")
|
||||
(toString machine.maxJobs)
|
||||
(toString machine.speedFactor)
|
||||
(concatStringsSep "," (machine.supportedFeatures ++ machine.mandatoryFeatures))
|
||||
(concatStringsSep "," machine.mandatoryFeatures)
|
||||
(let res = (machine.supportedFeatures ++ machine.mandatoryFeatures);
|
||||
in if (res == []) then "-" else (concatStringsSep "," res))
|
||||
(let res = machine.mandatoryFeatures;
|
||||
in if (res == []) then "-" else (concatStringsSep "," machine.mandatoryFeatures))
|
||||
]
|
||||
++ optional (isNixAtLeast "2.4pre") (if machine.publicHostKey != null then machine.publicHostKey else "-")))
|
||||
+ "\n"
|
||||
|
|
|
@ -80,7 +80,7 @@ let
|
|||
RestrictSUIDSGID = true;
|
||||
SupplementaryGroups = optional enableRedis redisServer.user;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @resources @setuid @keyring" ];
|
||||
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
|
||||
# Does not work well with the temporary root
|
||||
#UMask = "0066";
|
||||
};
|
||||
|
|
166
third_party/nixpkgs/nixos/modules/services/monitoring/kthxbye.nix
vendored
Normal file
166
third_party/nixpkgs/nixos/modules/services/monitoring/kthxbye.nix
vendored
Normal file
|
@ -0,0 +1,166 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.kthxbye;
|
||||
in
|
||||
|
||||
{
|
||||
options.services.kthxbye = {
|
||||
enable = mkEnableOption (mdDoc "kthxbye alert acknowledgement management daemon");
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.kthxbye;
|
||||
defaultText = literalExpression "pkgs.kthxbye";
|
||||
description = mdDoc ''
|
||||
The kthxbye package that should be used.
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Whether to open ports in the firewall needed for the daemon to function.
|
||||
'';
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
description = mdDoc ''
|
||||
Extra command line options.
|
||||
|
||||
Documentation can be found [here](https://github.com/prymitive/kthxbye/blob/main/README.md).
|
||||
'';
|
||||
example = literalExpression ''
|
||||
[
|
||||
"-extend-with-prefix 'ACK!'"
|
||||
];
|
||||
'';
|
||||
};
|
||||
|
||||
alertmanager = {
|
||||
timeout = mkOption {
|
||||
type = types.str;
|
||||
default = "1m0s";
|
||||
description = mdDoc ''
|
||||
Alertmanager request timeout duration in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
|
||||
'';
|
||||
example = "30s";
|
||||
};
|
||||
uri = mkOption {
|
||||
type = types.str;
|
||||
default = "http://localhost:9093";
|
||||
description = mdDoc ''
|
||||
Alertmanager URI to use.
|
||||
'';
|
||||
example = "https://alertmanager.example.com";
|
||||
};
|
||||
};
|
||||
|
||||
extendBy = mkOption {
|
||||
type = types.str;
|
||||
default = "15m0s";
|
||||
description = mdDoc ''
|
||||
Extend silences by adding DURATION seconds.
|
||||
|
||||
DURATION should be provided in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
|
||||
'';
|
||||
example = "6h0m0s";
|
||||
};
|
||||
|
||||
extendIfExpiringIn = mkOption {
|
||||
type = types.str;
|
||||
default = "5m0s";
|
||||
description = mdDoc ''
|
||||
Extend silences that are about to expire in the next DURATION seconds.
|
||||
|
||||
DURATION should be provided in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
|
||||
'';
|
||||
example = "1m0s";
|
||||
};
|
||||
|
||||
extendWithPrefix = mkOption {
|
||||
type = types.str;
|
||||
default = "ACK!";
|
||||
description = mdDoc ''
|
||||
Extend silences with comment starting with PREFIX string.
|
||||
'';
|
||||
example = "!perma-silence";
|
||||
};
|
||||
|
||||
interval = mkOption {
|
||||
type = types.str;
|
||||
default = "45s";
|
||||
description = mdDoc ''
|
||||
Silence check interval duration in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
|
||||
'';
|
||||
example = "30s";
|
||||
};
|
||||
|
||||
listenAddress = mkOption {
|
||||
type = types.str;
|
||||
default = "0.0.0.0";
|
||||
description = mdDoc ''
|
||||
The address to listen on for HTTP requests.
|
||||
'';
|
||||
example = "127.0.0.1";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8080;
|
||||
description = mdDoc ''
|
||||
The port to listen on for HTTP requests.
|
||||
'';
|
||||
};
|
||||
|
||||
logJSON = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Format logged messages as JSON.
|
||||
'';
|
||||
};
|
||||
|
||||
maxDuration = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
description = mdDoc ''
|
||||
Maximum duration of a silence, it won't be extended anymore after reaching it.
|
||||
|
||||
Duration should be provided in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
|
||||
'';
|
||||
example = "30d";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.kthxbye = {
|
||||
description = "kthxbye Alertmanager ack management daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
script = ''
|
||||
${cfg.package}/bin/kthxbye \
|
||||
-alertmanager.timeout ${cfg.alertmanager.timeout} \
|
||||
-alertmanager.uri ${cfg.alertmanager.uri} \
|
||||
-extend-by ${cfg.extendBy} \
|
||||
-extend-if-expiring-in ${cfg.extendIfExpiringIn} \
|
||||
-extend-with-prefix ${cfg.extendWithPrefix} \
|
||||
-interval ${cfg.interval} \
|
||||
-listen ${cfg.listenAddress}:${toString cfg.port} \
|
||||
${optionalString cfg.logJSON "-log-json"} \
|
||||
${optionalString (cfg.maxDuration != null) "-max-duration ${cfg.maxDuration}"} \
|
||||
${concatStringsSep " " cfg.extraOptions}
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
DynamicUser = true;
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
|
||||
};
|
||||
}
|
|
@ -14,7 +14,7 @@ in
|
|||
configuration = mkOption {
|
||||
type = types.nullOr types.attrs;
|
||||
default = null;
|
||||
example = literalExample ''
|
||||
example = literalExpression ''
|
||||
{
|
||||
providers = {
|
||||
twilio = {
|
||||
|
|
|
@ -34,7 +34,7 @@ with lib;
|
|||
|
||||
Either `configFile` or `config` must be specified.
|
||||
|
||||
See <https://www.v2fly.org/en_US/config/overview.html>.
|
||||
See <https://www.v2fly.org/en_US/v5/config/overview.html>.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -56,7 +56,7 @@ with lib;
|
|||
|
||||
Either `configFile` or `config` must be specified.
|
||||
|
||||
See <https://www.v2fly.org/en_US/config/overview.html>.
|
||||
See <https://www.v2fly.org/en_US/v5/config/overview.html>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -71,7 +71,7 @@ with lib;
|
|||
name = "v2ray.json";
|
||||
text = builtins.toJSON cfg.config;
|
||||
checkPhase = ''
|
||||
${cfg.package}/bin/v2ray -test -config $out
|
||||
${cfg.package}/bin/v2ray test -c $out
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -83,13 +83,15 @@ with lib;
|
|||
}
|
||||
];
|
||||
|
||||
environment.etc."v2ray/config.json".source = configFile;
|
||||
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
systemd.services.v2ray = {
|
||||
description = "v2ray Daemon";
|
||||
after = [ "network.target" ];
|
||||
restartTriggers = [ config.environment.etc."v2ray/config.json".source ];
|
||||
|
||||
# Workaround: https://github.com/NixOS/nixpkgs/issues/81138
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/v2ray -config ${configFile}";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -137,6 +137,33 @@ let
|
|||
See [documentation](https://www.wireguard.com/netns/).
|
||||
'';
|
||||
};
|
||||
|
||||
fwMark = mkOption {
|
||||
default = null;
|
||||
type = with types; nullOr str;
|
||||
example = "0x6e6978";
|
||||
description = lib.mdDoc ''
|
||||
Mark all wireguard packets originating from
|
||||
this interface with the given firewall mark. The firewall mark can be
|
||||
used in firewalls or policy routing to filter the wireguard packets.
|
||||
This can be useful for setup where all traffic goes through the
|
||||
wireguard tunnel, because the wireguard packets need to be routed
|
||||
differently.
|
||||
'';
|
||||
};
|
||||
|
||||
mtu = mkOption {
|
||||
default = null;
|
||||
type = with types; nullOr int;
|
||||
example = 1280;
|
||||
description = lib.mdDoc ''
|
||||
Set the maximum transmission unit in bytes for the wireguard
|
||||
interface. Beware that the wireguard packets have a header that may
|
||||
add up to 80 bytes to the mtu. By default, the MTU is (1500 - 80) =
|
||||
1420. However, if the MTU of the upstream network is lower, the MTU
|
||||
of the wireguard network has to be adjusted as well.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -398,6 +425,7 @@ let
|
|||
|
||||
${ipPreMove} link add dev "${name}" type wireguard
|
||||
${optionalString (values.interfaceNamespace != null && values.interfaceNamespace != values.socketNamespace) ''${ipPreMove} link set "${name}" netns "${ns}"''}
|
||||
${optionalString (values.mtu != null) ''${ipPreMove} link set "${name}" mtu ${toString values.mtu}''}
|
||||
|
||||
${concatMapStringsSep "\n" (ip:
|
||||
''${ipPostMove} address add "${ip}" dev "${name}"''
|
||||
|
@ -406,6 +434,7 @@ let
|
|||
${concatStringsSep " " (
|
||||
[ ''${wg} set "${name}" private-key "${privKey}"'' ]
|
||||
++ optional (values.listenPort != null) ''listen-port "${toString values.listenPort}"''
|
||||
++ optional (values.fwMark != null) ''fwmark "${values.fwMark}"''
|
||||
)}
|
||||
|
||||
${ipPostMove} link set up dev "${name}"
|
||||
|
|
|
@ -40,14 +40,14 @@ in {
|
|||
|
||||
If the {option}`persistentKeys` is enabled then the
|
||||
keys that are generated during activation will override
|
||||
those in {option}`config` or
|
||||
those in {option}`settings` or
|
||||
{option}`configFile`.
|
||||
|
||||
If no keys are specified then ephemeral keys are generated
|
||||
and the Yggdrasil interface will have a random IPv6 address
|
||||
each time the service is started, this is the default.
|
||||
|
||||
If both {option}`configFile` and {option}`config`
|
||||
If both {option}`configFile` and {option}`settings`
|
||||
are supplied, they will be combined, with values from
|
||||
{option}`configFile` taking precedence.
|
||||
|
||||
|
@ -62,7 +62,7 @@ in {
|
|||
example = "/run/keys/yggdrasil.conf";
|
||||
description = lib.mdDoc ''
|
||||
A file which contains JSON configuration for yggdrasil.
|
||||
See the {option}`config` option for more information.
|
||||
See the {option}`settings` option for more information.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -81,7 +81,7 @@ in {
|
|||
discovery. The NixOS firewall blocks link-local
|
||||
communication, so in order to make local peering work you
|
||||
will also need to set `LinkLocalTCPPort` in your
|
||||
yggdrasil configuration ({option}`config` or
|
||||
yggdrasil configuration ({option}`settings` or
|
||||
{option}`configFile`) to a port number other than 0,
|
||||
and then add that port to
|
||||
{option}`networking.firewall.allowedTCPPorts`.
|
||||
|
|
|
@ -27,7 +27,7 @@ An annotated example of a simple configuration:
|
|||
# The NixOS module will generate new keys and a new IPv6 address each time
|
||||
# it is started if persistentKeys is not enabled.
|
||||
|
||||
config = {
|
||||
settings = {
|
||||
Peers = [
|
||||
# Yggdrasil will automatically connect and "peer" with other nodes it
|
||||
# discovers via link-local multicast annoucements. Unless this is the
|
||||
|
@ -58,7 +58,7 @@ in {
|
|||
services.yggdrasil = {
|
||||
enable = true;
|
||||
persistentKeys = true; # Maintain a fixed public key and IPv6 address.
|
||||
config = {
|
||||
settings = {
|
||||
Peers = [ "tcp://1.2.3.4:1024" "tcp://1.2.3.5:1024" ];
|
||||
NodeInfo = {
|
||||
# This information is visible to the network.
|
||||
|
|
274
third_party/nixpkgs/nixos/modules/services/web-apps/freshrss.nix
vendored
Normal file
274
third_party/nixpkgs/nixos/modules/services/web-apps/freshrss.nix
vendored
Normal file
|
@ -0,0 +1,274 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.freshrss;
|
||||
|
||||
poolName = "freshrss";
|
||||
in
|
||||
{
|
||||
meta.maintainers = with maintainers; [ etu stunkymonkey ];
|
||||
|
||||
options.services.freshrss = {
|
||||
enable = mkEnableOption (mdDoc "FreshRSS feed reader");
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.freshrss;
|
||||
defaultText = lib.literalExpression "pkgs.freshrss";
|
||||
description = mdDoc "Which FreshRSS package to use.";
|
||||
};
|
||||
|
||||
defaultUser = mkOption {
|
||||
type = types.str;
|
||||
default = "admin";
|
||||
description = mdDoc "Default username for FreshRSS.";
|
||||
example = "eva";
|
||||
};
|
||||
|
||||
passwordFile = mkOption {
|
||||
type = types.path;
|
||||
description = mdDoc "Password for the defaultUser for FreshRSS.";
|
||||
example = "/run/secrets/freshrss";
|
||||
};
|
||||
|
||||
baseUrl = mkOption {
|
||||
type = types.str;
|
||||
description = mdDoc "Default URL for FreshRSS.";
|
||||
example = "https://freshrss.example.com";
|
||||
};
|
||||
|
||||
language = mkOption {
|
||||
type = types.str;
|
||||
default = "en";
|
||||
description = mdDoc "Default language for FreshRSS.";
|
||||
example = "de";
|
||||
};
|
||||
|
||||
database = {
|
||||
type = mkOption {
|
||||
type = types.enum [ "sqlite" "pgsql" "mysql" ];
|
||||
default = "sqlite";
|
||||
description = mdDoc "Database type.";
|
||||
example = "pgsql";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "localhost";
|
||||
description = mdDoc "Database host for FreshRSS.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = with types; nullOr port;
|
||||
default = null;
|
||||
description = mdDoc "Database port for FreshRSS.";
|
||||
example = 3306;
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "freshrss";
|
||||
description = mdDoc "Database user for FreshRSS.";
|
||||
};
|
||||
|
||||
passFile = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = mdDoc "Database password file for FreshRSS.";
|
||||
example = "/run/secrets/freshrss";
|
||||
};
|
||||
|
||||
name = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "freshrss";
|
||||
description = mdDoc "Database name for FreshRSS.";
|
||||
};
|
||||
|
||||
tableprefix = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = mdDoc "Database table prefix for FreshRSS.";
|
||||
example = "freshrss";
|
||||
};
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/freshrss";
|
||||
description = mdDoc "Default data folder for FreshRSS.";
|
||||
example = "/mnt/freshrss";
|
||||
};
|
||||
|
||||
virtualHost = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "freshrss";
|
||||
description = mdDoc ''
|
||||
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
|
||||
'';
|
||||
};
|
||||
|
||||
pool = mkOption {
|
||||
type = types.str;
|
||||
default = poolName;
|
||||
description = mdDoc ''
|
||||
Name of the phpfpm pool to use and setup. If not specified, a pool will be created
|
||||
with default values.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
config =
|
||||
let
|
||||
systemd-hardening = {
|
||||
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
||||
DeviceAllow = "";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProcSubset = "pid";
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
|
||||
UMask = "0007";
|
||||
};
|
||||
in
|
||||
mkIf cfg.enable {
|
||||
# Set up a Nginx virtual host.
|
||||
services.nginx = mkIf (cfg.virtualHost != null) {
|
||||
enable = true;
|
||||
virtualHosts.${cfg.virtualHost} = {
|
||||
root = "${cfg.package}/p";
|
||||
|
||||
locations."~ ^.+?\.php(/.*)?$".extraConfig = ''
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket};
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
'';
|
||||
|
||||
locations."/" = {
|
||||
tryFiles = "$uri $uri/ index.php";
|
||||
index = "index.php index.html index.htm";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Set up phpfpm pool
|
||||
services.phpfpm.pools = mkIf (cfg.pool == poolName) {
|
||||
${poolName} = {
|
||||
user = "freshrss";
|
||||
settings = {
|
||||
"listen.owner" = "nginx";
|
||||
"listen.group" = "nginx";
|
||||
"listen.mode" = "0600";
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.max_requests" = 500;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 5;
|
||||
"catch_workers_output" = true;
|
||||
};
|
||||
phpEnv = {
|
||||
FRESHRSS_DATA_PATH = "${cfg.dataDir}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.freshrss = {
|
||||
description = "FreshRSS service user";
|
||||
isSystemUser = true;
|
||||
group = "freshrss";
|
||||
};
|
||||
users.groups.freshrss = { };
|
||||
|
||||
systemd.services.freshrss-config =
|
||||
let
|
||||
settingsFlags = concatStringsSep " \\\n "
|
||||
(mapAttrsToList (k: v: "${k} ${toString v}") {
|
||||
"--default_user" = ''"${cfg.defaultUser}"'';
|
||||
"--auth_type" = ''"form"'';
|
||||
"--base_url" = ''"${cfg.baseUrl}"'';
|
||||
"--language" = ''"${cfg.language}"'';
|
||||
"--db-type" = ''"${cfg.database.type}"'';
|
||||
# The following attributes are optional depending on the type of
|
||||
# database. Those that evaluate to null on the left hand side
|
||||
# will be omitted.
|
||||
${if cfg.database.name != null then "--db-base" else null} = ''"${cfg.database.name}"'';
|
||||
${if cfg.database.passFile != null then "--db-password" else null} = ''"$(cat ${cfg.database.passFile})"'';
|
||||
${if cfg.database.user != null then "--db-user" else null} = ''"${cfg.database.user}"'';
|
||||
${if cfg.database.tableprefix != null then "--db-prefix" else null} = ''"${cfg.database.tableprefix}"'';
|
||||
${if cfg.database.host != null && cfg.database.port != null then "--db-host" else null} = ''"${cfg.database.host}:${toString cfg.database.port}"'';
|
||||
});
|
||||
in
|
||||
{
|
||||
description = "Set up the state directory for FreshRSS before use";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "freshrss";
|
||||
Group = "freshrss";
|
||||
StateDirectory = "freshrss";
|
||||
WorkingDirectory = cfg.package;
|
||||
} // systemd-hardening;
|
||||
environment = {
|
||||
FRESHRSS_DATA_PATH = cfg.dataDir;
|
||||
};
|
||||
|
||||
script = ''
|
||||
# create files with correct permissions
|
||||
mkdir -m 755 -p ${cfg.dataDir}
|
||||
|
||||
# do installation or reconfigure
|
||||
if test -f ${cfg.dataDir}/config.php; then
|
||||
# reconfigure with settings
|
||||
${pkgs.php}/bin/php ./cli/reconfigure.php ${settingsFlags}
|
||||
${pkgs.php}/bin/php ./cli/update-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})"
|
||||
else
|
||||
# Copy the user data template directory
|
||||
cp -r ./data ${cfg.dataDir}
|
||||
|
||||
# check correct folders in data folder
|
||||
${pkgs.php}/bin/php ./cli/prepare.php
|
||||
# install with settings
|
||||
${pkgs.php}/bin/php ./cli/do-install.php ${settingsFlags}
|
||||
${pkgs.php}/bin/php ./cli/create-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.freshrss-updater = {
|
||||
description = "FreshRSS feed updater";
|
||||
after = [ "freshrss-config.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
startAt = "*:0/5";
|
||||
environment = {
|
||||
FRESHRSS_DATA_PATH = cfg.dataDir;
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "freshrss";
|
||||
Group = "freshrss";
|
||||
StateDirectory = "freshrss";
|
||||
WorkingDirectory = cfg.package;
|
||||
ExecStart = "${pkgs.php}/bin/php ./app/actualize_script.php";
|
||||
} // systemd-hardening;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -252,7 +252,10 @@ in
|
|||
.rabbitmq.url = "${cfg.rabbitmqUrl}"
|
||||
' /run/onlyoffice/config/default.json | sponge /run/onlyoffice/config/default.json
|
||||
|
||||
if ! psql -d onlyoffice -c "SELECT 'task_result'::regclass;" >/dev/null; then
|
||||
if psql -d onlyoffice -c "SELECT 'task_result'::regclass;" >/dev/null; then
|
||||
psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/removetbl.sql
|
||||
psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/createdb.sql
|
||||
else
|
||||
psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/createdb.sql
|
||||
fi
|
||||
'';
|
||||
|
|
|
@ -26,7 +26,7 @@ let
|
|||
|
||||
configFile =
|
||||
let
|
||||
Caddyfile = pkgs.writeText "Caddyfile" ''
|
||||
Caddyfile = pkgs.writeTextDir "Caddyfile" ''
|
||||
{
|
||||
${cfg.globalConfig}
|
||||
}
|
||||
|
@ -34,10 +34,11 @@ let
|
|||
'';
|
||||
|
||||
Caddyfile-formatted = pkgs.runCommand "Caddyfile-formatted" { nativeBuildInputs = [ cfg.package ]; } ''
|
||||
${cfg.package}/bin/caddy fmt ${Caddyfile} > $out
|
||||
mkdir -p $out
|
||||
${cfg.package}/bin/caddy fmt ${Caddyfile}/Caddyfile > $out/Caddyfile
|
||||
'';
|
||||
in
|
||||
if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform then Caddyfile-formatted else Caddyfile;
|
||||
"${if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform then Caddyfile-formatted else Caddyfile}/Caddyfile";
|
||||
|
||||
acmeHosts = unique (catAttrs "useACMEHost" acmeVHosts);
|
||||
|
||||
|
@ -142,7 +143,7 @@ in
|
|||
default = configFile;
|
||||
defaultText = "A Caddyfile automatically generated by values from services.caddy.*";
|
||||
example = literalExpression ''
|
||||
pkgs.writeText "Caddyfile" '''
|
||||
pkgs.writeTextDir "Caddyfile" '''
|
||||
example.com
|
||||
|
||||
root * /var/www/wordpress
|
||||
|
@ -157,17 +158,24 @@ in
|
|||
};
|
||||
|
||||
adapter = mkOption {
|
||||
default = "caddyfile";
|
||||
example = "nginx";
|
||||
type = types.str;
|
||||
default = null;
|
||||
example = literalExpression "nginx";
|
||||
type = with types; nullOr str;
|
||||
description = lib.mdDoc ''
|
||||
Name of the config adapter to use.
|
||||
See <https://caddyserver.com/docs/config-adapters>
|
||||
for the full list.
|
||||
|
||||
If `null` is specified, the `--adapter` argument is omitted when
|
||||
starting or restarting Caddy. Notably, this allows specification of a
|
||||
configuration file in Caddy's native JSON format, as long as the
|
||||
filename does not start with `Caddyfile` (in which case the `caddyfile`
|
||||
adapter is implicitly enabled). See
|
||||
<https://caddyserver.com/docs/command-line#caddy-run> for details.
|
||||
|
||||
::: {.note}
|
||||
Any value other than `caddyfile` is only valid when
|
||||
providing your own {option}`configFile`.
|
||||
Any value other than `null` or `caddyfile` is only valid when providing
|
||||
your own `configFile`.
|
||||
:::
|
||||
'';
|
||||
};
|
||||
|
@ -264,8 +272,8 @@ in
|
|||
config = mkIf cfg.enable {
|
||||
|
||||
assertions = [
|
||||
{ assertion = cfg.adapter != "caddyfile" -> cfg.configFile != configFile;
|
||||
message = "Any value other than 'caddyfile' is only valid when providing your own `services.caddy.configFile`";
|
||||
{ assertion = cfg.configFile == configFile -> cfg.adapter == "caddyfile" || cfg.adapter == null;
|
||||
message = "To specify an adapter other than 'caddyfile' please provide your own configuration via `services.caddy.configFile`";
|
||||
}
|
||||
] ++ map (name: mkCertOwnershipAssertion {
|
||||
inherit (cfg) group user;
|
||||
|
@ -295,10 +303,9 @@ in
|
|||
serviceConfig = {
|
||||
# https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
|
||||
# If the empty string is assigned to this option, the list of commands to start is reset, prior assignments of this option will have no effect.
|
||||
ExecStart = [ "" "${cfg.package}/bin/caddy run --config ${cfg.configFile} --adapter ${cfg.adapter} ${optionalString cfg.resume "--resume"}" ];
|
||||
ExecReload = [ "" "${cfg.package}/bin/caddy reload --config ${cfg.configFile} --adapter ${cfg.adapter} --force" ];
|
||||
|
||||
ExecStartPre = "${cfg.package}/bin/caddy validate --config ${cfg.configFile} --adapter ${cfg.adapter}";
|
||||
ExecStart = [ "" ''${cfg.package}/bin/caddy run --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"} ${optionalString cfg.resume "--resume"}'' ];
|
||||
ExecReload = [ "" ''${cfg.package}/bin/caddy reload --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"} --force'' ];
|
||||
ExecStartPre = ''${cfg.package}/bin/caddy validate --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"}'';
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ReadWriteDirectories = cfg.dataDir;
|
||||
|
|
|
@ -444,11 +444,14 @@ in
|
|||
services.xserver.displayManager.setupCommands = startplasma;
|
||||
|
||||
nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true;
|
||||
})
|
||||
|
||||
environment.etc = {
|
||||
"xdg/kwinrc".text = lib.generators.toINI {} cfg.kwinrc;
|
||||
"xdg/kdeglobals".text = lib.generators.toINI {} cfg.kdeglobals;
|
||||
};
|
||||
(mkIf (cfg.kwinrc != {}) {
|
||||
environment.etc."xdg/kwinrc".text = lib.generators.toINI {} cfg.kwinrc;
|
||||
})
|
||||
|
||||
(mkIf (cfg.kdeglobals != {}) {
|
||||
environment.etc."xdg/kdeglobals".text = lib.generators.toINI {} cfg.kdeglobals;
|
||||
})
|
||||
|
||||
# Plasma Desktop
|
||||
|
|
|
@ -555,6 +555,9 @@ while read -u 3 mountPoint; do
|
|||
|
||||
umount /tmp-iso
|
||||
rmdir /tmp-iso
|
||||
if [ -n "$isoPath" ] && [ $fsType = "iso9660" ] && mountpoint -q /findiso; then
|
||||
umount /findiso
|
||||
fi
|
||||
continue
|
||||
fi
|
||||
|
||||
|
|
57
third_party/nixpkgs/nixos/modules/system/boot/systemd/oomd.nix
vendored
Normal file
57
third_party/nixpkgs/nixos/modules/system/boot/systemd/oomd.nix
vendored
Normal file
|
@ -0,0 +1,57 @@
|
|||
{ config, lib, ... }: let
|
||||
|
||||
cfg = config.systemd.oomd;
|
||||
|
||||
in {
|
||||
options.systemd.oomd = {
|
||||
enable = lib.mkEnableOption (lib.mdDoc "the `systemd-oomd` OOM killer") // { default = true; };
|
||||
|
||||
# Fedora enables the first and third option by default. See the 10-oomd-* files here:
|
||||
# https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac351025597
|
||||
enableRootSlice = lib.mkEnableOption (lib.mdDoc "oomd on the root slice (`-.slice`)");
|
||||
enableSystemSlice = lib.mkEnableOption (lib.mdDoc "oomd on the system slice (`system.slice`)");
|
||||
enableUserServices = lib.mkEnableOption (lib.mdDoc "oomd on all user services (`user@.service`)");
|
||||
|
||||
extraConfig = lib.mkOption {
|
||||
type = with lib.types; attrsOf (oneOf [ str int bool ]);
|
||||
default = {};
|
||||
example = lib.literalExpression ''{ DefaultMemoryPressureDurationSec = "20s"; }'';
|
||||
description = lib.mdDoc ''
|
||||
Extra config options for `systemd-oomd`. See {command}`man oomd.conf`
|
||||
for available options.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.additionalUpstreamSystemUnits = [
|
||||
"systemd-oomd.service"
|
||||
"systemd-oomd.socket"
|
||||
];
|
||||
systemd.services.systemd-oomd.wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment.etc."systemd/oomd.conf".text = lib.generators.toINI {} {
|
||||
OOM = cfg.extraConfig;
|
||||
};
|
||||
|
||||
systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = lib.mkDefault "20s"; # Fedora default
|
||||
|
||||
users.users.systemd-oom = {
|
||||
description = "systemd-oomd service user";
|
||||
group = "systemd-oom";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.systemd-oom = { };
|
||||
|
||||
systemd.slices."-".sliceConfig = lib.mkIf cfg.enableRootSlice {
|
||||
ManagedOOMSwap = "kill";
|
||||
};
|
||||
systemd.slices."system".sliceConfig = lib.mkIf cfg.enableSystemSlice {
|
||||
ManagedOOMSwap = "kill";
|
||||
};
|
||||
systemd.services."user@".serviceConfig = lib.mkIf cfg.enableUserServices {
|
||||
ManagedOOMMemoryPressure = "kill";
|
||||
ManagedOOMMemoryPressureLimit = "50%";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -221,6 +221,8 @@ in
|
|||
'';
|
||||
|
||||
startAt = optional cfg.autoPrune.enable cfg.autoPrune.dates;
|
||||
after = [ "docker.service" ];
|
||||
requires = [ "docker.service" ];
|
||||
};
|
||||
|
||||
assertions = [
|
||||
|
|
75
third_party/nixpkgs/nixos/modules/virtualisation/linode-config.nix
vendored
Normal file
75
third_party/nixpkgs/nixos/modules/virtualisation/linode-config.nix
vendored
Normal file
|
@ -0,0 +1,75 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
imports = [ ../profiles/qemu-guest.nix ];
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
|
||||
permitRootLogin = "prohibit-password";
|
||||
passwordAuthentication = mkDefault false;
|
||||
};
|
||||
|
||||
networking = {
|
||||
usePredictableInterfaceNames = false;
|
||||
useDHCP = false;
|
||||
interfaces.eth0 = {
|
||||
useDHCP = true;
|
||||
|
||||
# Linode expects IPv6 privacy extensions to be disabled, so disable them
|
||||
# See: https://www.linode.com/docs/guides/manual-network-configuration/#static-vs-dynamic-addressing
|
||||
tempAddress = "disabled";
|
||||
};
|
||||
};
|
||||
|
||||
# Install diagnostic tools for Linode support
|
||||
environment.systemPackages = with pkgs; [
|
||||
inetutils
|
||||
mtr
|
||||
sysstat
|
||||
];
|
||||
|
||||
fileSystems."/" = {
|
||||
fsType = "ext4";
|
||||
device = "/dev/sda";
|
||||
autoResize = true;
|
||||
};
|
||||
|
||||
swapDevices = mkDefault [{ device = "/dev/sdb"; }];
|
||||
|
||||
# Enable LISH and Linode Booting w/ GRUB
|
||||
boot = {
|
||||
# Add Required Kernel Modules
|
||||
# NOTE: These are not documented in the install guide
|
||||
initrd.availableKernelModules = [
|
||||
"virtio_pci"
|
||||
"virtio_scsi"
|
||||
"ahci"
|
||||
"sd_mod"
|
||||
];
|
||||
|
||||
# Set Up LISH Serial Connection
|
||||
kernelParams = [ "console=ttyS0,19200n8" ];
|
||||
kernelModules = [ "virtio_net" ];
|
||||
|
||||
loader = {
|
||||
# Increase Timeout to Allow LISH Connection
|
||||
# NOTE: The image generator tries to set a timeout of 0, so we must force
|
||||
timeout = lib.mkForce 10;
|
||||
|
||||
grub = {
|
||||
enable = true;
|
||||
version = 2;
|
||||
forceInstall = true;
|
||||
device = "nodev";
|
||||
|
||||
# Allow serial connection for GRUB to be able to use LISH
|
||||
extraConfig = ''
|
||||
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
|
||||
terminal_input serial;
|
||||
terminal_output serial
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
66
third_party/nixpkgs/nixos/modules/virtualisation/linode-image.nix
vendored
Normal file
66
third_party/nixpkgs/nixos/modules/virtualisation/linode-image.nix
vendored
Normal file
|
@ -0,0 +1,66 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.virtualisation.linodeImage;
|
||||
defaultConfigFile = pkgs.writeText "configuration.nix" ''
|
||||
_: {
|
||||
imports = [
|
||||
<nixpkgs/nixos/modules/virtualisation/linode-image.nix>
|
||||
];
|
||||
}
|
||||
'';
|
||||
in
|
||||
{
|
||||
imports = [ ./linode-config.nix ];
|
||||
|
||||
options = {
|
||||
virtualisation.linodeImage.diskSize = mkOption {
|
||||
type = with types; either (enum (singleton "auto")) ints.positive;
|
||||
default = "auto";
|
||||
example = 1536;
|
||||
description = ''
|
||||
Size of disk image in MB.
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.linodeImage.configFile = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
description = ''
|
||||
A path to a configuration file which will be placed at `/etc/nixos/configuration.nix`
|
||||
and be used when switching to a new configuration.
|
||||
If set to `null`, a default configuration is used, where the only import is
|
||||
`<nixpkgs/nixos/modules/virtualisation/linode-image.nix>`
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.linodeImage.compressionLevel = mkOption {
|
||||
type = types.ints.between 1 9;
|
||||
default = 6;
|
||||
description = ''
|
||||
GZIP compression level of the resulting disk image (1-9).
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
system.build.linodeImage = import ../../lib/make-disk-image.nix {
|
||||
name = "linode-image";
|
||||
# NOTE: Linode specifically requires images to be `gzip`-ed prior to upload
|
||||
# See: https://www.linode.com/docs/products/tools/images/guides/upload-an-image/#requirements-and-considerations
|
||||
postVM = ''
|
||||
${pkgs.gzip}/bin/gzip -${toString cfg.compressionLevel} -c -- $diskImage > \
|
||||
$out/nixos-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.img.gz
|
||||
rm $diskImage
|
||||
'';
|
||||
format = "raw";
|
||||
partitionTableType = "none";
|
||||
configFile = if cfg.configFile == null then defaultConfigFile else cfg.configFile;
|
||||
inherit (cfg) diskSize;
|
||||
inherit config lib pkgs;
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ houstdav000 ];
|
||||
}
|
2
third_party/nixpkgs/nixos/release-small.nix
vendored
2
third_party/nixpkgs/nixos/release-small.nix
vendored
|
@ -69,7 +69,7 @@ in rec {
|
|||
imagemagick
|
||||
jdk
|
||||
linux
|
||||
mysql
|
||||
mariadb
|
||||
nginx
|
||||
nodejs
|
||||
openssh
|
||||
|
|
8
third_party/nixpkgs/nixos/release.nix
vendored
8
third_party/nixpkgs/nixos/release.nix
vendored
|
@ -22,8 +22,8 @@ let
|
|||
import ./tests/all-tests.nix {
|
||||
inherit system;
|
||||
pkgs = import ./.. { inherit system; };
|
||||
callTest = t: {
|
||||
${system} = hydraJob t.test;
|
||||
callTest = config: {
|
||||
${system} = hydraJob config.test;
|
||||
};
|
||||
} // {
|
||||
# for typechecking of the scripts and evaluation of
|
||||
|
@ -32,8 +32,8 @@ let
|
|||
import ./tests/all-tests.nix {
|
||||
inherit system;
|
||||
pkgs = import ./.. { inherit system; };
|
||||
callTest = t: {
|
||||
${system} = hydraJob t.test.driver;
|
||||
callTest = config: {
|
||||
${system} = hydraJob config.driver;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
8
third_party/nixpkgs/nixos/tests/3proxy.nix
vendored
8
third_party/nixpkgs/nixos/tests/3proxy.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
{ lib, pkgs, ... }: {
|
||||
name = "3proxy";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
meta = with lib.maintainers; {
|
||||
maintainers = [ misuzu ];
|
||||
};
|
||||
|
||||
|
@ -92,7 +92,7 @@ import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
networking.firewall.allowedTCPPorts = [ 3128 9999 ];
|
||||
};
|
||||
|
||||
peer3 = { lib, ... }: {
|
||||
peer3 = { lib, pkgs, ... }: {
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eth1 = {
|
||||
ipv4.addresses = [
|
||||
|
@ -186,4 +186,4 @@ import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
"${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://127.0.0.1:9999"
|
||||
)
|
||||
'';
|
||||
})
|
||||
}
|
||||
|
|
14
third_party/nixpkgs/nixos/tests/acme.nix
vendored
14
third_party/nixpkgs/nixos/tests/acme.nix
vendored
|
@ -1,7 +1,7 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }: let
|
||||
{ pkgs, lib, ... }: let
|
||||
commonConfig = ./common/acme/client;
|
||||
|
||||
dnsServerIP = nodes: nodes.dnsserver.config.networking.primaryIPAddress;
|
||||
dnsServerIP = nodes: nodes.dnsserver.networking.primaryIPAddress;
|
||||
|
||||
dnsScript = nodes: let
|
||||
dnsAddress = dnsServerIP nodes;
|
||||
|
@ -153,7 +153,7 @@ in {
|
|||
description = "Pebble ACME challenge test server";
|
||||
wantedBy = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.config.networking.primaryIPAddress}'";
|
||||
ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.networking.primaryIPAddress}'";
|
||||
# Required to bind on privileged ports.
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
};
|
||||
|
@ -175,7 +175,7 @@ in {
|
|||
specialisation = {
|
||||
# First derivation used to test general ACME features
|
||||
general.configuration = { ... }: let
|
||||
caDomain = nodes.acme.config.test-support.acme.caDomain;
|
||||
caDomain = nodes.acme.test-support.acme.caDomain;
|
||||
email = config.security.acme.defaults.email;
|
||||
# Exit 99 to make it easier to track if this is the reason a renew failed
|
||||
accountCreateTester = ''
|
||||
|
@ -316,7 +316,7 @@ in {
|
|||
|
||||
testScript = { nodes, ... }:
|
||||
let
|
||||
caDomain = nodes.acme.config.test-support.acme.caDomain;
|
||||
caDomain = nodes.acme.test-support.acme.caDomain;
|
||||
newServerSystem = nodes.webserver.config.system.build.toplevel;
|
||||
switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test";
|
||||
in
|
||||
|
@ -438,7 +438,7 @@ in {
|
|||
client.wait_for_unit("default.target")
|
||||
|
||||
client.succeed(
|
||||
'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.config.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a'
|
||||
'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a'
|
||||
)
|
||||
|
||||
acme.wait_for_unit("network-online.target")
|
||||
|
@ -594,4 +594,4 @@ in {
|
|||
wait_for_server()
|
||||
check_connection_key_bits(client, test_domain, "384")
|
||||
'';
|
||||
})
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import ./make-test-python.nix {
|
||||
{
|
||||
name = "adguardhome";
|
||||
|
||||
nodes = {
|
||||
|
|
4
third_party/nixpkgs/nixos/tests/aesmd.nix
vendored
4
third_party/nixpkgs/nixos/tests/aesmd.nix
vendored
|
@ -1,4 +1,4 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
{ pkgs, lib, ... }: {
|
||||
name = "aesmd";
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ veehaitch ];
|
||||
|
@ -59,4 +59,4 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
|||
|
||||
assert aesmd_config == "whitelist url = http://nixos.org\nproxy type = direct\ndefault quoting type = ecdsa_256\n", "aesmd.conf differs"
|
||||
'';
|
||||
})
|
||||
}
|
||||
|
|
65
third_party/nixpkgs/nixos/tests/all-tests.nix
vendored
65
third_party/nixpkgs/nixos/tests/all-tests.nix
vendored
|
@ -1,4 +1,11 @@
|
|||
{ system, pkgs, callTest }:
|
||||
{ system,
|
||||
pkgs,
|
||||
|
||||
# Projects the test configuration into a the desired value; usually
|
||||
# the test runner: `config: config.test`.
|
||||
callTest,
|
||||
|
||||
}:
|
||||
# The return value of this function will be an attrset with arbitrary depth and
|
||||
# the `anything` returned by callTest at its test leafs.
|
||||
# The tests not supported by `system` will be replaced with `{}`, so that
|
||||
|
@ -11,9 +18,18 @@ with pkgs.lib;
|
|||
|
||||
let
|
||||
discoverTests = val:
|
||||
if !isAttrs val then val
|
||||
else if hasAttr "test" val then callTest val
|
||||
else mapAttrs (n: s: discoverTests s) val;
|
||||
if isAttrs val
|
||||
then
|
||||
if hasAttr "test" val then callTest val
|
||||
else mapAttrs (n: s: discoverTests s) val
|
||||
else if isFunction val
|
||||
then
|
||||
# Tests based on make-test-python.nix will return the second lambda
|
||||
# in that file, which are then forwarded to the test definition
|
||||
# following the `import make-test-python.nix` expression
|
||||
# (if it is a function).
|
||||
discoverTests (val { inherit system pkgs; })
|
||||
else val;
|
||||
handleTest = path: args:
|
||||
discoverTests (import path ({ inherit system pkgs; } // args));
|
||||
handleTestOn = systems: path: args:
|
||||
|
@ -27,12 +43,34 @@ let
|
|||
};
|
||||
evalMinimalConfig = module: nixosLib.evalModules { modules = [ module ]; };
|
||||
|
||||
inherit
|
||||
(rec {
|
||||
doRunTest = arg: ((import ../lib/testing-python.nix { inherit system pkgs; }).evalTest {
|
||||
imports = [ arg ];
|
||||
}).config.result;
|
||||
findTests = tree:
|
||||
if tree?recurseForDerivations && tree.recurseForDerivations
|
||||
then
|
||||
mapAttrs
|
||||
(k: findTests)
|
||||
(builtins.removeAttrs tree ["recurseForDerivations"])
|
||||
else callTest tree;
|
||||
|
||||
runTest = arg: let r = doRunTest arg; in findTests r;
|
||||
runTestOn = systems: arg:
|
||||
if elem system systems then runTest arg
|
||||
else {};
|
||||
})
|
||||
runTest
|
||||
runTestOn
|
||||
;
|
||||
|
||||
in {
|
||||
_3proxy = handleTest ./3proxy.nix {};
|
||||
acme = handleTest ./acme.nix {};
|
||||
adguardhome = handleTest ./adguardhome.nix {};
|
||||
aesmd = handleTest ./aesmd.nix {};
|
||||
agate = handleTest ./web-servers/agate.nix {};
|
||||
_3proxy = runTest ./3proxy.nix;
|
||||
acme = runTest ./acme.nix;
|
||||
adguardhome = runTest ./adguardhome.nix;
|
||||
aesmd = runTest ./aesmd.nix;
|
||||
agate = runTest ./web-servers/agate.nix;
|
||||
agda = handleTest ./agda.nix {};
|
||||
airsonic = handleTest ./airsonic.nix {};
|
||||
allTerminfo = handleTest ./all-terminfo.nix {};
|
||||
|
@ -86,7 +124,7 @@ in {
|
|||
cjdns = handleTest ./cjdns.nix {};
|
||||
clickhouse = handleTest ./clickhouse.nix {};
|
||||
cloud-init = handleTest ./cloud-init.nix {};
|
||||
cntr = handleTest ./cntr.nix {};
|
||||
cntr = handleTestOn ["aarch64-linux" "x86_64-linux"] ./cntr.nix {};
|
||||
cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {};
|
||||
collectd = handleTest ./collectd.nix {};
|
||||
consul = handleTest ./consul.nix {};
|
||||
|
@ -160,7 +198,6 @@ in {
|
|||
ferm = handleTest ./ferm.nix {};
|
||||
firefox = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox; };
|
||||
firefox-esr = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr; }; # used in `tested` job
|
||||
firefox-esr-91 = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr-91; };
|
||||
firefox-esr-102 = handleTest ./firefox.nix { firefoxPackage = pkgs.firefox-esr-102; };
|
||||
firejail = handleTest ./firejail.nix {};
|
||||
firewall = handleTest ./firewall.nix {};
|
||||
|
@ -170,6 +207,7 @@ in {
|
|||
fluidd = handleTest ./fluidd.nix {};
|
||||
fontconfig-default-fonts = handleTest ./fontconfig-default-fonts.nix {};
|
||||
freeswitch = handleTest ./freeswitch.nix {};
|
||||
freshrss = handleTest ./freshrss.nix {};
|
||||
frr = handleTest ./frr.nix {};
|
||||
fsck = handleTest ./fsck.nix {};
|
||||
ft2-clone = handleTest ./ft2-clone.nix {};
|
||||
|
@ -277,6 +315,7 @@ in {
|
|||
komga = handleTest ./komga.nix {};
|
||||
krb5 = discoverTests (import ./krb5 {});
|
||||
ksm = handleTest ./ksm.nix {};
|
||||
kthxbye = handleTest ./kthxbye.nix {};
|
||||
kubernetes = handleTestOn ["x86_64-linux"] ./kubernetes {};
|
||||
languagetool = handleTest ./languagetool.nix {};
|
||||
latestKernel.login = handleTest ./login.nix { latestKernel = true; };
|
||||
|
@ -568,6 +607,7 @@ in {
|
|||
systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {};
|
||||
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
|
||||
systemd-nspawn = handleTest ./systemd-nspawn.nix {};
|
||||
systemd-oomd = handleTest ./systemd-oomd.nix {};
|
||||
systemd-shutdown = handleTest ./systemd-shutdown.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
systemd-misc = handleTest ./systemd-misc.nix {};
|
||||
|
@ -609,6 +649,9 @@ in {
|
|||
user-home-mode = handleTest ./user-home-mode.nix {};
|
||||
uwsgi = handleTest ./uwsgi.nix {};
|
||||
v2ray = handleTest ./v2ray.nix {};
|
||||
varnish60 = handleTest ./varnish.nix { package = pkgs.varnish60; };
|
||||
varnish71 = handleTest ./varnish.nix { package = pkgs.varnish71; };
|
||||
varnish72 = handleTest ./varnish.nix { package = pkgs.varnish72; };
|
||||
vault = handleTest ./vault.nix {};
|
||||
vault-dev = handleTest ./vault-dev.nix {};
|
||||
vault-postgresql = handleTest ./vault-postgresql.nix {};
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, nodes, pkgs, ... }:
|
||||
let
|
||||
caCert = nodes.acme.config.test-support.acme.caCert;
|
||||
caDomain = nodes.acme.config.test-support.acme.caDomain;
|
||||
caCert = nodes.acme.test-support.acme.caCert;
|
||||
caDomain = nodes.acme.test-support.acme.caDomain;
|
||||
|
||||
in {
|
||||
security.acme = {
|
||||
|
|
|
@ -18,10 +18,10 @@
|
|||
#
|
||||
# example = { nodes, ... }: {
|
||||
# networking.nameservers = [
|
||||
# nodes.acme.config.networking.primaryIPAddress
|
||||
# nodes.acme.networking.primaryIPAddress
|
||||
# ];
|
||||
# security.pki.certificateFiles = [
|
||||
# nodes.acme.config.test-support.acme.caCert
|
||||
# nodes.acme.test-support.acme.caCert
|
||||
# ];
|
||||
# };
|
||||
# }
|
||||
|
@ -36,7 +36,7 @@
|
|||
# acme = { nodes, lib, ... }: {
|
||||
# imports = [ ./common/acme/server ];
|
||||
# networking.nameservers = lib.mkForce [
|
||||
# nodes.myresolver.config.networking.primaryIPAddress
|
||||
# nodes.myresolver.networking.primaryIPAddress
|
||||
# ];
|
||||
# };
|
||||
#
|
||||
|
|
1
third_party/nixpkgs/nixos/tests/corerad.nix
vendored
1
third_party/nixpkgs/nixos/tests/corerad.nix
vendored
|
@ -1,5 +1,6 @@
|
|||
import ./make-test-python.nix (
|
||||
{
|
||||
name = "corerad";
|
||||
nodes = {
|
||||
router = {config, pkgs, ...}: {
|
||||
config = {
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/cri-o.nix
vendored
2
third_party/nixpkgs/nixos/tests/cri-o.nix
vendored
|
@ -1,7 +1,7 @@
|
|||
# This test runs CRI-O and verifies via critest
|
||||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "cri-o";
|
||||
meta.maintainers = with pkgs.lib.maintainers; teams.podman.members;
|
||||
meta.maintainers = with pkgs.lib; teams.podman.members;
|
||||
|
||||
nodes = {
|
||||
crio = {
|
||||
|
|
1
third_party/nixpkgs/nixos/tests/docker.nix
vendored
1
third_party/nixpkgs/nixos/tests/docker.nix
vendored
|
@ -11,6 +11,7 @@ import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
virtualisation.docker.enable = true;
|
||||
virtualisation.docker.autoPrune.enable = true;
|
||||
virtualisation.docker.package = pkgs.docker;
|
||||
|
||||
users.users = {
|
||||
|
|
19
third_party/nixpkgs/nixos/tests/freshrss.nix
vendored
Normal file
19
third_party/nixpkgs/nixos/tests/freshrss.nix
vendored
Normal file
|
@ -0,0 +1,19 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }: {
|
||||
name = "freshrss";
|
||||
meta.maintainers = with lib.maintainers; [ etu stunkymonkey ];
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
services.freshrss = {
|
||||
enable = true;
|
||||
baseUrl = "http://localhost";
|
||||
passwordFile = pkgs.writeText "password" "secret";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.wait_for_open_port(80)
|
||||
response = machine.succeed("curl -vvv -s -H 'Host: freshrss' http://127.0.0.1:80/i/")
|
||||
assert '<title>Login · FreshRSS</title>' in response, "Login page didn't load successfully"
|
||||
'';
|
||||
})
|
|
@ -1,4 +1,5 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "ghostunnel";
|
||||
nodes = {
|
||||
backend = { pkgs, ... }: {
|
||||
services.nginx.enable = true;
|
||||
|
|
|
@ -40,7 +40,7 @@ let
|
|||
name = tested.name;
|
||||
|
||||
meta = {
|
||||
maintainers = tested.meta.maintainers;
|
||||
maintainers = tested.meta.maintainers or [];
|
||||
};
|
||||
|
||||
nodes.machine = { ... }: {
|
||||
|
|
10
third_party/nixpkgs/nixos/tests/installer.nix
vendored
10
third_party/nixpkgs/nixos/tests/installer.nix
vendored
|
@ -324,6 +324,9 @@ let
|
|||
desktop-file-utils
|
||||
docbook5
|
||||
docbook_xsl_ns
|
||||
(docbook-xsl-ns.override {
|
||||
withManOptDedupPatch = true;
|
||||
})
|
||||
kmod.dev
|
||||
libarchive.dev
|
||||
libxml2.bin
|
||||
|
@ -333,6 +336,13 @@ let
|
|||
perlPackages.ListCompare
|
||||
perlPackages.XMLLibXML
|
||||
python3Minimal
|
||||
# make-options-doc/default.nix
|
||||
(let
|
||||
self = (pkgs.python3Minimal.override {
|
||||
inherit self;
|
||||
includeSiteCustomize = true;
|
||||
});
|
||||
in self.withPackages (p: [ p.mistune ]))
|
||||
shared-mime-info
|
||||
sudo
|
||||
texinfo
|
||||
|
|
110
third_party/nixpkgs/nixos/tests/kthxbye.nix
vendored
Normal file
110
third_party/nixpkgs/nixos/tests/kthxbye.nix
vendored
Normal file
|
@ -0,0 +1,110 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }:
|
||||
{
|
||||
name = "kthxbye";
|
||||
|
||||
meta = with lib.maintainers; {
|
||||
maintainers = [ nukaduka ];
|
||||
};
|
||||
|
||||
nodes.server = { ... }: {
|
||||
environment.systemPackages = with pkgs; [ prometheus-alertmanager ];
|
||||
services.prometheus = {
|
||||
enable = true;
|
||||
|
||||
globalConfig = {
|
||||
scrape_interval = "5s";
|
||||
scrape_timeout = "5s";
|
||||
evaluation_interval = "5s";
|
||||
};
|
||||
|
||||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "prometheus";
|
||||
scrape_interval = "5s";
|
||||
static_configs = [
|
||||
{
|
||||
targets = [ "localhost:9090" ];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
rules = [
|
||||
''
|
||||
groups:
|
||||
- name: test
|
||||
rules:
|
||||
- alert: node_up
|
||||
expr: up != 0
|
||||
for: 5s
|
||||
labels:
|
||||
severity: bottom of the barrel
|
||||
annotations:
|
||||
summary: node is fine
|
||||
''
|
||||
];
|
||||
|
||||
alertmanagers = [
|
||||
{
|
||||
static_configs = [
|
||||
{
|
||||
targets = [
|
||||
"localhost:9093"
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
alertmanager = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
configuration.route = {
|
||||
receiver = "test";
|
||||
group_wait = "5s";
|
||||
group_interval = "5s";
|
||||
group_by = [ "..." ];
|
||||
};
|
||||
configuration.receivers = [
|
||||
{
|
||||
name = "test";
|
||||
webhook_configs = [
|
||||
{
|
||||
url = "http://localhost:1234";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.kthxbye = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
extendIfExpiringIn = "30s";
|
||||
logJSON = true;
|
||||
maxDuration = "15m";
|
||||
interval = "5s";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
with subtest("start the server"):
|
||||
start_all()
|
||||
server.wait_for_unit("prometheus.service")
|
||||
server.wait_for_unit("alertmanager.service")
|
||||
server.wait_for_unit("kthxbye.service")
|
||||
|
||||
server.sleep(2) # wait for units to settle
|
||||
server.systemctl("restart kthxbye.service") # make sure kthxbye comes up after alertmanager
|
||||
server.sleep(2)
|
||||
|
||||
with subtest("set up test silence which expires in 20s"):
|
||||
server.succeed('amtool --alertmanager.url "http://localhost:9093" silence add alertname="node_up" -a "nixosTest" -d "20s" -c "ACK! this server is fine!!"')
|
||||
|
||||
with subtest("wait for 21 seconds and check if the silence is still active"):
|
||||
server.sleep(21)
|
||||
server.systemctl("status kthxbye.service")
|
||||
server.succeed("amtool --alertmanager.url 'http://localhost:9093' silence | grep 'ACK'")
|
||||
'';
|
||||
})
|
|
@ -1,4 +1,6 @@
|
|||
import ../make-test-python.nix {
|
||||
name = "lorri";
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
imports = [ ../../modules/profiles/minimal.nix ];
|
||||
environment.systemPackages = [ pkgs.lorri ];
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/matomo.nix
vendored
2
third_party/nixpkgs/nixos/tests/matomo.nix
vendored
|
@ -7,6 +7,8 @@ with pkgs.lib;
|
|||
let
|
||||
matomoTest = package:
|
||||
makeTest {
|
||||
name = "matomo";
|
||||
|
||||
nodes.machine = { config, pkgs, ... }: {
|
||||
services.matomo = {
|
||||
package = package;
|
||||
|
|
|
@ -3,6 +3,8 @@ import ../make-test-python.nix ({ pkgs, ... }:
|
|||
name = "conduit";
|
||||
in
|
||||
{
|
||||
name = "matrix-conduit";
|
||||
|
||||
nodes = {
|
||||
conduit = args: {
|
||||
services.matrix-conduit = {
|
||||
|
|
|
@ -19,6 +19,7 @@ let
|
|||
});
|
||||
|
||||
testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({
|
||||
name = "nixops-legacy-network";
|
||||
nodes = {
|
||||
deployer = { config, lib, nodes, pkgs, ... }: {
|
||||
imports = [ ../../modules/installer/cd-dvd/channel.nix ];
|
||||
|
|
|
@ -2,6 +2,7 @@ let
|
|||
name = "pam";
|
||||
in
|
||||
import ../make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "pam-file-contents";
|
||||
|
||||
nodes.machine = { ... }: {
|
||||
imports = [ ../../modules/profiles/minimal.nix ];
|
||||
|
|
19
third_party/nixpkgs/nixos/tests/pgadmin4.nix
vendored
19
third_party/nixpkgs/nixos/tests/pgadmin4.nix
vendored
|
@ -106,15 +106,15 @@ import ./make-test-python.nix ({ pkgs, lib, buildDeps ? [ ], pythonEnv ? [ ], ..
|
|||
&& sed -i 's|driver_local.maximize_window()||' web/regression/runtests.py"
|
||||
)
|
||||
|
||||
# don't bother to test LDAP authentification
|
||||
# exclude resql test due to recent postgres 14.4 update
|
||||
# see bugreport here https://redmine.postgresql.org/issues/7527
|
||||
# Don't bother to test LDAP or kerberos authentification
|
||||
# For now deactivate change_password API test. Current bug report at https://redmine.postgresql.org/issues/7648
|
||||
# Password change works from the UI, if email SMTP is configured.
|
||||
with subtest("run browser test"):
|
||||
machine.succeed(
|
||||
'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
|
||||
&& python regression/runtests.py \
|
||||
--pkg browser \
|
||||
--exclude browser.tests.test_ldap_login.LDAPLoginTestCase,browser.tests.test_ldap_login,resql'
|
||||
--exclude browser.tests.test_ldap_login.LDAPLoginTestCase,browser.tests.test_ldap_login,browser.tests.test_kerberos_with_mocking,browser.tests.test_change_password'
|
||||
)
|
||||
|
||||
# fontconfig is necessary for chromium to run
|
||||
|
@ -126,11 +126,10 @@ import ./make-test-python.nix ({ pkgs, lib, buildDeps ? [ ], pythonEnv ? [ ], ..
|
|||
&& python regression/runtests.py --pkg feature_tests'
|
||||
)
|
||||
|
||||
# reactivate this test again, when the postgres 14.4 test has been fixed
|
||||
# with subtest("run resql test"):
|
||||
# machine.succeed(
|
||||
# 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
|
||||
# && python regression/runtests.py --pkg resql'
|
||||
# )
|
||||
with subtest("run resql test"):
|
||||
machine.succeed(
|
||||
'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
|
||||
&& python regression/runtests.py --pkg resql'
|
||||
)
|
||||
'';
|
||||
})
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/pppd.nix
vendored
2
third_party/nixpkgs/nixos/tests/pppd.nix
vendored
|
@ -5,6 +5,8 @@ import ./make-test-python.nix (
|
|||
mode = "0640";
|
||||
};
|
||||
in {
|
||||
name = "pppd";
|
||||
|
||||
nodes = {
|
||||
server = {config, pkgs, ...}: {
|
||||
config = {
|
||||
|
|
36
third_party/nixpkgs/nixos/tests/rabbitmq.nix
vendored
36
third_party/nixpkgs/nixos/tests/rabbitmq.nix
vendored
|
@ -1,6 +1,12 @@
|
|||
# This test runs rabbitmq and checks if rabbitmq is up and running.
|
||||
|
||||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
import ./make-test-python.nix ({ pkgs, ... }:
|
||||
let
|
||||
# in real life, you would keep this out of your repo and deploy it to a safe
|
||||
# location using safe means.
|
||||
configKeyPath = pkgs.writeText "fake-config-key" "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01";
|
||||
in
|
||||
{
|
||||
name = "rabbitmq";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ eelco offline ];
|
||||
|
@ -10,6 +16,29 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
services.rabbitmq = {
|
||||
enable = true;
|
||||
managementPlugin.enable = true;
|
||||
|
||||
# To encrypt:
|
||||
# rabbitmqctl --quiet encode --cipher blowfish_cfb64 --hash sha256 \
|
||||
# --iterations 10000 '<<"dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw">>' \
|
||||
# "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01" ;
|
||||
config = ''
|
||||
[ { rabbit
|
||||
, [ {default_user, <<"alice">>}
|
||||
, { default_pass
|
||||
, {encrypted,<<"oKKxyTze9PYmsEfl6FG1MxIUhxY7WPQL7HBoMPRC/1ZOdOZbtr9+DxjWW3e1D5SL48n3D9QOsGD0cOgYG7Qdvb7Txrepw8w=">>}
|
||||
}
|
||||
, {config_entry_decoder
|
||||
, [ {passphrase, {file, <<"${configKeyPath}">>}}
|
||||
, {cipher, blowfish_cfb64}
|
||||
, {hash, sha256}
|
||||
, {iterations, 10000}
|
||||
]
|
||||
}
|
||||
% , {rabbitmq_management, [{path_prefix, "/_queues"}]}
|
||||
]
|
||||
}
|
||||
].
|
||||
'';
|
||||
};
|
||||
# Ensure there is sufficient extra disk space for rabbitmq to be happy
|
||||
virtualisation.diskSize = 1024;
|
||||
|
@ -23,5 +52,10 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"'
|
||||
)
|
||||
machine.wait_for_open_port(15672)
|
||||
|
||||
# The password is the plaintext that was encrypted with rabbitmqctl encode above.
|
||||
machine.wait_until_succeeds(
|
||||
'${pkgs.rabbitmq-java-client}/bin/PerfTest --time 10 --uri amqp://alice:dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw@localhost'
|
||||
)
|
||||
'';
|
||||
})
|
||||
|
|
37
third_party/nixpkgs/nixos/tests/systemd-oomd.nix
vendored
Normal file
37
third_party/nixpkgs/nixos/tests/systemd-oomd.nix
vendored
Normal file
|
@ -0,0 +1,37 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }:
|
||||
|
||||
{
|
||||
name = "systemd-oomd";
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = "1s"; # makes the test faster
|
||||
# Kill cgroups when more than 1% pressure is encountered
|
||||
systemd.slices."-".sliceConfig = {
|
||||
ManagedOOMMemoryPressure = "kill";
|
||||
ManagedOOMMemoryPressureLimit = "1%";
|
||||
};
|
||||
# A service to bring the system under memory pressure
|
||||
systemd.services.testservice = {
|
||||
serviceConfig.ExecStart = "${pkgs.coreutils}/bin/tail /dev/zero";
|
||||
};
|
||||
# Do not kill the backdoor
|
||||
systemd.services.backdoor.serviceConfig.ManagedOOMMemoryPressure = "auto";
|
||||
|
||||
virtualisation.memorySize = 1024;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
# Start the system
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("oomctl")
|
||||
|
||||
# Bring the system into memory pressure
|
||||
machine.succeed("echo 0 > /proc/sys/vm/panic_on_oom") # NixOS tests kill the VM when the OOM killer is invoked - override this
|
||||
machine.succeed("systemctl start testservice")
|
||||
|
||||
# Wait for oomd to kill something
|
||||
# Matches these lines:
|
||||
# systemd-oomd[508]: Killed /system.slice/systemd-udevd.service due to memory pressure for / being 3.26% > 1.00% for > 1s with reclaim activity
|
||||
machine.wait_until_succeeds("journalctl -b | grep -q 'due to memory pressure for'")
|
||||
'';
|
||||
})
|
|
@ -1,4 +1,6 @@
|
|||
import ./make-test-python.nix {
|
||||
name = "thelounge";
|
||||
|
||||
nodes = {
|
||||
private = { config, pkgs, ... }: {
|
||||
services.thelounge = {
|
||||
|
|
12
third_party/nixpkgs/nixos/tests/v2ray.nix
vendored
12
third_party/nixpkgs/nixos/tests/v2ray.nix
vendored
|
@ -20,7 +20,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let
|
|||
port = 1081;
|
||||
listen = "127.0.0.1";
|
||||
protocol = "vmess";
|
||||
settings.clients = [v2rayUser];
|
||||
settings.clients = [ v2rayUser ];
|
||||
}
|
||||
];
|
||||
outbounds = [
|
||||
|
@ -30,7 +30,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let
|
|||
settings.vnext = [{
|
||||
address = "127.0.0.1";
|
||||
port = 1081;
|
||||
users = [v2rayUser];
|
||||
users = [ v2rayUser ];
|
||||
}];
|
||||
}
|
||||
{
|
||||
|
@ -49,6 +49,14 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let
|
|||
inboundTag = "vmess_in";
|
||||
outboundTag = "direct";
|
||||
}
|
||||
|
||||
# Assert assets "geoip" and "geosite" are accessible.
|
||||
{
|
||||
type = "field";
|
||||
ip = [ "geoip:private" ];
|
||||
domain = [ "geosite:category-ads" ];
|
||||
outboundTag = "direct";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue