aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/nixos/tests
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/tests')
-rw-r--r--nixpkgs/nixos/tests/all-tests.nix9
-rw-r--r--nixpkgs/nixos/tests/bazarr.nix26
-rw-r--r--nixpkgs/nixos/tests/dnscrypt-wrapper/default.nix71
-rw-r--r--nixpkgs/nixos/tests/dnscrypt-wrapper/public.key1
-rw-r--r--nixpkgs/nixos/tests/dnscrypt-wrapper/secret.key1
-rw-r--r--nixpkgs/nixos/tests/engelsystem.nix41
-rw-r--r--nixpkgs/nixos/tests/enlightenment.nix16
-rw-r--r--nixpkgs/nixos/tests/ergo.nix18
-rw-r--r--nixpkgs/nixos/tests/haproxy.nix8
-rw-r--r--nixpkgs/nixos/tests/home-assistant.nix2
-rw-r--r--nixpkgs/nixos/tests/hostname.nix66
-rw-r--r--nixpkgs/nixos/tests/nextcloud/basic.nix18
-rw-r--r--nixpkgs/nixos/tests/podman.nix30
-rw-r--r--nixpkgs/nixos/tests/sogo.nix58
-rw-r--r--nixpkgs/nixos/tests/web-servers/unit-php.nix14
-rw-r--r--nixpkgs/nixos/tests/wireguard/basic.nix74
-rw-r--r--nixpkgs/nixos/tests/wireguard/default.nix96
-rw-r--r--nixpkgs/nixos/tests/wireguard/generated.nix5
-rw-r--r--nixpkgs/nixos/tests/wireguard/namespaces.nix8
-rw-r--r--nixpkgs/nixos/tests/wireguard/wg-quick.nix4
-rw-r--r--nixpkgs/nixos/tests/yggdrasil.nix1
21 files changed, 474 insertions, 93 deletions
diff --git a/nixpkgs/nixos/tests/all-tests.nix b/nixpkgs/nixos/tests/all-tests.nix
index 0acded892c7..796c626f3dd 100644
--- a/nixpkgs/nixos/tests/all-tests.nix
+++ b/nixpkgs/nixos/tests/all-tests.nix
@@ -27,6 +27,7 @@ in
atd = handleTest ./atd.nix {};
avahi = handleTest ./avahi.nix {};
babeld = handleTest ./babeld.nix {};
+ bazarr = handleTest ./bazarr.nix {};
bcachefs = handleTestOn ["x86_64-linux"] ./bcachefs.nix {}; # linux-4.18.2018.10.12 is unsupported on aarch64
beanstalkd = handleTest ./beanstalkd.nix {};
bees = handleTest ./bees.nix {};
@@ -69,6 +70,7 @@ in
deluge = handleTest ./deluge.nix {};
dhparams = handleTest ./dhparams.nix {};
dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {};
+ dnscrypt-wrapper = handleTestOn ["x86_64-linux"] ./dnscrypt-wrapper {};
doas = handleTest ./doas.nix {};
docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
@@ -86,8 +88,10 @@ in
ecryptfs = handleTest ./ecryptfs.nix {};
ejabberd = handleTest ./xmpp/ejabberd.nix {};
elk = handleTestOn ["x86_64-linux"] ./elk.nix {};
+ engelsystem = handleTest ./engelsystem.nix {};
enlightenment = handleTest ./enlightenment.nix {};
env = handleTest ./env.nix {};
+ ergo = handleTest ./ergo.nix {};
etcd = handleTestOn ["x86_64-linux"] ./etcd.nix {};
etcd-cluster = handleTestOn ["x86_64-linux"] ./etcd-cluster.nix {};
fancontrol = handleTest ./fancontrol.nix {};
@@ -132,6 +136,7 @@ in
hitch = handleTest ./hitch {};
hocker-fetchdocker = handleTest ./hocker-fetchdocker {};
home-assistant = handleTest ./home-assistant.nix {};
+ hostname = handleTest ./hostname.nix {};
hound = handleTest ./hound.nix {};
hydra = handleTest ./hydra {};
hydra-db-migration = handleTest ./hydra/db-migration.nix {};
@@ -292,6 +297,7 @@ in
slurm = handleTest ./slurm.nix {};
smokeping = handleTest ./smokeping.nix {};
snapper = handleTest ./snapper.nix {};
+ sogo = handleTest ./sogo.nix {};
solr = handleTest ./solr.nix {};
spacecookie = handleTest ./spacecookie.nix {};
spike = handleTest ./spike.nix {};
@@ -335,10 +341,7 @@ in
vault = handleTest ./vault.nix {};
victoriametrics = handleTest ./victoriametrics.nix {};
virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {};
- wg-quick = handleTest ./wireguard/wg-quick.nix {};
wireguard = handleTest ./wireguard {};
- wireguard-generated = handleTest ./wireguard/generated.nix {};
- wireguard-namespaces = handleTest ./wireguard/namespaces.nix {};
wordpress = handleTest ./wordpress.nix {};
xandikos = handleTest ./xandikos.nix {};
xautolock = handleTest ./xautolock.nix {};
diff --git a/nixpkgs/nixos/tests/bazarr.nix b/nixpkgs/nixos/tests/bazarr.nix
new file mode 100644
index 00000000000..b8cd8ef38b4
--- /dev/null
+++ b/nixpkgs/nixos/tests/bazarr.nix
@@ -0,0 +1,26 @@
+import ./make-test-python.nix ({ lib, ... }:
+
+with lib;
+
+let
+ port = 42069;
+in
+{
+ name = "bazarr";
+ meta.maintainers = with maintainers; [ xwvvvvwx ];
+
+ nodes.machine =
+ { pkgs, ... }:
+ {
+ services.bazarr = {
+ enable = true;
+ listenPort = port;
+ };
+ };
+
+ testScript = ''
+ machine.wait_for_unit("bazarr.service")
+ machine.wait_for_open_port("${toString port}")
+ machine.succeed("curl --fail http://localhost:${toString port}/")
+ '';
+})
diff --git a/nixpkgs/nixos/tests/dnscrypt-wrapper/default.nix b/nixpkgs/nixos/tests/dnscrypt-wrapper/default.nix
new file mode 100644
index 00000000000..1dc925f4de7
--- /dev/null
+++ b/nixpkgs/nixos/tests/dnscrypt-wrapper/default.nix
@@ -0,0 +1,71 @@
+import ../make-test-python.nix ({ pkgs, ... }: {
+ name = "dnscrypt-wrapper";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ rnhmjoj ];
+ };
+
+ nodes = {
+ server = { lib, ... }:
+ { services.dnscrypt-wrapper = with builtins;
+ { enable = true;
+ address = "192.168.1.1";
+ keys.expiration = 5; # days
+ keys.checkInterval = 2; # min
+ # The keypair was generated by the command:
+ # dnscrypt-wrapper --gen-provider-keypair \
+ # --provider-name=2.dnscrypt-cert.server \
+ # --ext-address=192.168.1.1:5353
+ providerKey.public = toFile "public.key" (readFile ./public.key);
+ providerKey.secret = toFile "secret.key" (readFile ./secret.key);
+ };
+ services.tinydns.enable = true;
+ services.tinydns.data = ''
+ ..:192.168.1.1:a
+ +it.works:1.2.3.4
+ '';
+ networking.firewall.allowedUDPPorts = [ 5353 ];
+ networking.firewall.allowedTCPPorts = [ 5353 ];
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce
+ [ { address = "192.168.1.1"; prefixLength = 24; } ];
+ };
+
+ client = { lib, ... }:
+ { services.dnscrypt-proxy2.enable = true;
+ services.dnscrypt-proxy2.settings = {
+ server_names = [ "server" ];
+ static.server.stamp = "sdns://AQAAAAAAAAAAEDE5Mi4xNjguMS4xOjUzNTMgFEHYOv0SCKSuqR5CDYa7-58cCBuXO2_5uTSVU9wNQF0WMi5kbnNjcnlwdC1jZXJ0LnNlcnZlcg";
+ };
+ networking.nameservers = [ "127.0.0.1" ];
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce
+ [ { address = "192.168.1.2"; prefixLength = 24; } ];
+ };
+
+ };
+
+ testScript = ''
+ start_all()
+
+ with subtest("The server can generate the ephemeral keypair"):
+ server.wait_for_unit("dnscrypt-wrapper")
+ server.wait_for_file("/var/lib/dnscrypt-wrapper/2.dnscrypt-cert.server.key")
+ server.wait_for_file("/var/lib/dnscrypt-wrapper/2.dnscrypt-cert.server.crt")
+
+ with subtest("The client can connect to the server"):
+ server.wait_for_unit("tinydns")
+ client.wait_for_unit("dnscrypt-proxy2")
+ assert "1.2.3.4" in client.succeed(
+ "host it.works"
+ ), "The IP address of 'it.works' does not match 1.2.3.4"
+
+ with subtest("The server rotates the ephemeral keys"):
+ # advance time by a little less than 5 days
+ server.succeed("date -s \"$(date --date '4 days 6 hours')\"")
+ client.succeed("date -s \"$(date --date '4 days 6 hours')\"")
+ server.wait_for_file("/var/lib/dnscrypt-wrapper/oldkeys")
+
+ with subtest("The client can still connect to the server"):
+ server.wait_for_unit("dnscrypt-wrapper")
+ client.succeed("host it.works")
+ '';
+})
+
diff --git a/nixpkgs/nixos/tests/dnscrypt-wrapper/public.key b/nixpkgs/nixos/tests/dnscrypt-wrapper/public.key
new file mode 100644
index 00000000000..80232b97f52
--- /dev/null
+++ b/nixpkgs/nixos/tests/dnscrypt-wrapper/public.key
@@ -0,0 +1 @@
+A:B ;o4S @] \ No newline at end of file
diff --git a/nixpkgs/nixos/tests/dnscrypt-wrapper/secret.key b/nixpkgs/nixos/tests/dnscrypt-wrapper/secret.key
new file mode 100644
index 00000000000..01fbf8e08b7
--- /dev/null
+++ b/nixpkgs/nixos/tests/dnscrypt-wrapper/secret.key
@@ -0,0 +1 @@
+G>Ʃ>(J=lA:B ;o4S @] \ No newline at end of file
diff --git a/nixpkgs/nixos/tests/engelsystem.nix b/nixpkgs/nixos/tests/engelsystem.nix
new file mode 100644
index 00000000000..39c10718093
--- /dev/null
+++ b/nixpkgs/nixos/tests/engelsystem.nix
@@ -0,0 +1,41 @@
+import ./make-test-python.nix (
+ { pkgs, lib, ... }:
+ {
+ name = "engelsystem";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ talyz ];
+ };
+
+ nodes.engelsystem =
+ { ... }:
+ {
+ services.engelsystem = {
+ enable = true;
+ domain = "engelsystem";
+ createDatabase = true;
+ };
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+ environment.systemPackages = with pkgs; [
+ xmlstarlet
+ libxml2
+ ];
+ };
+
+ testScript = ''
+ engelsystem.start()
+ engelsystem.wait_for_unit("phpfpm-engelsystem.service")
+ engelsystem.wait_until_succeeds("curl engelsystem/login -sS -f")
+ engelsystem.succeed(
+ "curl engelsystem/login -sS -f -c cookie | xmllint -html -xmlout - >login"
+ )
+ engelsystem.succeed(
+ "xml sel -T -t -m \"html/head/meta[@name='csrf-token']\" -v @content login >token"
+ )
+ engelsystem.succeed(
+ "curl engelsystem/login -sS -f -b cookie -F 'login=admin' -F 'password=asdfasdf' -F '_token=<token' -L | xmllint -html -xmlout - >news"
+ )
+ engelsystem.succeed(
+ "test 'News - Engelsystem' = \"$(xml sel -T -t -c html/head/title news)\""
+ )
+ '';
+ })
diff --git a/nixpkgs/nixos/tests/enlightenment.nix b/nixpkgs/nixos/tests/enlightenment.nix
index 5fa8d765dd1..0132b98b1cb 100644
--- a/nixpkgs/nixos/tests/enlightenment.nix
+++ b/nixpkgs/nixos/tests/enlightenment.nix
@@ -41,28 +41,24 @@ import ./make-test-python.nix ({ pkgs, ...} :
with subtest("First time wizard"):
machine.wait_for_text("Default") # Language
- machine.succeed("xdotool mousemove 512 185 click 1") # Default Language
machine.screenshot("wizard1")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
-
- machine.wait_for_text("English") # Keyboard (default)
machine.screenshot("wizard2")
- machine.succeed("xdotool mousemove 512 740 click 1") # Next
- machine.wait_for_text("Standard") # Profile (default)
+ machine.wait_for_text("English") # Keyboard (default)
machine.screenshot("wizard3")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
- machine.wait_for_text("Title") # Sizing (default)
+ machine.wait_for_text("Standard") # Profile (default)
machine.screenshot("wizard4")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
- machine.wait_for_text("clicked") # Windows Phocus
- machine.succeed("xdotool mousemove 512 370 click 1") # Click
+ machine.wait_for_text("Title") # Sizing (default)
machine.screenshot("wizard5")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
- machine.wait_for_text("bindings") # Mouse Modifiers (default)
+ machine.wait_for_text("clicked") # Windows Focus
+ machine.succeed("xdotool mousemove 512 370 click 1") # Click
machine.screenshot("wizard6")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
@@ -74,7 +70,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
machine.screenshot("wizard8")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
- machine.wait_for_text("Compositing") # Compositing (default)
+ machine.wait_for_text("OpenGL") # Compositing (default)
machine.screenshot("wizard9")
machine.succeed("xdotool mousemove 512 740 click 1") # Next
diff --git a/nixpkgs/nixos/tests/ergo.nix b/nixpkgs/nixos/tests/ergo.nix
new file mode 100644
index 00000000000..8cdbbf62a95
--- /dev/null
+++ b/nixpkgs/nixos/tests/ergo.nix
@@ -0,0 +1,18 @@
+import ./make-test-python.nix ({ pkgs, ... }: {
+ name = "ergo";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ mmahut ];
+ };
+
+ nodes = {
+ machine = { ... }: {
+ services.ergo.enable = true;
+ services.ergo.api.keyHash = "324dcf027dd4a30a932c441f365a25e86b173defa4b8e58948253471b81b72cf";
+ };
+ };
+
+ testScript = ''
+ start_all()
+ machine.wait_for_unit("ergo.service")
+ '';
+})
diff --git a/nixpkgs/nixos/tests/haproxy.nix b/nixpkgs/nixos/tests/haproxy.nix
index 79f34b07faf..ffb77c052a2 100644
--- a/nixpkgs/nixos/tests/haproxy.nix
+++ b/nixpkgs/nixos/tests/haproxy.nix
@@ -43,5 +43,13 @@ import ./make-test-python.nix ({ pkgs, ...}: {
assert "haproxy_process_pool_allocated_bytes" in machine.succeed(
"curl -k http://localhost:80/metrics"
)
+
+ with subtest("reload"):
+ machine.succeed("systemctl reload haproxy")
+ # wait some time to ensure the following request hits the reloaded haproxy
+ machine.sleep(5)
+ assert "We are all good!" in machine.succeed(
+ "curl -k http://localhost:80/index.txt"
+ )
'';
})
diff --git a/nixpkgs/nixos/tests/home-assistant.nix b/nixpkgs/nixos/tests/home-assistant.nix
index 80dca43f1f3..3365e74ba83 100644
--- a/nixpkgs/nixos/tests/home-assistant.nix
+++ b/nixpkgs/nixos/tests/home-assistant.nix
@@ -76,7 +76,7 @@ in {
hass.succeed("test -f ${configDir}/ui-lovelace.yaml")
with subtest("Check that Home Assistant's web interface and API can be reached"):
hass.wait_for_open_port(8123)
- hass.succeed("curl --fail http://localhost:8123/states")
+ hass.succeed("curl --fail http://localhost:8123/lovelace")
assert "API running" in hass.succeed(
"curl --fail -H 'x-ha-access: ${apiPassword}' http://localhost:8123/api/"
)
diff --git a/nixpkgs/nixos/tests/hostname.nix b/nixpkgs/nixos/tests/hostname.nix
new file mode 100644
index 00000000000..3b87303d73e
--- /dev/null
+++ b/nixpkgs/nixos/tests/hostname.nix
@@ -0,0 +1,66 @@
+{ system ? builtins.currentSystem,
+ config ? {},
+ pkgs ? import ../.. { inherit system config; }
+}:
+
+with import ../lib/testing-python.nix { inherit system pkgs; };
+with pkgs.lib;
+
+let
+ makeHostNameTest = hostName: domain:
+ let
+ fqdn = hostName + (optionalString (domain != null) ".${domain}");
+ in
+ makeTest {
+ name = "hostname-${fqdn}";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ primeos blitz ];
+ };
+
+ machine = { lib, ... }: {
+ networking.hostName = hostName;
+ networking.domain = domain;
+
+ environment.systemPackages = with pkgs; [
+ inetutils
+ ];
+ };
+
+ testScript = ''
+ start_all()
+
+ machine = ${hostName}
+
+ machine.wait_for_unit("network-online.target")
+
+ # The FQDN, domain name, and hostname detection should work as expected:
+ assert "${fqdn}" == machine.succeed("hostname --fqdn").strip()
+ assert "${optionalString (domain != null) domain}" == machine.succeed("dnsdomainname").strip()
+ assert (
+ "${hostName}"
+ == machine.succeed(
+ 'hostnamectl status | grep "Static hostname" | cut -d: -f2'
+ ).strip()
+ )
+
+ # 127.0.0.1 and ::1 should resolve back to "localhost":
+ assert (
+ "localhost" == machine.succeed("getent hosts 127.0.0.1 | awk '{print $2}'").strip()
+ )
+ assert "localhost" == machine.succeed("getent hosts ::1 | awk '{print $2}'").strip()
+
+ # 127.0.0.2 should resolve back to the FQDN and hostname:
+ fqdn_and_host_name = "${optionalString (domain != null) "${hostName}.${domain} "}${hostName}"
+ assert (
+ fqdn_and_host_name
+ == machine.succeed("getent hosts 127.0.0.2 | awk '{print $2,$3}'").strip()
+ )
+ '';
+ };
+
+in
+{
+ noExplicitDomain = makeHostNameTest "ahost" null;
+
+ explicitDomain = makeHostNameTest "ahost" "adomain";
+}
diff --git a/nixpkgs/nixos/tests/nextcloud/basic.nix b/nixpkgs/nixos/tests/nextcloud/basic.nix
index 92ac5c46e8f..9cbecf01f57 100644
--- a/nixpkgs/nixos/tests/nextcloud/basic.nix
+++ b/nixpkgs/nixos/tests/nextcloud/basic.nix
@@ -9,7 +9,22 @@ in {
nodes = {
# The only thing the client needs to do is download a file.
- client = { ... }: {};
+ client = { ... }: {
+ services.davfs2.enable = true;
+ system.activationScripts.davfs2-secrets = ''
+ echo "http://nextcloud/remote.php/webdav/ ${adminuser} ${adminpass}" > /tmp/davfs2-secrets
+ chmod 600 /tmp/davfs2-secrets
+ '';
+ fileSystems = pkgs.lib.mkVMOverride {
+ "/mnt/dav" = {
+ device = "http://nextcloud/remote.php/webdav/";
+ fsType = "davfs";
+ options = let
+ davfs2Conf = (pkgs.writeText "davfs2.conf" "secrets /tmp/davfs2-secrets");
+ in [ "conf=${davfs2Conf}" "x-systemd.automount" "noauto"];
+ };
+ };
+ };
nextcloud = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
@@ -60,5 +75,6 @@ in {
client.succeed(
"${withRcloneEnv} ${diffSharedFile}"
)
+ assert "hi" in client.succeed("cat /mnt/dav/test-shared-file")
'';
})
diff --git a/nixpkgs/nixos/tests/podman.nix b/nixpkgs/nixos/tests/podman.nix
index 283db71d9a4..9134a68ff38 100644
--- a/nixpkgs/nixos/tests/podman.nix
+++ b/nixpkgs/nixos/tests/podman.nix
@@ -38,23 +38,45 @@ import ./make-test-python.nix (
start_all()
- with subtest("Run container as root"):
+ with subtest("Run container as root with runc"):
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
podman.succeed(
- "podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
+ "podman run --runtime=runc -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
)
podman.succeed("podman ps | grep sleeping")
podman.succeed("podman stop sleeping")
+ podman.succeed("podman rm sleeping")
- with subtest("Run container rootless"):
+ with subtest("Run container as root with crun"):
+ podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
+ podman.succeed(
+ "podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
+ )
+ podman.succeed("podman ps | grep sleeping")
+ podman.succeed("podman stop sleeping")
+ podman.succeed("podman rm sleeping")
+
+ with subtest("Run container rootless with runc"):
+ podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
+ podman.succeed(
+ su_cmd(
+ "podman run --runtime=runc -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
+ )
+ )
+ podman.succeed(su_cmd("podman ps | grep sleeping"))
+ podman.succeed(su_cmd("podman stop sleeping"))
+ podman.succeed(su_cmd("podman rm sleeping"))
+
+ with subtest("Run container rootless with crun"):
podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
podman.succeed(
su_cmd(
- "podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
+ "podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
)
)
podman.succeed(su_cmd("podman ps | grep sleeping"))
podman.succeed(su_cmd("podman stop sleeping"))
+ podman.succeed(su_cmd("podman rm sleeping"))
'';
}
)
diff --git a/nixpkgs/nixos/tests/sogo.nix b/nixpkgs/nixos/tests/sogo.nix
new file mode 100644
index 00000000000..016331a9eed
--- /dev/null
+++ b/nixpkgs/nixos/tests/sogo.nix
@@ -0,0 +1,58 @@
+import ./make-test-python.nix ({ pkgs, ... }: {
+ name = "sogo";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ ajs124 das_j ];
+ };
+
+ nodes = {
+ sogo = { config, pkgs, ... }: {
+ services.nginx.enable = true;
+
+ services.mysql = {
+ enable = true;
+ package = pkgs.mysql;
+ ensureDatabases = [ "sogo" ];
+ ensureUsers = [{
+ name = "sogo";
+ ensurePermissions = {
+ "sogo.*" = "ALL PRIVILEGES";
+ };
+ }];
+ };
+
+ services.sogo = {
+ enable = true;
+ timezone = "Europe/Berlin";
+ extraConfig = ''
+ WOWorkersCount = 1;
+
+ SOGoUserSources = (
+ {
+ type = sql;
+ userPasswordAlgorithm = md5;
+ viewURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_users";
+ canAuthenticate = YES;
+ id = users;
+ }
+ );
+
+ SOGoProfileURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_user_profile";
+ OCSFolderInfoURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_folder_info";
+ OCSSessionsFolderURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_sessions_folder";
+ OCSEMailAlarmsFolderURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_alarms_folder";
+ OCSStoreURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_store";
+ OCSAclURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_acl";
+ OCSCacheFolderURL = "mysql://sogo@%2Frun%2Fmysqld%2Fmysqld.sock/sogo/sogo_cache_folder";
+ '';
+ };
+ };
+ };
+
+ testScript = ''
+ start_all()
+ sogo.wait_for_unit("multi-user.target")
+ sogo.wait_for_open_port(20000)
+ sogo.wait_for_open_port(80)
+ sogo.succeed("curl -sSfL http://sogo/SOGo")
+ '';
+})
diff --git a/nixpkgs/nixos/tests/web-servers/unit-php.nix b/nixpkgs/nixos/tests/web-servers/unit-php.nix
index c6327a1f825..2a0a5bdaa5d 100644
--- a/nixpkgs/nixos/tests/web-servers/unit-php.nix
+++ b/nixpkgs/nixos/tests/web-servers/unit-php.nix
@@ -23,7 +23,10 @@ in {
"user": "testuser",
"group": "testgroup",
"root": "${testdir}/www",
- "index": "info.php"
+ "index": "info.php",
+ "options": {
+ "file": "${pkgs.unit.usedPhp74}/lib/php.ini"
+ }
}
}
}
@@ -42,6 +45,13 @@ in {
};
testScript = ''
machine.wait_for_unit("unit.service")
- assert "PHP Version ${pkgs.php74.version}" in machine.succeed("curl -vvv -s http://127.0.0.1:9074/")
+
+ # Check so we get an evaluated PHP back
+ response = machine.succeed("curl -vvv -s http://127.0.0.1:9074/")
+ assert "PHP Version ${pkgs.unit.usedPhp74.version}" in response, "PHP version not detected"
+
+ # Check so we have database and some other extensions loaded
+ for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]:
+ assert ext in response, f"Missing {ext} extension"
'';
})
diff --git a/nixpkgs/nixos/tests/wireguard/basic.nix b/nixpkgs/nixos/tests/wireguard/basic.nix
new file mode 100644
index 00000000000..25d706ae2e5
--- /dev/null
+++ b/nixpkgs/nixos/tests/wireguard/basic.nix
@@ -0,0 +1,74 @@
+{ kernelPackages ? null }:
+import ../make-test-python.nix ({ pkgs, lib, ...} :
+ let
+ wg-snakeoil-keys = import ./snakeoil-keys.nix;
+ peer = (import ./make-peer.nix) { inherit lib; };
+ in
+ {
+ name = "wireguard";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ ma27 ];
+ };
+
+ nodes = {
+ peer0 = peer {
+ ip4 = "192.168.0.1";
+ ip6 = "fd00::1";
+ extraConfig = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
+ networking.firewall.allowedUDPPorts = [ 23542 ];
+ networking.wireguard.interfaces.wg0 = {
+ ips = [ "10.23.42.1/32" "fc00::1/128" ];
+ listenPort = 23542;
+
+ inherit (wg-snakeoil-keys.peer0) privateKey;
+
+ peers = lib.singleton {
+ allowedIPs = [ "10.23.42.2/32" "fc00::2/128" ];
+
+ inherit (wg-snakeoil-keys.peer1) publicKey;
+ };
+ };
+ };
+ };
+
+ peer1 = peer {
+ ip4 = "192.168.0.2";
+ ip6 = "fd00::2";
+ extraConfig = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
+ networking.wireguard.interfaces.wg0 = {
+ ips = [ "10.23.42.2/32" "fc00::2/128" ];
+ listenPort = 23542;
+ allowedIPsAsRoutes = false;
+
+ inherit (wg-snakeoil-keys.peer1) privateKey;
+
+ peers = lib.singleton {
+ allowedIPs = [ "0.0.0.0/0" "::/0" ];
+ endpoint = "192.168.0.1:23542";
+ persistentKeepalive = 25;
+
+ inherit (wg-snakeoil-keys.peer0) publicKey;
+ };
+
+ postSetup = let inherit (pkgs) iproute; in ''
+ ${iproute}/bin/ip route replace 10.23.42.1/32 dev wg0
+ ${iproute}/bin/ip route replace fc00::1/128 dev wg0
+ '';
+ };
+ };
+ };
+ };
+
+ testScript = ''
+ start_all()
+
+ peer0.wait_for_unit("wireguard-wg0.service")
+ peer1.wait_for_unit("wireguard-wg0.service")
+
+ peer1.succeed("ping -c5 fc00::1")
+ peer1.succeed("ping -c5 10.23.42.1")
+ '';
+ }
+)
diff --git a/nixpkgs/nixos/tests/wireguard/default.nix b/nixpkgs/nixos/tests/wireguard/default.nix
index e3bc31c600f..dedb321ff2e 100644
--- a/nixpkgs/nixos/tests/wireguard/default.nix
+++ b/nixpkgs/nixos/tests/wireguard/default.nix
@@ -1,71 +1,27 @@
-import ../make-test-python.nix ({ pkgs, lib, ...} :
- let
- wg-snakeoil-keys = import ./snakeoil-keys.nix;
- peer = (import ./make-peer.nix) { inherit lib; };
- in
- {
- name = "wireguard";
- meta = with pkgs.stdenv.lib.maintainers; {
- maintainers = [ ma27 ];
- };
-
- nodes = {
- peer0 = peer {
- ip4 = "192.168.0.1";
- ip6 = "fd00::1";
- extraConfig = {
- networking.firewall.allowedUDPPorts = [ 23542 ];
- networking.wireguard.interfaces.wg0 = {
- ips = [ "10.23.42.1/32" "fc00::1/128" ];
- listenPort = 23542;
-
- inherit (wg-snakeoil-keys.peer0) privateKey;
-
- peers = lib.singleton {
- allowedIPs = [ "10.23.42.2/32" "fc00::2/128" ];
-
- inherit (wg-snakeoil-keys.peer1) publicKey;
- };
- };
- };
- };
-
- peer1 = peer {
- ip4 = "192.168.0.2";
- ip6 = "fd00::2";
- extraConfig = {
- networking.wireguard.interfaces.wg0 = {
- ips = [ "10.23.42.2/32" "fc00::2/128" ];
- listenPort = 23542;
- allowedIPsAsRoutes = false;
-
- inherit (wg-snakeoil-keys.peer1) privateKey;
-
- peers = lib.singleton {
- allowedIPs = [ "0.0.0.0/0" "::/0" ];
- endpoint = "192.168.0.1:23542";
- persistentKeepalive = 25;
-
- inherit (wg-snakeoil-keys.peer0) publicKey;
- };
-
- postSetup = let inherit (pkgs) iproute; in ''
- ${iproute}/bin/ip route replace 10.23.42.1/32 dev wg0
- ${iproute}/bin/ip route replace fc00::1/128 dev wg0
- '';
- };
- };
- };
- };
-
- testScript = ''
- start_all()
-
- peer0.wait_for_unit("wireguard-wg0.service")
- peer1.wait_for_unit("wireguard-wg0.service")
-
- peer1.succeed("ping -c5 fc00::1")
- peer1.succeed("ping -c5 10.23.42.1")
- '';
- }
+{ system ? builtins.currentSystem
+, config ? { }
+, pkgs ? import ../../.. { inherit system config; }
+, kernelVersionsToTest ? [ "5.4" "latest" ]
+}:
+
+with pkgs.lib;
+
+let
+ tests = let callTest = p: flip (import p) { inherit system pkgs; }; in {
+ basic = callTest ./basic.nix;
+ namespaces = callTest ./namespaces.nix;
+ wg-quick = callTest ./wg-quick.nix;
+ generated = callTest ./generated.nix;
+ };
+in
+
+listToAttrs (
+ flip concatMap kernelVersionsToTest (version:
+ let
+ v' = replaceStrings [ "." ] [ "_" ] version;
+ in
+ flip mapAttrsToList tests (name: test:
+ nameValuePair "wireguard-${name}-linux-${v'}" (test { kernelPackages = pkgs."linuxPackages_${v'}"; })
+ )
+ )
)
diff --git a/nixpkgs/nixos/tests/wireguard/generated.nix b/nixpkgs/nixos/tests/wireguard/generated.nix
index a29afd2d466..cdf15483265 100644
--- a/nixpkgs/nixos/tests/wireguard/generated.nix
+++ b/nixpkgs/nixos/tests/wireguard/generated.nix
@@ -1,4 +1,5 @@
-import ../make-test-python.nix ({ pkgs, ...} : {
+{ kernelPackages ? null }:
+import ../make-test-python.nix ({ pkgs, lib, ... } : {
name = "wireguard-generated";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ ma27 grahamc ];
@@ -6,6 +7,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
nodes = {
peer1 = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.firewall.allowedUDPPorts = [ 12345 ];
networking.wireguard.interfaces.wg0 = {
ips = [ "10.10.10.1/24" ];
@@ -17,6 +19,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
};
peer2 = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.firewall.allowedUDPPorts = [ 12345 ];
networking.wireguard.interfaces.wg0 = {
ips = [ "10.10.10.2/24" ];
diff --git a/nixpkgs/nixos/tests/wireguard/namespaces.nix b/nixpkgs/nixos/tests/wireguard/namespaces.nix
index c8a4e3bb52a..c47175ceafc 100644
--- a/nixpkgs/nixos/tests/wireguard/namespaces.nix
+++ b/nixpkgs/nixos/tests/wireguard/namespaces.nix
@@ -1,3 +1,5 @@
+{ kernelPackages ? null }:
+
let
listenPort = 12345;
socketNamespace = "foo";
@@ -13,7 +15,7 @@ let
in
-import ../make-test-python.nix ({ pkgs, ...} : {
+import ../make-test-python.nix ({ pkgs, lib, ... } : {
name = "wireguard-with-namespaces";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ asymmetric ];
@@ -23,6 +25,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
# interface should be created in the socketNamespace
# and not moved from there
peer0 = pkgs.lib.attrsets.recursiveUpdate node {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
@@ -33,6 +36,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
# interface should be created in the init namespace
# and moved to the interfaceNamespace
peer1 = pkgs.lib.attrsets.recursiveUpdate node {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${interfaceNamespace}
@@ -43,6 +47,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
# interface should be created in the socketNamespace
# and moved to the interfaceNamespace
peer2 = pkgs.lib.attrsets.recursiveUpdate node {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
@@ -54,6 +59,7 @@ import ../make-test-python.nix ({ pkgs, ...} : {
# interface should be created in the socketNamespace
# and moved to the init namespace
peer3 = pkgs.lib.attrsets.recursiveUpdate node {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
diff --git a/nixpkgs/nixos/tests/wireguard/wg-quick.nix b/nixpkgs/nixos/tests/wireguard/wg-quick.nix
index 7354dd01a34..5472d21cd1e 100644
--- a/nixpkgs/nixos/tests/wireguard/wg-quick.nix
+++ b/nixpkgs/nixos/tests/wireguard/wg-quick.nix
@@ -1,3 +1,5 @@
+{ kernelPackages ? null }:
+
import ../make-test-python.nix ({ pkgs, lib, ... }:
let
wg-snakeoil-keys = import ./snakeoil-keys.nix;
@@ -14,6 +16,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
ip4 = "192.168.0.1";
ip6 = "fd00::1";
extraConfig = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.firewall.allowedUDPPorts = [ 23542 ];
networking.wg-quick.interfaces.wg0 = {
address = [ "10.23.42.1/32" "fc00::1/128" ];
@@ -34,6 +37,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }:
ip4 = "192.168.0.2";
ip6 = "fd00::2";
extraConfig = {
+ boot = lib.mkIf (kernelPackages != null) { inherit kernelPackages; };
networking.wg-quick.interfaces.wg0 = {
address = [ "10.23.42.2/32" "fc00::2/128" ];
inherit (wg-snakeoil-keys.peer1) privateKey;
diff --git a/nixpkgs/nixos/tests/yggdrasil.nix b/nixpkgs/nixos/tests/yggdrasil.nix
index 468fcf67127..9ceb7974733 100644
--- a/nixpkgs/nixos/tests/yggdrasil.nix
+++ b/nixpkgs/nixos/tests/yggdrasil.nix
@@ -85,6 +85,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
MulticastInterfaces = [ "eth1" ];
LinkLocalTCPPort = 43210;
};
+ persistentKeys = true;
};
};
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 08:31:17 +0000