diff options
| author | Matthew Bauer <mjbauer95@gmail.com> | 2020-02-19 14:43:48 -0500 |
|---|---|---|
| committer | Florian Klink <flokli@flokli.de> | 2020-03-02 13:43:20 -0800 |
| commit | e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639 (patch) | |
| tree | 05f815f8ce66023cd46e1399450f11e692d08f92 /nixos/tests | |
| parent | c6c200f1185630be562a3d8bb9449a2d8f08589c (diff) | |
| download | nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar.gz nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar.bz2 nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar.lz nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar.xz nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.tar.zst nixpkgs-e0e4d591cc4ed4ff14c3f5bffb96d99b971ae639.zip | |
nixos/cage: init
Add a cage module to nixos. This can be used to make kiosk-style systems that boot directly to a single application. The user (demo by default) is automatically logged in by this service and the program (xterm by default) is automatically started. This is useful for some embedded, single-user systems where we want automatic booting. To keep the system secure, the user should have limited privileges. Based on the service provided in the Cage wiki here: https://github.com/Hjdskes/cage/wiki/Starting-Cage-on-boot-with-systemd Co-Authored-By: Florian Klink <flokli@flokli.de>
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/cage.nix | 43 |
2 files changed, 44 insertions, 0 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 2e547780439..9858113c8be 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -39,6 +39,7 @@ in buildbot = handleTest ./buildbot.nix {}; caddy = handleTest ./caddy.nix {}; cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {}; + cage = handleTest ./cage.nix {}; cassandra = handleTest ./cassandra.nix {}; ceph-single-node = handleTestOn ["x86_64-linux"] ./ceph-single-node.nix {}; ceph-multi-node = handleTestOn ["x86_64-linux"] ./ceph-multi-node.nix {}; diff --git a/nixos/tests/cage.nix b/nixos/tests/cage.nix new file mode 100644 index 00000000000..a6f73e00c06 --- /dev/null +++ b/nixos/tests/cage.nix @@ -0,0 +1,43 @@ +import ./make-test-python.nix ({ pkgs, ...} : + +{ + name = "cage"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ matthewbauer flokli ]; + }; + + machine = { ... }: + + { + imports = [ ./common/user-account.nix ]; + services.cage = { + enable = true; + user = "alice"; + program = "${pkgs.xterm}/bin/xterm -cm -pc"; # disable color and bold to make OCR easier + }; + + # this needs a fairly recent kernel, otherwise: + # [backend/drm/util.c:215] Unable to add DRM framebuffer: No such file or directory + # [backend/drm/legacy.c:15] Virtual-1: Failed to set CRTC: No such file or directory + # [backend/drm/util.c:215] Unable to add DRM framebuffer: No such file or directory + # [backend/drm/legacy.c:15] Virtual-1: Failed to set CRTC: No such file or directory + # [backend/drm/drm.c:618] Failed to initialize renderer on connector 'Virtual-1': initial page-flip failed + # [backend/drm/drm.c:701] Failed to initialize renderer for plane + boot.kernelPackages = pkgs.linuxPackages_latest; + + virtualisation.memorySize = 1024; + }; + + enableOCR = true; + + testScript = { nodes, ... }: let + user = nodes.machine.config.users.users.alice; + in '' + with subtest("Wait for cage to boot up"): + start_all() + machine.wait_for_file("/run/user/${toString user.uid}/wayland-0.lock") + machine.wait_until_succeeds("pgrep xterm") + machine.wait_for_text("alice@machine") + machine.screenshot("screen") + ''; +}) |