diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-07-26 06:02:58 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-26 06:02:58 +0000 |
commit | 52e7c12c4137ec0aefd2aac63015ee29f26c3453 (patch) | |
tree | 9d673136e49c3b1167acc8f64e48d63c6990821f /nixos | |
parent | 6c4cc74b98f060f5a4afba743f42fc11413ed248 (diff) | |
parent | 8aaeccd6478e4d52663da15ed99705b46f099f4c (diff) | |
download | nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar.gz nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar.bz2 nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar.lz nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar.xz nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.tar.zst nixpkgs-52e7c12c4137ec0aefd2aac63015ee29f26c3453.zip |
Merge staging-next into staging
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/security/pam.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 4 | ||||
-rw-r--r-- | nixos/modules/system/boot/networkd.nix | 7 | ||||
-rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
-rw-r--r-- | nixos/tests/lighttpd.nix | 21 |
5 files changed, 34 insertions, 3 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index a80312367d8..d9d072b36e6 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -482,10 +482,10 @@ let (let p11 = config.security.pam.p11; in optionalString cfg.p11Auth '' auth ${p11.control} ${pkgs.pam_p11}/lib/security/pam_p11.so ${pkgs.opensc}/lib/opensc-pkcs11.so '') + - (let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth '' + (let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth ('' auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} '' + ''${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"} ${optionalString (u2f.appId != null) "appid=${u2f.appId}"} ${optionalString (u2f.origin != null) "origin=${u2f.origin}"} - '') + + '')) + optionalString cfg.usbAuth '' auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so '' + diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 6b69d559748..52a50b892ec 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -442,7 +442,9 @@ in ${flip concatMapStrings cfg.hostKeys (k: '' if ! [ -s "${k.path}" ]; then - rm -f "${k.path}" + if ! [ -h "${k.path}" ]; then + rm -f "${k.path}" + fi ssh-keygen \ -t "${k.type}" \ ${if k ? bits then "-b ${toString k.bits}" else ""} \ diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index 0336930b3ab..357c2bab993 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -452,6 +452,7 @@ let "AllMulticast" "Unmanaged" "RequiredForOnline" + "RequiredFamilyForOnline" "ActivationPolicy" ]) (assertMacAddress "MACAddress") @@ -471,6 +472,12 @@ let "enslaved" "routable" ])) + (assertValueOneOf "RequiredFamilyForOnline" [ + "ipv4" + "ipv6" + "both" + "any" + ]) (assertValueOneOf "ActivationPolicy" ([ "up" "always-up" diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 03a7f17c07c..8d26845615f 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -282,6 +282,7 @@ in { libuiohook = handleTest ./libuiohook.nix {}; lidarr = handleTest ./lidarr.nix {}; lightdm = handleTest ./lightdm.nix {}; + lighttpd = handleTest ./lighttpd.nix {}; limesurvey = handleTest ./limesurvey.nix {}; litestream = handleTest ./litestream.nix {}; locate = handleTest ./locate.nix {}; diff --git a/nixos/tests/lighttpd.nix b/nixos/tests/lighttpd.nix new file mode 100644 index 00000000000..36e2745c55c --- /dev/null +++ b/nixos/tests/lighttpd.nix @@ -0,0 +1,21 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "lighttpd"; + meta.maintainers = with lib.maintainers; [ bjornfor ]; + + nodes = { + server = { + services.lighttpd.enable = true; + services.lighttpd.document-root = pkgs.runCommand "document-root" {} '' + mkdir -p "$out" + echo "hello nixos test" > "$out/file.txt" + ''; + }; + }; + + testScript = '' + start_all() + server.wait_for_unit("lighttpd.service") + res = server.succeed("curl --fail http://localhost/file.txt") + assert "hello nixos test" in res, f"bad server response: '{res}'" + ''; +}) |