diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/acme.nix | 4 | ||||
-rw-r--r-- | nixos/tests/cfssl.nix | 67 | ||||
-rw-r--r-- | nixos/tests/containers-imperative.nix | 5 | ||||
-rw-r--r-- | nixos/tests/gnome3.nix | 1 | ||||
-rw-r--r-- | nixos/tests/graphite.nix | 5 | ||||
-rw-r--r-- | nixos/tests/netdata.nix | 8 |
6 files changed, 86 insertions, 4 deletions
diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index 6d728b387e1..c7fd4910e07 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -12,7 +12,9 @@ let ''; }); - pythonPackages = (super.python.override { + # Override certifi so that it accepts fake certificate for Let's Encrypt + # Need to override the attribute used by simp_le, which is python3Packages + python3Packages = (super.python3.override { packageOverrides = lib.const (pysuper: { certifi = pysuper.certifi.overridePythonAttrs (attrs: { postPatch = (attrs.postPatch or "") + '' diff --git a/nixos/tests/cfssl.nix b/nixos/tests/cfssl.nix new file mode 100644 index 00000000000..513ed8c4574 --- /dev/null +++ b/nixos/tests/cfssl.nix @@ -0,0 +1,67 @@ +import ./make-test.nix ({ pkgs, ...} : { + name = "cfssl"; + + machine = { config, lib, pkgs, ... }: + { + networking.firewall.allowedTCPPorts = [ config.services.cfssl.port ]; + + services.cfssl.enable = true; + systemd.services.cfssl.after = [ "cfssl-init.service" ]; + + systemd.services.cfssl-init = { + description = "Initialize the cfssl CA"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "cfssl"; + Type = "oneshot"; + WorkingDirectory = config.services.cfssl.dataDir; + }; + script = with pkgs; '' + ${cfssl}/bin/cfssl genkey -initca ${pkgs.writeText "ca.json" (builtins.toJSON { + hosts = [ "ca.example.com" ]; + key = { + algo = "rsa"; size = 4096; }; + names = [ + { + C = "US"; + L = "San Francisco"; + O = "Internet Widgets, LLC"; + OU = "Certificate Authority"; + ST = "California"; + } + ]; + })} | ${cfssl}/bin/cfssljson -bare ca + ''; + }; + }; + + testScript = + let + cfsslrequest = with pkgs; writeScript "cfsslrequest" '' + curl -X POST -H "Content-Type: application/json" -d @${csr} \ + http://localhost:8888/api/v1/cfssl/newkey | ${cfssl}/bin/cfssljson /tmp/certificate + ''; + csr = pkgs.writeText "csr.json" (builtins.toJSON { + CN = "www.example.com"; + hosts = [ "example.com" "www.example.com" ]; + key = { + algo = "rsa"; + size = 2048; + }; + names = [ + { + C = "US"; + L = "San Francisco"; + O = "Example Company, LLC"; + OU = "Operations"; + ST = "California"; + } + ]; + }); + in + '' + $machine->waitForUnit('cfssl.service'); + $machine->waitUntilSucceeds('${cfsslrequest}'); + $machine->succeed('ls /tmp/certificate-key.pem'); + ''; +}) diff --git a/nixos/tests/containers-imperative.nix b/nixos/tests/containers-imperative.nix index 93b00b5b977..913d8bed19d 100644 --- a/nixos/tests/containers-imperative.nix +++ b/nixos/tests/containers-imperative.nix @@ -9,6 +9,11 @@ import ./make-test.nix ({ pkgs, ...} : { machine = { config, pkgs, lib, ... }: { imports = [ ../modules/installer/cd-dvd/channel.nix ]; + + # XXX: Sandbox setup fails while trying to hardlink files from the host's + # store file system into the prepared chroot directory. + nix.useSandbox = false; + virtualisation.writableStore = true; virtualisation.memorySize = 1024; # Make sure we always have all the required dependencies for creating a diff --git a/nixos/tests/gnome3.nix b/nixos/tests/gnome3.nix index 3f51d04163a..af2404bf530 100644 --- a/nixos/tests/gnome3.nix +++ b/nixos/tests/gnome3.nix @@ -15,6 +15,7 @@ import ./make-test.nix ({ pkgs, ...} : { services.xserver.displayManager.lightdm.autoLogin.enable = true; services.xserver.displayManager.lightdm.autoLogin.user = "alice"; services.xserver.desktopManager.gnome3.enable = true; + services.xserver.desktopManager.default = "gnome"; virtualisation.memorySize = 1024; }; diff --git a/nixos/tests/graphite.nix b/nixos/tests/graphite.nix index 1fe4357191e..27a87bdbb9f 100644 --- a/nixos/tests/graphite.nix +++ b/nixos/tests/graphite.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ ... } : +import ./make-test.nix ({ pkgs, ... } : { name = "graphite"; nodes = { @@ -11,10 +11,12 @@ import ./make-test.nix ({ ... } : api = { enable = true; port = 8082; + finders = [ pkgs.python27Packages.influxgraph ]; }; carbon.enableCache = true; seyren.enable = true; pager.enable = true; + beacon.enable = true; }; }; }; @@ -25,6 +27,7 @@ import ./make-test.nix ({ ... } : $one->waitForUnit("graphiteWeb.service"); $one->waitForUnit("graphiteApi.service"); $one->waitForUnit("graphitePager.service"); + $one->waitForUnit("graphite-beacon.service"); $one->waitForUnit("carbonCache.service"); $one->waitForUnit("seyren.service"); # The services above are of type "simple". systemd considers them active immediately diff --git a/nixos/tests/netdata.nix b/nixos/tests/netdata.nix index c56506ba287..eb45db6f04c 100644 --- a/nixos/tests/netdata.nix +++ b/nixos/tests/netdata.nix @@ -19,8 +19,12 @@ import ./make-test.nix ({ pkgs, ...} : { startAll; $netdata->waitForUnit("netdata.service"); - # check if netdata can read disk ops for root owned processes. - # if > 0, successful. verifies both netdata working and + + # check if the netdata main page loads. + $netdata->succeed("curl --fail http://localhost:19999/"); + + # check if netdata can read disk ops for root owned processes. + # if > 0, successful. verifies both netdata working and # apps.plugin has elevated capabilities. my $cmd = <<'CMD'; curl -s http://localhost:19999/api/v1/data\?chart=users.pwrites | \ |