diff options
| author | 0x4A6F <0x4A6F@users.noreply.github.com> | 2021-12-18 13:00:28 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-18 13:00:28 +0100 |
| commit | 0b738b87dbff870720bebac1e25e645941ba1fd9 (patch) | |
| tree | c1e89f1b5e80894426d297a894e18e460cdbb561 /nixos | |
| parent | 289cf9d625d2f474bb8555619de03758c3d42e85 (diff) | |
| parent | 8bbae8e55873b31faf233cd40cf212b0b8b113c6 (diff) | |
| download | nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar.gz nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar.bz2 nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar.lz nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar.xz nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.tar.zst nixpkgs-0b738b87dbff870720bebac1e25e645941ba1fd9.zip | |
Merge pull request #151145 from zhaofengli/unifi5-log4j-new-mitigation
unifi5: Follow new mitigation guidelines
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/unifi.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/unifi.nix | 35 |
3 files changed, 36 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix index e1908cf44d1..a683c537f05 100644 --- a/nixos/modules/services/networking/unifi.nix +++ b/nixos/modules/services/networking/unifi.nix @@ -7,7 +7,6 @@ let @${cfg.jrePackage}/bin/java java \ ${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \ ${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \ - ${optionalString (lib.versionOlder cfg.unifiPackage.version "6.5.54") "-Dlog4j2.formatMsgNoLookups=true"} \ -jar ${stateDir}/lib/ace.jar ''; in diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 5c8342f0bb7..80645283c87 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -485,6 +485,7 @@ in ucarp = handleTest ./ucarp.nix {}; udisks2 = handleTest ./udisks2.nix {}; unbound = handleTest ./unbound.nix {}; + unifi = handleTest ./unifi.nix {}; unit-php = handleTest ./web-servers/unit-php.nix {}; upnp = handleTest ./upnp.nix {}; usbguard = handleTest ./usbguard.nix {}; diff --git a/nixos/tests/unifi.nix b/nixos/tests/unifi.nix new file mode 100644 index 00000000000..34284811abf --- /dev/null +++ b/nixos/tests/unifi.nix @@ -0,0 +1,35 @@ +# Test UniFi controller + +{ system ? builtins.currentSystem +, config ? { allowUnfree = true; } +, pkgs ? import ../.. { inherit system config; } +}: + +with import ../lib/testing-python.nix { inherit system pkgs; }; +with pkgs.lib; + +let + makeAppTest = unifi: makeTest { + name = "unifi-controller-${unifi.version}"; + meta = with pkgs.lib.maintainers; { + maintainers = [ zhaofengli ]; + }; + + nodes.server = { + services.unifi = { + enable = true; + unifiPackage = unifi; + openFirewall = false; + }; + }; + + testScript = '' + server.wait_for_unit("unifi.service") + server.wait_until_succeeds("curl -Lk https://localhost:8443 >&2", timeout=300) + ''; + }; +in with pkgs; { + unifiLTS = makeAppTest unifiLTS; + unifi5 = makeAppTest unifi5; + unifi6 = makeAppTest unifi6; +} |