diff options
Diffstat (limited to 'nixos')
55 files changed, 1465 insertions, 556 deletions
diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index d61bbaddf76..ecd62eb4e84 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -13,6 +13,8 @@ with pkgs; let + inherit (lib) hasPrefix removePrefix; + lib = pkgs.lib; docbook_xsl_ns = pkgs.docbook-xsl-ns.override { @@ -36,6 +38,33 @@ let }; }; + nixos-lib = import ../../lib { }; + + testOptionsDoc = let + eval = nixos-lib.evalTest { + # Avoid evaluating a NixOS config prototype. + config.node.type = lib.types.deferredModule; + options._module.args = lib.mkOption { internal = true; }; + }; + in buildPackages.nixosOptionsDoc { + inherit (eval) options; + inherit (revision); + transformOptions = opt: opt // { + # Clean up declaration sites to not refer to the NixOS source tree. + declarations = + map + (decl: + if hasPrefix (toString ../../..) (toString decl) + then + let subpath = removePrefix "/" (removePrefix (toString ../../..) (toString decl)); + in { url = "https://github.com/NixOS/nixpkgs/blob/master/${subpath}"; name = subpath; } + else decl) + opt.declarations; + }; + documentType = "none"; + variablelistId = "test-options-list"; + }; + sources = lib.sourceFilesBySuffices ./. [".xml"]; modulesDoc = builtins.toFile "modules.xml" '' @@ -50,6 +79,7 @@ let mkdir $out ln -s ${modulesDoc} $out/modules.xml ln -s ${optionsDoc.optionsDocBook} $out/options-db.xml + ln -s ${testOptionsDoc.optionsDocBook} $out/test-options-db.xml printf "%s" "${version}" > $out/version ''; diff --git a/nixos/doc/manual/development/running-nixos-tests-interactively.section.md b/nixos/doc/manual/development/running-nixos-tests-interactively.section.md index a1431859ff5..d9c316f4b13 100644 --- a/nixos/doc/manual/development/running-nixos-tests-interactively.section.md +++ b/nixos/doc/manual/development/running-nixos-tests-interactively.section.md @@ -24,6 +24,8 @@ back into the test driver command line upon its completion. This allows you to inspect the state of the VMs after the test (e.g. to debug the test script). +## Reuse VM state {#sec-nixos-test-reuse-vm-state} + You can re-use the VM states coming from a previous run by setting the `--keep-vm-state` flag. @@ -33,3 +35,15 @@ $ ./result/bin/nixos-test-driver --keep-vm-state The machine state is stored in the `$TMPDIR/vm-state-machinename` directory. + +## Interactive-only test configuration {#sec-nixos-test-interactive-configuration} + +The `.driverInteractive` attribute combines the regular test configuration with +definitions from the [`interactive` submodule](#opt-interactive). This gives you +a more usable, graphical, but slightly different configuration. + +You can add your own interactive-only test configuration by adding extra +configuration to the [`interactive` submodule](#opt-interactive). + +To interactively run only the regular configuration, build the `<test>.driver` attribute +instead, and call it with the flag `result/bin/nixos-test-driver --interactive`. diff --git a/nixos/doc/manual/development/running-nixos-tests.section.md b/nixos/doc/manual/development/running-nixos-tests.section.md index 1bec023b613..33076f5dc2a 100644 --- a/nixos/doc/manual/development/running-nixos-tests.section.md +++ b/nixos/doc/manual/development/running-nixos-tests.section.md @@ -2,22 +2,11 @@ You can run tests using `nix-build`. For example, to run the test [`login.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix), -you just do: +you do: ```ShellSession -$ nix-build '<nixpkgs/nixos/tests/login.nix>' -``` - -or, if you don't want to rely on `NIX_PATH`: - -```ShellSession -$ cd /my/nixpkgs/nixos/tests -$ nix-build login.nix -… -running the VM test script -machine: QEMU running (pid 8841) -… -6 out of 6 tests succeeded +$ cd /my/git/clone/of/nixpkgs +$ nix-build -A nixosTests.login ``` After building/downloading all required dependencies, this will perform diff --git a/nixos/doc/manual/development/writing-nixos-tests.section.md b/nixos/doc/manual/development/writing-nixos-tests.section.md index 6934bb0face..99704ec3c14 100644 --- a/nixos/doc/manual/development/writing-nixos-tests.section.md +++ b/nixos/doc/manual/development/writing-nixos-tests.section.md @@ -1,9 +1,9 @@ # Writing Tests {#sec-writing-nixos-tests} -A NixOS test is a Nix expression that has the following structure: +A NixOS test is a module that has the following structure: ```nix -import ./make-test-python.nix { +{ # One or more machines: nodes = @@ -21,10 +21,13 @@ import ./make-test-python.nix { } ``` -The attribute `testScript` is a bit of Python code that executes the +We refer to the whole test above as a test module, whereas the values +in [`nodes.<name>`](#opt-nodes) are NixOS modules themselves. + +The option [`testScript`](#opt-testScript) is a piece of Python code that executes the test (described below). During the test, it will start one or more virtual machines, the configuration of which is described by -the attribute `nodes`. +the option [`nodes`](#opt-nodes). An example of a single-node test is [`login.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix). @@ -34,7 +37,54 @@ when switching between consoles, and so on. An interesting multi-node test is [`nfs/simple.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/nfs/simple.nix). It uses two client nodes to test correct locking across server crashes. -There are a few special NixOS configuration options for test VMs: +## Calling a test {#sec-calling-nixos-tests} + +Tests are invoked differently depending on whether the test is part of NixOS or lives in a different project. + +### Testing within NixOS {#sec-call-nixos-test-in-nixos} + +Tests that are part of NixOS are added to [`nixos/tests/all-tests.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/all-tests.nix). + +```nix + hostname = runTest ./hostname.nix; +``` + +Overrides can be added by defining an anonymous module in `all-tests.nix`. + +```nix + hostname = runTest { + imports = [ ./hostname.nix ]; + defaults.networking.firewall.enable = false; + }; +``` + +You can run a test with attribute name `hostname` in `nixos/tests/all-tests.nix` by invoking: + +```shell +cd /my/git/clone/of/nixpkgs +nix-build -A nixosTests.hostname +``` + +### Testing outside the NixOS project {#sec-call-nixos-test-outside-nixos} + +Outside the `nixpkgs` repository, you can instantiate the test by first importing the NixOS library, + +```nix +let nixos-lib = import (nixpkgs + "/nixos/lib") { }; +in + +nixos-lib.runTest { + imports = [ ./test.nix ]; + hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs + defaults.services.foo.package = mypkg; +} +``` + +`runTest` returns a derivation that runs the test. + +## Configuring the nodes {#sec-nixos-test-nodes} + +There are a few special NixOS options for test VMs: `virtualisation.memorySize` @@ -121,7 +171,7 @@ The following methods are available on machine objects: least one will be returned. ::: {.note} - This requires passing `enableOCR` to the test attribute set. + This requires [`enableOCR`](#opt-enableOCR) to be set to `true`. ::: `get_screen_text` @@ -130,7 +180,7 @@ The following methods are available on machine objects: machine\'s screen using optical character recognition. ::: {.note} - This requires passing `enableOCR` to the test attribute set. + This requires [`enableOCR`](#opt-enableOCR) to be set to `true`. ::: `send_monitor_command` @@ -241,7 +291,7 @@ The following methods are available on machine objects: `get_screen_text` and `get_screen_text_variants`). ::: {.note} - This requires passing `enableOCR` to the test attribute set. + This requires [`enableOCR`](#opt-enableOCR) to be set to `true`. ::: `wait_for_console_text` @@ -304,7 +354,7 @@ For faster dev cycles it\'s also possible to disable the code-linters (this shouldn\'t be commited though): ```nix -import ./make-test-python.nix { +{ skipLint = true; nodes.machine = { config, pkgs, ... }: @@ -336,7 +386,7 @@ Similarly, the type checking of test scripts can be disabled in the following way: ```nix -import ./make-test-python.nix { +{ skipTypeCheck = true; nodes.machine = { config, pkgs, ... }: @@ -400,7 +450,6 @@ added using the parameter `extraPythonPackages`. For example, you could add `numpy` like this: ```nix -import ./make-test-python.nix { extraPythonPackages = p: [ p.numpy ]; @@ -417,3 +466,11 @@ import ./make-test-python.nix ``` In that case, `numpy` is chosen from the generic `python3Packages`. + +## Test Options Reference {#sec-test-options-reference} + +The following options can be used when writing tests. + +```{=docbook} +<xi:include href="../../generated/test-options-db.xml" xpointer="test-options-list"/> +``` diff --git a/nixos/doc/manual/from_md/development/running-nixos-tests-interactively.section.xml b/nixos/doc/manual/from_md/development/running-nixos-tests-interactively.section.xml index 0e47350a0d2..35d9bbd1c1f 100644 --- a/nixos/doc/manual/from_md/development/running-nixos-tests-interactively.section.xml +++ b/nixos/doc/manual/from_md/development/running-nixos-tests-interactively.section.xml @@ -25,15 +25,40 @@ $ ./result/bin/nixos-test-driver completion. This allows you to inspect the state of the VMs after the test (e.g. to debug the test script). </para> - <para> - You can re-use the VM states coming from a previous run by setting - the <literal>--keep-vm-state</literal> flag. - </para> - <programlisting> + <section xml:id="sec-nixos-test-reuse-vm-state"> + <title>Reuse VM state</title> + <para> + You can re-use the VM states coming from a previous run by setting + the <literal>--keep-vm-state</literal> flag. + </para> + <programlisting> $ ./result/bin/nixos-test-driver --keep-vm-state </programlisting> - <para> - The machine state is stored in the - <literal>$TMPDIR/vm-state-machinename</literal> directory. - </para> + <para> + The machine state is stored in the + <literal>$TMPDIR/vm-state-machinename</literal> directory. + </para> + </section> + <section xml:id="sec-nixos-test-interactive-configuration"> + <title>Interactive-only test configuration</title> + <para> + The <literal>.driverInteractive</literal> attribute combines the + regular test configuration with definitions from the + <link linkend="opt-interactive"><literal>interactive</literal> + submodule</link>. This gives you a more usable, graphical, but + slightly different configuration. + </para> + <para> + You can add your own interactive-only test configuration by adding + extra configuration to the + <link linkend="opt-interactive"><literal>interactive</literal> + submodule</link>. + </para> + <para> + To interactively run only the regular configuration, build the + <literal><test>.driver</literal> attribute instead, and call + it with the flag + <literal>result/bin/nixos-test-driver --interactive</literal>. + </para> + </section> </section> diff --git a/nixos/doc/manual/from_md/development/running-nixos-tests.section.xml b/nixos/doc/manual/from_md/development/running-nixos-tests.section.xml index da2e5076c95..23abb546899 100644 --- a/nixos/doc/manual/from_md/development/running-nixos-tests.section.xml +++ b/nixos/doc/manual/from_md/development/running-nixos-tests.section.xml @@ -4,22 +4,11 @@ You can run tests using <literal>nix-build</literal>. For example, to run the test <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/login.nix"><literal>login.nix</literal></link>, - you just do: + you do: </para> <programlisting> -$ nix-build '<nixpkgs/nixos/tests/login.nix>' -</programlisting> - <para> - or, if you don’t want to rely on <literal>NIX_PATH</literal>: - </para> - <programlisting> -$ cd /my/nixpkgs/nixos/tests -$ nix-build login.nix -… -running the VM test script -machine: QEMU running (pid 8841) -… -6 out of 6 tests succeeded +$ cd /my/git/clone/of/nixpkgs +$ nix-build -A nixosTests.login </programlisting> <para> After building/downloading all required dependencies, this will diff --git a/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml b/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml index d6f4f61c064..32f5fdb77f5 100644 --- a/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml +++ b/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml @@ -1,10 +1,10 @@ -<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-writing-nixos-tests"> +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" xml:id="sec-writing-nixos-tests"> <title>Writing Tests</title> <para> - A NixOS test is a Nix expression that has the following structure: + A NixOS test is a module that has the following structure: </para> <programlisting language="bash"> -import ./make-test-python.nix { +{ # One or more machines: nodes = @@ -22,10 +22,18 @@ import ./make-test-python.nix { } </programlisting> <para> - The attribute <literal>testScript</literal> is a bit of Python code - that executes the test (described below). During the test, it will - start one or more virtual machines, the configuration of which is - described by the attribute <literal>nodes</literal>. + We refer to the whole test above as a test module, whereas the + values in + <link linkend="opt-nodes"><literal>nodes.<name></literal></link> + are NixOS modules themselves. + </para> + <para> + The option + <link linkend="opt-testScript"><literal>testScript</literal></link> + is a piece of Python code that executes the test (described below). + During the test, it will start one or more virtual machines, the + configuration of which is described by the option + <link linkend="opt-nodes"><literal>nodes</literal></link>. </para> <para> An example of a single-node test is @@ -38,78 +46,138 @@ import ./make-test-python.nix { It uses two client nodes to test correct locking across server crashes. </para> - <para> - There are a few special NixOS configuration options for test VMs: - </para> - <variablelist> - <varlistentry> - <term> - <literal>virtualisation.memorySize</literal> - </term> - <listitem> - <para> - The memory of the VM in megabytes. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term> - <literal>virtualisation.vlans</literal> - </term> - <listitem> - <para> - The virtual networks to which the VM is connected. See - <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/nat.nix"><literal>nat.nix</literal></link> - for an example. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term> - <literal>virtualisation.writableStore</literal> - </term> - <listitem> - <para> - By default, the Nix store in the VM is not writable. If you - enable this option, a writable union file system is mounted on - top of the Nix store to make it appear writable. This is - necessary for tests that run Nix operations that modify the - store. - </para> - </listitem> - </varlistentry> - </variablelist> - <para> - For more options, see the module - <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/qemu-vm.nix"><literal>qemu-vm.nix</literal></link>. - </para> - <para> - The test script is a sequence of Python statements that perform - various actions, such as starting VMs, executing commands in the - VMs, and so on. Each virtual machine is represented as an object - stored in the variable <literal>name</literal> if this is also the - identifier of the machine in the declarative config. If you - specified a node <literal>nodes.machine</literal>, the following - example starts the machine, waits until it has finished booting, - then executes a command and checks that the output is more-or-less - correct: - </para> - <programlisting language="python"> + <section xml:id="sec-calling-nixos-tests"> + <title>Calling a test</title> + <para> + Tests are invoked differently depending on whether the test is + part of NixOS or lives in a different project. + </para> + <section xml:id="sec-call-nixos-test-in-nixos"> + <title>Testing within NixOS</title> + <para> + Tests that are part of NixOS are added to + <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/all-tests.nix"><literal>nixos/tests/all-tests.nix</literal></link>. + </para> + <programlisting language="bash"> + hostname = runTest ./hostname.nix; +</programlisting> + <para> + Overrides can be added by defining an anonymous module in + <literal>all-tests.nix</literal>. + </para> + <programlisting language="bash"> + hostname = runTest { + imports = [ ./hostname.nix ]; + defaults.networking.firewall.enable = false; + }; +</programlisting> + <para> + You can run a test with attribute name + <literal>hostname</literal> in + <literal>nixos/tests/all-tests.nix</literal> by invoking: + </para> + <programlisting> +cd /my/git/clone/of/nixpkgs +nix-build -A nixosTests.hostname +</programlisting> + </section> + <section xml:id="sec-call-nixos-test-outside-nixos"> + <title>Testing outside the NixOS project</title> + <para> + Outside the <literal>nixpkgs</literal> repository, you can + instantiate the test by first importing the NixOS library, + </para> + <programlisting language="bash"> +let nixos-lib = import (nixpkgs + "/nixos/lib") { }; +in + +nixos-lib.runTest { + imports = [ ./test.nix ]; + hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs + defaults.services.foo.package = mypkg; +} +</programlisting> + <para> + <literal>runTest</literal> returns a derivation that runs the + test. + </para> + </section> + </section> + <section xml:id="sec-nixos-test-nodes"> + <title>Configuring the nodes</title> + <para> + There are a few special NixOS options for test VMs: + </para> + <variablelist> + <varlistentry> + <term> + <literal>virtualisation.memorySize</literal> + </term> + <listitem> + <para> + The memory of the VM in megabytes. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> + <literal>virtualisation.vlans</literal> + </term> + <listitem> + <para> + The virtual networks to which the VM is connected. See + <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/nat.nix"><literal>nat.nix</literal></link> + for an example. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> + <literal>virtualisation.writableStore</literal> + </term> + <listitem> + <para> + By default, the Nix store in the VM is not writable. If you + enable this option, a writable union file system is mounted + on top of the Nix store to make it appear writable. This is + necessary for tests that run Nix operations that modify the + store. + </para> + </listitem> + </varlistentry> + </variablelist> + <para> + For more options, see the module + <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/qemu-vm.nix"><literal>qemu-vm.nix</literal></link>. + </para> + <para> + The test script is a sequence of Python statements that perform + various actions, such as starting VMs, executing commands in the + VMs, and so on. Each virtual machine is represented as an object + stored in the variable <literal>name</literal> if this is also the + identifier of the machine in the declarative config. If you + specified a node <literal>nodes.machine</literal>, the following + example starts the machine, waits until it has finished booting, + then executes a command and checks that the output is more-or-less + correct: + </para> + <programlisting language="python"> machine.start() machine.wait_for_unit("default.target") if not "Linux" in machine.succeed("uname"): raise Exception("Wrong OS") </programlisting> - <para> - The first line is technically unnecessary; machines are implicitly - started when you first execute an action on them (such as - <literal>wait_for_unit</literal> or <literal>succeed</literal>). If - you have multiple machines, you can speed up the test by starting - them in parallel: - </para> - <programlisting language="python"> + <para> + The first line is technically unnecessary; machines are implicitly + started when you first execute an action on them (such as + <literal>wait_for_unit</literal> or <literal>succeed</literal>). + If you have multiple machines, you can speed up the test by + starting them in parallel: + </para> + <programlisting language="python"> start_all() </programlisting> + </section> <section xml:id="ssec-machine-objects"> <title>Machine objects</title> <para> @@ -194,8 +262,9 @@ start_all() </para> <note> <para> - This requires passing <literal>enableOCR</literal> to the - test attribute set. + This requires + <link linkend="opt-enableOCR"><literal>enableOCR</literal></link> + to be set to <literal>true</literal>. </para> </note> </listitem> @@ -211,8 +280,9 @@ start_all() </para> <note> <para> - This requires passing <literal>enableOCR</literal> to the - test attribute set. + This requires + <link linkend="opt-enableOCR"><literal>enableOCR</literal></link> + to be set to <literal>true</literal>. </para> </note> </listitem> @@ -451,8 +521,9 @@ start_all() </para> <note> <para> - This requires passing <literal>enableOCR</literal> to the - test attribute set. + This requires + <link linkend="opt-enableOCR"><literal>enableOCR</literal></link> + to be set to <literal>true</literal>. </para> </note> </listitem> @@ -563,7 +634,7 @@ machine.wait_for_unit("xautolock.service", "x-session-user") code-linters (this shouldn't be commited though): </para> <programlisting language="bash"> -import ./make-test-python.nix { +{ skipLint = true; nodes.machine = { config, pkgs, ... }: @@ -595,7 +666,7 @@ import ./make-test-python.nix { the following way: </para> <programlisting language="bash"> -import ./make-test-python.nix { +{ skipTypeCheck = true; nodes.machine = { config, pkgs, ... }: @@ -669,7 +740,6 @@ def foo_running(): <literal>numpy</literal> like this: </para> <programlisting language="bash"> -import ./make-test-python.nix { extraPythonPackages = p: [ p.numpy ]; @@ -689,4 +759,11 @@ import ./make-test-python.nix <literal>python3Packages</literal>. </para> </section> + <section xml:id="sec-test-options-reference"> + <title>Test Options Reference</title> + <para> + The following options can be used when writing tests. + </para> + <xi:include href="../../generated/test-options-db.xml" xpointer="test-options-list"/> + </section> </section> diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 566001c06bf..009b57bad86 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -719,6 +719,21 @@ </listitem> <listitem> <para> + systemd-oomd is enabled by default. Depending on which systemd + units have <literal>ManagedOOMSwap=kill</literal> or + <literal>ManagedOOMMemoryPressure=kill</literal>, systemd-oomd + will SIGKILL all the processes under the appropriate + descendant cgroups when the configured limits are exceeded. + NixOS does currently not configure cgroups with oomd by + default, this can be enabled using + <link xlink:href="options.html#opt-systemd.oomd.enableRootSlice">systemd.oomd.enableRootSlice</link>, + <link xlink:href="options.html#opt-systemd.oomd.enableSystemSlice">systemd.oomd.enableSystemSlice</link>, + and + <link xlink:href="options.html#opt-systemd.oomd.enableUserServices">systemd.oomd.enableUserServices</link>. + </para> + </listitem> + <listitem> + <para> The <literal>pass-secret-service</literal> package now includes systemd units from upstream, so adding it to the NixOS <literal>services.dbus.packages</literal> option will diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 8ab9f27edb9..b4e051a841f 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -235,6 +235,15 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - Add udev rules for the Teensy family of microcontrollers. +- systemd-oomd is enabled by default. Depending on which systemd units have + `ManagedOOMSwap=kill` or `ManagedOOMMemoryPressure=kill`, systemd-oomd will + SIGKILL all the processes under the appropriate descendant cgroups when the + configured limits are exceeded. NixOS does currently not configure cgroups + with oomd by default, this can be enabled using + [systemd.oomd.enableRootSlice](options.html#opt-systemd.oomd.enableRootSlice), + [systemd.oomd.enableSystemSlice](options.html#opt-systemd.oomd.enableSystemSlice), + and [systemd.oomd.enableUserServices](options.html#opt-systemd.oomd.enableUserServices). + - The `pass-secret-service` package now includes systemd units from upstream, so adding it to the NixOS `services.dbus.packages` option will make it start automatically as a systemd user service when an application tries to talk to the libsecret D-Bus API. - There is a new module for AMD SEV CPU functionality, which grants access to the hardware. diff --git a/nixos/lib/build-vms.nix b/nixos/lib/build-vms.nix deleted file mode 100644 index 18af49db177..00000000000 --- a/nixos/lib/build-vms.nix +++ /dev/null @@ -1,113 +0,0 @@ -{ system -, # Use a minimal kernel? - minimal ? false -, # Ignored - config ? null -, # Nixpkgs, for qemu, lib and more - pkgs, lib -, # !!! See comment about args in lib/modules.nix - specialArgs ? {} -, # NixOS configuration to add to the VMs - extraConfigurations ? [] -}: - -with lib; - -rec { - - inherit pkgs; - - # Build a virtual network from an attribute set `{ machine1 = - # config1; ... machineN = configN; }', where `machineX' is the - # hostname and `configX' is a NixOS system configuration. Each - # machine is given an arbitrary IP address in the virtual network. - buildVirtualNetwork = - nodes: let nodesOut = mapAttrs (n: buildVM nodesOut) (assignIPAddresses nodes); in nodesOut; - - - buildVM = - nodes: configurations: - - import ./eval-config.nix { - inherit system specialArgs; - modules = configurations ++ extraConfigurations; - baseModules = (import ../modules/module-list.nix) ++ - [ ../modules/virtualisation/qemu-vm.nix - ../modules/testing/test-instrumentation.nix # !!! should only get added for automated test runs - { key = "no-manual"; documentation.nixos.enable = false; } - { key = "no-revision"; - # Make the revision metadata constant, in order to avoid needless retesting. - # The human version (e.g. 21.05-pre) is left as is, because it is useful - # for external modules that test with e.g. testers.nixosTest and rely on that - # version number. - config.system.nixos.revision = mkForce "constant-nixos-revision"; - } - { key = "nodes"; _module.args.nodes = nodes; } - ] ++ optional minimal ../modules/testing/minimal-kernel.nix; - }; - - - # Given an attribute set { machine1 = config1; ... machineN = - # configN; }, sequentially assign IP addresses in the 192.168.1.0/24 - # range to each machine, and set the hostname to the attribute name. - assignIPAddresses = nodes: - - let - - machines = attrNames nodes; - - machinesNumbered = zipLists machines (range 1 254); - - nodes_ = forEach machinesNumbered (m: nameValuePair m.fst - [ ( { config, nodes, ... }: - let - interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255); - interfaces = forEach interfacesNumbered ({ fst, snd }: - nameValuePair "eth${toString snd}" { ipv4.addresses = - [ { address = "192.168.${toString fst}.${toString m.snd}"; - prefixLength = 24; - } ]; - }); - - networkConfig = - { networking.hostName = mkDefault m.fst; - - networking.interfaces = listToAttrs interfaces; - - networking.primaryIPAddress = - optionalString (interfaces != []) (head (head interfaces).value.ipv4.addresses).address; - - # Put the IP addresses of all VMs in this machine's - # /etc/hosts file. If a machine has multiple - # interfaces, use the IP address corresponding to - # the first interface (i.e. the first network in its - # virtualisation.vlans option). - networking.extraHosts = flip concatMapStrings machines - (m': let config = (getAttr m' nodes).config; in - optionalString (config.networking.primaryIPAddress != "") - ("${config.networking.primaryIPAddress} " + - optionalString (config.networking.domain != null) - "${config.networking.hostName}.${config.networking.domain} " + - "${config.networking.hostName}\n")); - - virtualisation.qemu.options = - let qemu-common = import ../lib/qemu-common.nix { inherit lib pkgs; }; - in flip concatMap interfacesNumbered - ({ fst, snd }: qemu-common.qemuNICFlags snd fst m.snd); - }; - - in - { key = "ip-address"; - config = networkConfig // { - # Expose the networkConfig items for tests like nixops - # that need to recreate the network config. - system.build.networkConfig = networkConfig; - }; - } - ) - (getAttr m.fst nodes) - ] ); - - in listToAttrs nodes_; - -} diff --git a/nixos/lib/default.nix b/nixos/lib/default.nix index 2b3056e0145..65d91342d4d 100644 --- a/nixos/lib/default.nix +++ b/nixos/lib/default.nix @@ -21,6 +21,8 @@ let seqAttrsIf = cond: a: lib.mapAttrs (_: v: seqIf cond a v); eval-config-minimal = import ./eval-config-minimal.nix { inherit lib; }; + + testing-lib = import ./testing/default.nix { inherit lib; }; in /* This attribute set appears as lib.nixos in the flake, or can be imported @@ -30,4 +32,10 @@ in inherit (seqAttrsIf (!featureFlags?minimalModules) minimalModulesWarning eval-config-minimal) evalModules ; + + inherit (testing-lib) + evalTest + runTest + ; + } diff --git a/nixos/lib/eval-config.nix b/nixos/lib/eval-config.nix index 791a03a3ba3..1e086271e52 100644 --- a/nixos/lib/eval-config.nix +++ b/nixos/lib/eval-config.nix @@ -17,6 +17,8 @@ evalConfigArgs@ # be set modularly anyway. pkgs ? null , # !!! what do we gain by making this configurable? + # we can add modules that are included in specialisations, regardless + # of inheritParentConfig. baseModules ? import ../modules/module-list.nix , # !!! See comment about args in lib/modules.nix extraArgs ? {} diff --git a/nixos/lib/testing-python.nix b/nixos/lib/testing-python.nix index 4bb1689ffd7..c303b0bf17b 100644 --- a/nixos/lib/testing-python.nix +++ b/nixos/lib/testing-python.nix @@ -12,159 +12,22 @@ with pkgs; +let + nixos-lib = import ./default.nix { inherit (pkgs) lib; }; +in + rec { inherit pkgs; - # Run an automated test suite in the given virtual network. - runTests = { driver, driverInteractive, pos }: - stdenv.mkDerivation { - name = "vm-test-run-${driver.testName}"; - - requiredSystemFeatures = [ "kvm" "nixos-test" ]; - - buildCommand = - '' - mkdir -p $out - - # effectively mute the XMLLogger - export LOGFILE=/dev/null - - ${driver}/bin/nixos-test-driver -o $out - ''; + evalTest = module: nixos-lib.evalTest { imports = [ extraTestModule module ]; }; + runTest = module: nixos-lib.runTest { imports = [ extraTestModule module ]; }; - passthru = driver.passthru // { - inherit driver driverInteractive; - }; - - inherit pos; # for better debugging + extraTestModule = { + config = { + hostPkgs = pkgs; }; - - # Generate convenience wrappers for running the test driver - # has vlans, vms and test script defaulted through env variables - # also instantiates test script with nodes, if it's a function (contract) - setupDriverForTest = { - testScript - , testName - , nodes - , qemu_pkg ? pkgs.qemu_test - , enableOCR ? false - , skipLint ? false - , skipTypeCheck ? false - , passthru ? {} - , interactive ? false - , extraPythonPackages ? (_ :[]) - }: - let - # Reifies and correctly wraps the python test driver for - # the respective qemu version and with or without ocr support - testDriver = pkgs.callPackage ./test-driver { - inherit enableOCR extraPythonPackages; - qemu_pkg = qemu_test; - imagemagick_light = imagemagick_light.override { inherit libtiff; }; - tesseract4 = tesseract4.override { enableLanguages = [ "eng" ]; }; - }; - - - testDriverName = - let - # A standard store path to the vm monitor is built like this: - # /tmp/nix-build-vm-test-run-$name.drv-0/vm-state-machine/monitor - # The max filename length of a unix domain socket is 108 bytes. - # This means $name can at most be 50 bytes long. - maxTestNameLen = 50; - testNameLen = builtins.stringLength testName; - in with builtins; - if testNameLen > maxTestNameLen then - abort - ("The name of the test '${testName}' must not be longer than ${toString maxTestNameLen} " + - "it's currently ${toString testNameLen} characters long.") - else - "nixos-test-driver-${testName}"; - - vlans = map (m: m.config.virtualisation.vlans) (lib.attrValues nodes); - vms = map (m: m.config.system.build.vm) (lib.attrValues nodes); - - nodeHostNames = let - nodesList = map (c: c.config.system.name) (lib.attrValues nodes); - in nodesList ++ lib.optional (lib.length nodesList == 1 && !lib.elem "machine" nodesList) "machine"; - - # TODO: This is an implementation error and needs fixing - # the testing famework cannot legitimately restrict hostnames further - # beyond RFC1035 - invalidNodeNames = lib.filter - (node: builtins.match "^[A-z_]([A-z0-9_]+)?$" node == null) - nodeHostNames; - - testScript' = - # Call the test script with the computed nodes. - if lib.isFunction testScript - then testScript { inherit nodes; } - else testScript; - - uniqueVlans = lib.unique (builtins.concatLists vlans); - vlanNames = map (i: "vlan${toString i}: VLan;") uniqueVlans; - machineNames = map (name: "${name}: Machine;") nodeHostNames; - in - if lib.length invalidNodeNames > 0 then - throw '' - Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})! - All machines are referenced as python variables in the testing framework which will break the - script when special characters are used. - - This is an IMPLEMENTATION ERROR and needs to be fixed. Meanwhile, - please stick to alphanumeric chars and underscores as separation. - '' - else lib.warnIf skipLint "Linting is disabled" (runCommand testDriverName - { - inherit testName; - nativeBuildInputs = [ makeWrapper mypy ]; - buildInputs = [ testDriver ]; - testScript = testScript'; - preferLocalBuild = true; - passthru = passthru // { - inherit nodes; - }; - meta.mainProgram = "nixos-test-driver"; - } - '' - mkdir -p $out/bin - - vmStartScripts=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done)) - - ${lib.optionalString (!skipTypeCheck) '' - # prepend type hints so the test script can be type checked with mypy - cat "${./test-script-prepend.py}" >> testScriptWithTypes - echo "${builtins.toString machineNames}" >> testScriptWithTypes - echo "${builtins.toString vlanNames}" >> testScriptWithTypes - echo -n "$testScript" >> testScriptWithTypes - - mypy --no-implicit-optional \ - --pretty \ - --no-color-output \ - testScriptWithTypes - ''} - - echo -n "$testScript" >> $out/test-script - - ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-test-driver - - ${testDriver}/bin/generate-driver-symbols - ${lib.optionalString (!skipLint) '' - PYFLAKES_BUILTINS="$( - echo -n ${lib.escapeShellArg (lib.concatStringsSep "," nodeHostNames)}, - < ${lib.escapeShellArg "driver-symbols"} - )" ${python3Packages.pyflakes}/bin/pyflakes $out/test-script - ''} - - # set defaults through environment - # see: ./test-driver/test-driver.py argparse implementation - wrapProgram $out/bin/nixos-test-driver \ - --set startScripts "''${vmStartScripts[*]}" \ - --set testScript "$out/test-script" \ - --set vlans '${toString vlans}' \ - ${lib.optionalString (interactive) "--add-flags --interactive"} - ''); + }; # Make a full-blown test makeTest = @@ -184,91 +47,20 @@ rec { then builtins.unsafeGetAttrPos "description" meta else builtins.unsafeGetAttrPos "testScript" t) , extraPythonPackages ? (_ : []) + , interactive ? {} } @ t: - let - mkNodes = qemu_pkg: - let - testScript' = - # Call the test script with the computed nodes. - if lib.isFunction testScript - then testScript { nodes = mkNodes qemu_pkg; } - else testScript; - - build-vms = import ./build-vms.nix { - inherit system lib pkgs minimal specialArgs; - extraConfigurations = extraConfigurations ++ [( - { config, ... }: - { - virtualisation.qemu.package = qemu_pkg; - - # Make sure all derivations referenced by the test - # script are available on the nodes. When the store is - # accessed through 9p, this isn't important, since - # everything in the store is available to the guest, - # but when building a root image it is, as all paths - # that should be available to the guest has to be - # copied to the image. - virtualisation.additionalPaths = - lib.optional - # A testScript may evaluate nodes, which has caused - # infinite recursions. The demand cycle involves: - # testScript --> - # nodes --> - # toplevel --> - # additionalPaths --> - # hasContext testScript' --> - # testScript (ad infinitum) - # If we don't need to build an image, we can break this - # cycle by short-circuiting when useNixStoreImage is false. - (config.virtualisation.useNixStoreImage && builtins.hasContext testScript') - (pkgs.writeStringReferencesToFile testScript'); - - # Ensure we do not use aliases. Ideally this is only set - # when the test framework is used by Nixpkgs NixOS tests. - nixpkgs.config.allowAliases = false; - } - )]; - }; - in - lib.warnIf (t?machine) "In test `${name}': The `machine' attribute in NixOS tests (pkgs.nixosTest / make-test-python.nix / testing-python.nix / makeTest) is deprecated. Please use the equivalent `nodes.machine'." - build-vms.buildVirtualNetwork ( - nodes // lib.optionalAttrs (machine != null) { inherit machine; } - ); - - driver = setupDriverForTest { - inherit testScript enableOCR skipTypeCheck skipLint passthru extraPythonPackages; - testName = name; - qemu_pkg = pkgs.qemu_test; - nodes = mkNodes pkgs.qemu_test; - }; - driverInteractive = setupDriverForTest { - inherit testScript enableOCR skipTypeCheck skipLint passthru extraPythonPackages; - testName = name; - qemu_pkg = pkgs.qemu; - nodes = mkNodes pkgs.qemu; - interactive = true; + runTest { + imports = [ + { _file = "makeTest parameters"; config = t; } + { + defaults = { + _file = "makeTest: extraConfigurations"; + imports = extraConfigurations; + }; + } + ]; }; - test = lib.addMetaAttrs meta (runTests { inherit driver pos driverInteractive; }); - - in - test // { - inherit test driver driverInteractive; - inherit (driver) nodes; - }; - - abortForFunction = functionName: abort ''The ${functionName} function was - removed because it is not an essential part of the NixOS testing - infrastructure. It had no usage in NixOS or Nixpkgs and it had no designated - maintainer. You are free to reintroduce it by documenting it in the manual - and adding yourself as maintainer. It was removed in - https://github.com/NixOS/nixpkgs/pull/137013 - ''; - - runInMachine = abortForFunction "runInMachine"; - - runInMachineWithX = abortForFunction "runInMachineWithX"; - simpleTest = as: (makeTest as).test; } diff --git a/nixos/lib/testing/call-test.nix b/nixos/lib/testing/call-test.nix new file mode 100644 index 00000000000..3e137e78cd4 --- /dev/null +++ b/nixos/lib/testing/call-test.nix @@ -0,0 +1,16 @@ +{ config, lib, ... }: +let + inherit (lib) mkOption types; +in +{ + options = { + callTest = mkOption { + internal = true; + type = types.functionTo types.raw; + }; + result = mkOption { + internal = true; + default = config; + }; + }; +} diff --git a/nixos/lib/testing/default.nix b/nixos/lib/testing/default.nix new file mode 100644 index 00000000000..676d52f5c3f --- /dev/null +++ b/nixos/lib/testing/default.nix @@ -0,0 +1,24 @@ +{ lib }: +let + + evalTest = module: lib.evalModules { modules = testModules ++ [ module ]; }; + runTest = module: (evalTest module).config.result; + + testModules = [ + ./call-test.nix + ./driver.nix + ./interactive.nix + ./legacy.nix + ./meta.nix + ./name.nix + ./network.nix + ./nodes.nix + ./pkgs.nix + ./run.nix + ./testScript.nix + ]; + +in +{ + inherit evalTest runTest testModules; +} diff --git a/nixos/lib/testing/driver.nix b/nixos/lib/testing/driver.nix new file mode 100644 index 00000000000..04e99f9e21d --- /dev/null +++ b/nixos/lib/testing/driver.nix @@ -0,0 +1,188 @@ +{ config, lib, hostPkgs, ... }: +let + inherit (lib) mkOption types literalMD mdDoc; + + # Reifies and correctly wraps the python test driver for + # the respective qemu version and with or without ocr support + testDriver = hostPkgs.callPackage ../test-driver { + inherit (config) enableOCR extraPythonPackages; + qemu_pkg = config.qemu.package; + imagemagick_light = hostPkgs.imagemagick_light.override { inherit (hostPkgs) libtiff; }; + tesseract4 = hostPkgs.tesseract4.override { enableLanguages = [ "eng" ]; }; + }; + + + vlans = map (m: m.virtualisation.vlans) (lib.attrValues config.nodes); + vms = map (m: m.system.build.vm) (lib.attrValues config.nodes); + + nodeHostNames = + let + nodesList = map (c: c.system.name) (lib.attrValues config.nodes); + in + nodesList ++ lib.optional (lib.length nodesList == 1 && !lib.elem "machine" nodesList) "machine"; + + # TODO: This is an implementation error and needs fixing + # the testing famework cannot legitimately restrict hostnames further + # beyond RFC1035 + invalidNodeNames = lib.filter + (node: builtins.match "^[A-z_]([A-z0-9_]+)?$" node == null) + nodeHostNames; + + uniqueVlans = lib.unique (builtins.concatLists vlans); + vlanNames = map (i: "vlan${toString i}: VLan;") uniqueVlans; + machineNames = map (name: "${name}: Machine;") nodeHostNames; + + withChecks = + if lib.length invalidNodeNames > 0 then + throw '' + Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})! + All machines are referenced as python variables in the testing framework which will break the + script when special characters are used. + + This is an IMPLEMENTATION ERROR and needs to be fixed. Meanwhile, + please stick to alphanumeric chars and underscores as separation. + '' + else + lib.warnIf config.skipLint "Linting is disabled"; + + driver = + hostPkgs.runCommand "nixos-test-driver-${config.name}" + { + # inherit testName; TODO (roberth): need this? + nativeBuildInputs = [ + hostPkgs.makeWrapper + ] ++ lib.optionals (!config.skipTypeCheck) [ hostPkgs.mypy ]; + buildInputs = [ testDriver ]; + testScript = config.testScriptString; + preferLocalBuild = true; + passthru = config.passthru; + meta = config.meta // { + mainProgram = "nixos-test-driver"; + }; + } + '' + mkdir -p $out/bin + + vmStartScripts=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done)) + + ${lib.optionalString (!config.skipTypeCheck) '' + # prepend type hints so the test script can be type checked with mypy + cat "${../test-script-prepend.py}" >> testScriptWithTypes + echo "${builtins.toString machineNames}" >> testScriptWithTypes + echo "${builtins.toString vlanNames}" >> testScriptWithTypes + echo -n "$testScript" >> testScriptWithTypes + + cat -n testScriptWithTypes + + mypy --no-implicit-optional \ + --pretty \ + --no-color-output \ + testScriptWithTypes + ''} + + echo -n "$testScript" >> $out/test-script + + ln -s ${testDriver}/bin/nixos-test-driver $out/bin/nixos-test-driver + + ${testDriver}/bin/generate-driver-symbols + ${lib.optionalString (!config.skipLint) '' + PYFLAKES_BUILTINS="$( + echo -n ${lib.escapeShellArg (lib.concatStringsSep "," nodeHostNames)}, + < ${lib.escapeShellArg "driver-symbols"} + )" ${hostPkgs.python3Packages.pyflakes}/bin/pyflakes $out/test-script + ''} + + # set defaults through environment + # see: ./test-driver/test-driver.py argparse implementation + wrapProgram $out/bin/nixos-test-driver \ + --set startScripts "''${vmStartScripts[*]}" \ + --set testScript "$out/test-script" \ + --set vlans '${toString vlans}' \ + ${lib.escapeShellArgs (lib.concatMap (arg: ["--add-flags" arg]) config.extraDriverArgs)} + ''; + +in +{ + options = { + + driver = mkOption { + description = mdDoc "Package containing a script that runs the test."; + type = types.package; + defaultText = literalMD "set by the test framework"; + }; + + hostPkgs = mkOption { + description = mdDoc "Nixpkgs attrset used outside the nodes."; + type = types.raw; + example = lib.literalExpression '' + import nixpkgs { inherit system config overlays; } + ''; + }; + + qemu.package = mkOption { + description = mdDoc "Which qemu package to use for the virtualisation of [{option}`nodes`](#opt-nodes)."; + type = types.package; + default = hostPkgs.qemu_test; + defaultText = "hostPkgs.qemu_test"; + }; + + enableOCR = mkOption { + description = mdDoc '' + Whether to enable Optical Character Recognition functionality for + testing graphical programs. See [Machine objects](`ssec-machine-objects`). + ''; + type = types.bool; + default = false; + }; + + extraPythonPackages = mkOption { + description = mdDoc '' + Python packages to add to the test driver. + + The argument is a Python package set, similar to `pkgs.pythonPackages`. + ''; + example = lib.literalExpression '' + p: [ p.numpy ] + ''; + type = types.functionTo (types.listOf types.package); + default = ps: [ ]; + }; + + extraDriverArgs = mkOption { + description = mdDoc '' + Extra arguments to pass to the test driver. + + They become part of [{option}`driver`](#opt-driver) via `wrapProgram`. + ''; + type = types.listOf types.str; + default = []; + }; + + skipLint = mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Do not run the linters. This may speed up your iteration cycle, but it is not something you should commit. + ''; + }; + + skipTypeCheck = mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Disable type checking. This must not be enabled for new NixOS tests. + + This may speed up your iteration cycle, unless you're working on the [{option}`testScript`](#opt-testScript). + ''; + }; + }; + + config = { + _module.args.hostPkgs = config.hostPkgs; + + driver = withChecks driver; + + # make available on the test runner + passthru.driver = config.driver; + }; +} diff --git a/nixos/lib/testing/interactive.nix b/nixos/lib/testing/interactive.nix new file mode 100644 index 00000000000..317ed424188 --- /dev/null +++ b/nixos/lib/testing/interactive.nix @@ -0,0 +1,45 @@ +{ config, lib, moduleType, hostPkgs, ... }: +let + inherit (lib) mkOption types mdDoc; +in +{ + options = { + interactive = mkOption { + description = mdDoc '' + Tests [can be run interactively](#sec-running-nixos-tests-interactively) + using the program in the test derivation's `.driverInteractive` attribute. + + When they are, the configuration will include anything set in this submodule. + + You can set any top-level test option here. + + Example test module: + + ```nix + { config, lib, ... }: { + + nodes.rabbitmq = { + services.rabbitmq.enable = true; + }; + + # When running interactively ... + interactive.nodes.rabbitmq = { + # ... enable the web ui. + services.rabbitmq.managementPlugin.enable = true; + }; + } + ``` + + For details, see the section about [running tests interactively](#sec-running-nixos-tests-interactively). + ''; + type = moduleType; + visible = "shallow"; + }; + }; + + config = { + interactive.qemu.package = hostPkgs.qemu; + interactive.extraDriverArgs = [ "--interactive" ]; + passthru.driverInteractive = config.interactive.driver; + }; +} diff --git a/nixos/lib/testing/legacy.nix b/nixos/lib/testing/legacy.nix new file mode 100644 index 00000000000..868b8b65b17 --- /dev/null +++ b/nixos/lib/testing/legacy.nix @@ -0,0 +1,25 @@ +{ config, options, lib, ... }: +let + inherit (lib) mkIf mkOption types; +in +{ + # This needs options.warnings, which we don't have (yet?). + # imports = [ + # (lib.mkRenamedOptionModule [ "machine" ] [ "nodes" "machine" ]) + # ]; + + options = { + machine = mkOption { + internal = true; + type = types.raw; + }; + }; + + config = { + nodes = mkIf options.machine.isDefined ( + lib.warn + "In test `${config.name}': The `machine' attribute in NixOS tests (pkgs.nixosTest / make-test-python.nix / testing-python.nix / makeTest) is deprecated. Please set the equivalent `nodes.machine'." + { inherit (config) machine; } + ); + }; +} diff --git a/nixos/lib/testing/meta.nix b/nixos/lib/testing/meta.nix new file mode 100644 index 00000000000..4d8b0e0f1c4 --- /dev/null +++ b/nixos/lib/testing/meta.nix @@ -0,0 +1,42 @@ +{ lib, ... }: +let + inherit (lib) types mkOption mdDoc; +in +{ + options = { + meta = lib.mkOption { + description = mdDoc '' + The [`meta`](https://nixos.org/manual/nixpkgs/stable/#chap-meta) attributes that will be set on the returned derivations. + + Not all [`meta`](https://nixos.org/manual/nixpkgs/stable/#chap-meta) attributes are supported, but more can be added as desired. + ''; + apply = lib.filterAttrs (k: v: v != null); + type = types.submodule { + options = { + maintainers = lib.mkOption { + type = types.listOf types.raw; + default = []; + description = mdDoc '' + The [list of maintainers](https://nixos.org/manual/nixpkgs/stable/#var-meta-maintainers) for this test. + ''; + }; + timeout = lib.mkOption { + type = types.nullOr types.int; + default = null; # NOTE: null values are filtered out by `meta`. + description = mdDoc '' + The [{option}`test`](#opt-test)'s [`meta.timeout`](https://nixos.org/manual/nixpkgs/stable/#var-meta-timeout) in seconds. + ''; + }; + broken = lib.mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Sets the [`meta.broken`](https://nixos.org/manual/nixpkgs/stable/#var-meta-broken) attribute on the [{option}`test`](#opt-test) derivation. + ''; + }; + }; + }; + default = {}; + }; + }; +} diff --git a/nixos/lib/testing/name.nix b/nixos/lib/testing/name.nix new file mode 100644 index 00000000000..a54622e139b --- /dev/null +++ b/nixos/lib/testing/name.nix @@ -0,0 +1,14 @@ +{ lib, ... }: +let + inherit (lib) mkOption types mdDoc; +in +{ + options.name = mkOption { + description = mdDoc '' + The name of the test. + + This is used in the derivation names of the [{option}`driver`](#opt-driver) and [{option}`test`](#opt-test) runner. + ''; + type = types.str; + }; +} diff --git a/nixos/lib/testing/network.nix b/nixos/lib/testing/network.nix new file mode 100644 index 00000000000..04ea9a2bc9f --- /dev/null +++ b/nixos/lib/testing/network.nix @@ -0,0 +1,117 @@ +{ lib, nodes, ... }: + +let + inherit (lib) + attrNames concatMap concatMapStrings flip forEach head + listToAttrs mkDefault mkOption nameValuePair optionalString + range types zipListsWith zipLists + mdDoc + ; + + nodeNumbers = + listToAttrs + (zipListsWith + nameValuePair + (attrNames nodes) + (range 1 254) + ); + + networkModule = { config, nodes, pkgs, ... }: + let + interfacesNumbered = zipLists config.virtualisation.vlans (range 1 255); + interfaces = forEach interfacesNumbered ({ fst, snd }: + nameValuePair "eth${toString snd}" { + ipv4.addresses = + [{ + address = "192.168.${toString fst}.${toString config.virtualisation.test.nodeNumber}"; + prefixLength = 24; + }]; + }); + + networkConfig = + { + networking.hostName = mkDefault config.virtualisation.test.nodeName; + + networking.interfaces = listToAttrs interfaces; + + networking.primaryIPAddress = + optionalString (interfaces != [ ]) (head (head interfaces).value.ipv4.addresses).address; + + # Put the IP addresses of all VMs in this machine's + # /etc/hosts file. If a machine has multiple + # interfaces, use the IP address corresponding to + # the first interface (i.e. the first network in its + # virtualisation.vlans option). + networking.extraHosts = flip concatMapStrings (attrNames nodes) + (m': + let config = nodes.${m'}; in + optionalString (config.networking.primaryIPAddress != "") + ("${config.networking.primaryIPAddress} " + + optionalString (config.networking.domain != null) + "${config.networking.hostName}.${config.networking.domain} " + + "${config.networking.hostName}\n")); + + virtualisation.qemu.options = + let qemu-common = import ../qemu-common.nix { inherit lib pkgs; }; + in + flip concatMap interfacesNumbered + ({ fst, snd }: qemu-common.qemuNICFlags snd fst config.virtualisation.test.nodeNumber); + }; + + in + { + key = "ip-address"; + config = networkConfig // { + # Expose the networkConfig items for tests like nixops + # that need to recreate the network config. + system.build.networkConfig = networkConfig; + }; + }; + + nodeNumberModule = (regular@{ config, name, ... }: { + options = { + virtualisation.test.nodeName = mkOption { + internal = true; + default = name; + # We need to force this in specilisations, otherwise it'd be + # readOnly = true; + description = mdDoc '' + The `name` in `nodes.<name>`; stable across `specialisations`. + ''; + }; + virtualisation.test.nodeNumber = mkOption { + internal = true; + type = types.int; + readOnly = true; + default = nodeNumbers.${config.virtualisation.test.nodeName}; + description = mdDoc '' + A unique number assigned for each node in `nodes`. + ''; + }; + + # specialisations override the `name` module argument, + # so we push the real `virtualisation.test.nodeName`. + specialisation = mkOption { + type = types.attrsOf (types.submodule { + options.configuration = mkOption { + type = types.submoduleWith { + modules = [ + { + config.virtualisation.test.nodeName = + # assert regular.config.virtualisation.test.nodeName != "configuration"; + regular.config.virtualisation.test.nodeName; + } + ]; + }; + }; + }); + }; + }; + }); + +in +{ + config = { + extraBaseModules = { imports = [ networkModule nodeNumberModule ]; }; + }; +} diff --git a/nixos/lib/testing/nixos-test-base.nix b/nixos/lib/testing/nixos-test-base.nix new file mode 100644 index 00000000000..59e6e384336 --- /dev/null +++ b/nixos/lib/testing/nixos-test-base.nix @@ -0,0 +1,23 @@ +# A module containing the base imports and overrides that +# are always applied in NixOS VM tests, unconditionally, +# even in `inheritParentConfig = false` specialisations. +{ lib, ... }: +let + inherit (lib) mkForce; +in +{ + imports = [ + ../../modules/virtualisation/qemu-vm.nix + ../../modules/testing/test-instrumentation.nix # !!! should only get added for automated test runs + { key = "no-manual"; documentation.nixos.enable = false; } + { + key = "no-revision"; + # Make the revision metadata constant, in order to avoid needless retesting. + # The human version (e.g. 21.05-pre) is left as is, because it is useful + # for external modules that test with e.g. testers.nixosTest and rely on that + # version number. + config.system.nixos.revision = mkForce "constant-nixos-revision"; + } + + ]; +} diff --git a/nixos/lib/testing/nodes.nix b/nixos/lib/testing/nodes.nix new file mode 100644 index 00000000000..765af2878df --- /dev/null +++ b/nixos/lib/testing/nodes.nix @@ -0,0 +1,112 @@ +testModuleArgs@{ config, lib, hostPkgs, nodes, ... }: + +let + inherit (lib) mkOption mkForce optional types mapAttrs mkDefault mdDoc; + + system = hostPkgs.stdenv.hostPlatform.system; + + baseOS = + import ../eval-config.nix { + inherit system; + inherit (config.node) specialArgs; + modules = [ config.defaults ]; + baseModules = (import ../../modules/module-list.nix) ++ + [ + ./nixos-test-base.nix + { key = "nodes"; _module.args.nodes = config.nodesCompat; } + ({ config, ... }: + { + virtualisation.qemu.package = testModuleArgs.config.qemu.package; + + # Ensure we do not use aliases. Ideally this is only set + # when the test framework is used by Nixpkgs NixOS tests. + nixpkgs.config.allowAliases = false; + }) + testModuleArgs.config.extraBaseModules + ] ++ optional config.minimal ../../modules/testing/minimal-kernel.nix; + }; + + +in + +{ + + options = { + node.type = mkOption { + type = types.raw; + default = baseOS.type; + internal = true; + }; + + nodes = mkOption { + type = types.lazyAttrsOf config.node.type; + visible = "shallow"; + description = mdDoc '' + An attribute set of NixOS configuration modules. + + The configurations are augmented by the [`defaults`](#opt-defaults) option. + + They are assigned network addresses according to the `nixos/lib/testing/network.nix` module. + + A few special options are available, that aren't in a plain NixOS configuration. See [Configuring the nodes](#sec-nixos-test-nodes) + ''; + }; + + defaults = mkOption { + description = mdDoc '' + NixOS configuration that is applied to all [{option}`nodes`](#opt-nodes). + ''; + type = types.deferredModule; + default = { }; + }; + + extraBaseModules = mkOption { + description = mdDoc '' + NixOS configuration that, like [{option}`defaults`](#opt-defaults), is applied to all [{option}`nodes`](#opt-nodes) and can not be undone with [`specialisation.<name>.inheritParentConfig`](https://search.nixos.org/options?show=specialisation.%3Cname%3E.inheritParentConfig&from=0&size=50&sort=relevance&type=packages&query=specialisation). + ''; + type = types.deferredModule; + default = { }; + }; + + node.specialArgs = mkOption { + type = types.lazyAttrsOf types.raw; + default = { }; + description = mdDoc '' + An attribute set of arbitrary values that will be made available as module arguments during the resolution of module `imports`. + + Note that it is not possible to override these from within the NixOS configurations. If you argument is not relevant to `imports`, consider setting {option}`defaults._module.args.<name>` instead. + ''; + }; + + minimal = mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Enable to configure all [{option}`nodes`](#opt-nodes) to run with a minimal kernel. + ''; + }; + + nodesCompat = mkOption { + internal = true; + description = mdDoc '' + Basically `_module.args.nodes`, but with backcompat and warnings added. + + This will go away. + ''; + }; + }; + + config = { + _module.args.nodes = config.nodesCompat; + nodesCompat = + mapAttrs + (name: config: config // { + config = lib.warn + "Module argument `nodes.${name}.config` is deprecated. Use `nodes.${name}` instead." + config; + }) + config.nodes; + + passthru.nodes = config.nodesCompat; + }; +} diff --git a/nixos/lib/testing/pkgs.nix b/nixos/lib/testing/pkgs.nix new file mode 100644 index 00000000000..22dd586868e --- /dev/null +++ b/nixos/lib/testing/pkgs.nix @@ -0,0 +1,11 @@ +{ config, lib, hostPkgs, ... }: +{ + config = { + # default pkgs for use in VMs + _module.args.pkgs = hostPkgs; + + defaults = { + # TODO: a module to set a shared pkgs, if options.nixpkgs.* is untouched by user (highestPrio) */ + }; + }; +} diff --git a/nixos/lib/testing/run.nix b/nixos/lib/testing/run.nix new file mode 100644 index 00000000000..0cd07d8afd2 --- /dev/null +++ b/nixos/lib/testing/run.nix @@ -0,0 +1,57 @@ +{ config, hostPkgs, lib, ... }: +let + inherit (lib) types mkOption mdDoc; +in +{ + options = { + passthru = mkOption { + type = types.lazyAttrsOf types.raw; + description = mdDoc '' + Attributes to add to the returned derivations, + which are not necessarily part of the build. + + This is a bit like doing `drv // { myAttr = true; }` (which would be lost by `overrideAttrs`). + It does not change the actual derivation, but adds the attribute nonetheless, so that + consumers of what would be `drv` have more information. + ''; + }; + + test = mkOption { + type = types.package; + # TODO: can the interactive driver be configured to access the network? + description = mdDoc '' + Derivation that runs the test as its "build" process. + + This implies that NixOS tests run isolated from the network, making them + more dependable. + ''; + }; + }; + + config = { + test = lib.lazyDerivation { # lazyDerivation improves performance when only passthru items and/or meta are used. + derivation = hostPkgs.stdenv.mkDerivation { + name = "vm-test-run-${config.name}"; + + requiredSystemFeatures = [ "kvm" "nixos-test" ]; + + buildCommand = '' + mkdir -p $out + + # effectively mute the XMLLogger + export LOGFILE=/dev/null + + ${config.driver}/bin/nixos-test-driver -o $out + ''; + + passthru = config.passthru; + + meta = config.meta; + }; + inherit (config) passthru meta; + }; + + # useful for inspection (debugging / exploration) + passthru.config = config; + }; +} diff --git a/nixos/lib/testing/testScript.nix b/nixos/lib/testing/testScript.nix new file mode 100644 index 00000000000..5d4181c5f5d --- /dev/null +++ b/nixos/lib/testing/testScript.nix @@ -0,0 +1,84 @@ +testModuleArgs@{ config, lib, hostPkgs, nodes, moduleType, ... }: +let + inherit (lib) mkOption types mdDoc; + inherit (types) either str functionTo; +in +{ + options = { + testScript = mkOption { + type = either str (functionTo str); + description = '' + A series of python declarations and statements that you write to perform + the test. + ''; + }; + testScriptString = mkOption { + type = str; + readOnly = true; + internal = true; + }; + + includeTestScriptReferences = mkOption { + type = types.bool; + default = true; + internal = true; + }; + withoutTestScriptReferences = mkOption { + type = moduleType; + description = mdDoc '' + A parallel universe where the testScript is invalid and has no references. + ''; + internal = true; + visible = false; + }; + }; + config = { + withoutTestScriptReferences.includeTestScriptReferences = false; + withoutTestScriptReferences.testScript = lib.mkForce "testscript omitted"; + + testScriptString = + if lib.isFunction config.testScript + then + config.testScript + { + nodes = + lib.mapAttrs + (k: v: + if v.virtualisation.useNixStoreImage + then + # prevent infinite recursion when testScript would + # reference v's toplevel + config.withoutTestScriptReferences.nodesCompat.${k} + else + # reuse memoized config + v + ) + config.nodesCompat; + } + else config.testScript; + + defaults = { config, name, ... }: { + # Make sure all derivations referenced by the test + # script are available on the nodes. When the store is + # accessed through 9p, this isn't important, since + # everything in the store is available to the guest, + # but when building a root image it is, as all paths + # that should be available to the guest has to be + # copied to the image. + virtualisation.additionalPaths = + lib.optional + # A testScript may evaluate nodes, which has caused + # infinite recursions. The demand cycle involves: + # testScript --> + # nodes --> + # toplevel --> + # additionalPaths --> + # hasContext testScript' --> + # testScript (ad infinitum) + # If we don't need to build an image, we can break this + # cycle by short-circuiting when useNixStoreImage is false. + (config.virtualisation.useNixStoreImage && builtins.hasContext testModuleArgs.config.testScriptString && testModuleArgs.config.includeTestScriptReferences) + (hostPkgs.writeStringReferencesToFile testModuleArgs.config.testScriptString); + }; + }; +} diff --git a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix index b4a94f62ad9..ced344bce23 100644 --- a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix +++ b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix @@ -15,7 +15,7 @@ let inherit system pkgs; }; - interactiveDriver = (testing.makeTest { inherit nodes; testScript = "start_all(); join_all();"; }).driverInteractive; + interactiveDriver = (testing.makeTest { inherit nodes; name = "network"; testScript = "start_all(); join_all();"; }).driverInteractive; in diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 50446e3ee59..9f3cad39786 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1236,6 +1236,7 @@ ./system/boot/systemd/journald.nix ./system/boot/systemd/logind.nix ./system/boot/systemd/nspawn.nix + ./system/boot/systemd/oomd.nix ./system/boot/systemd/shutdown.nix ./system/boot/systemd/tmpfiles.nix ./system/boot/systemd/user.nix diff --git a/nixos/modules/services/misc/klipper.nix b/nixos/modules/services/misc/klipper.nix index 9b2f585d3ff..a2158e9461b 100644 --- a/nixos/modules/services/misc/klipper.nix +++ b/nixos/modules/services/misc/klipper.nix @@ -35,6 +35,30 @@ in description = lib.mdDoc "Path of the API socket to create."; }; + mutableConfig = mkOption { + type = types.bool; + default = false; + example = true; + description = lib.mdDoc '' + Whether to copy the config to a mutable directory instead of using the one directly from the nix store. + This will only copy the config if the file at `services.klipper.mutableConfigPath` doesn't exist. + ''; + }; + + mutableConfigFolder = mkOption { + type = types.path; + default = "/var/lib/klipper"; + description = lib.mdDoc "Path to mutable Klipper config file."; + }; + + configFile = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc '' + Path to default Klipper config. + ''; + }; + octoprintIntegration = mkOption { type = types.bool; default = false; @@ -62,8 +86,8 @@ in }; settings = mkOption { - type = format.type; - default = { }; + type = types.nullOr format.type; + default = null; description = lib.mdDoc '' Configuration for Klipper. See the [documentation](https://www.klipper3d.org/Overview.html#configuration-and-tuning-guides) for supported values. @@ -80,6 +104,10 @@ in building of firmware and addition of klipper-flash tools for manual flashing. This will add `klipper-flash-$mcu` scripts to your environment which can be called to flash the firmware. ''); + serial = mkOption { + type = types.nullOr path; + description = lib.mdDoc "Path to serial port this printer is connected to. Leave `null` to derive it from `service.klipper.settings`."; + }; configFile = mkOption { type = path; description = lib.mdDoc "Path to firmware config which is generated using `klipper-genconf`"; @@ -95,19 +123,25 @@ in assertions = [ { assertion = cfg.octoprintIntegration -> config.services.octoprint.enable; - message = "Option klipper.octoprintIntegration requires Octoprint to be enabled on this system. Please enable services.octoprint to use it."; + message = "Option services.klipper.octoprintIntegration requires Octoprint to be enabled on this system. Please enable services.octoprint to use it."; } { assertion = cfg.user != null -> cfg.group != null; - message = "Option klipper.group is not set when a user is specified."; + message = "Option services.klipper.group is not set when services.klipper.user is specified."; + } + { + assertion = cfg.settings != null -> foldl (a: b: a && b) true (mapAttrsToList (mcu: _: mcu != null -> (hasAttrByPath [ "${mcu}" "serial" ] cfg.settings)) cfg.firmwares); + message = "Option services.klipper.settings.$mcu.serial must be set when settings.klipper.firmware.$mcu is specified"; } { - assertion = foldl (a: b: a && b) true (mapAttrsToList (mcu: _: mcu != null -> (hasAttrByPath [ "${mcu}" "serial" ] cfg.settings)) cfg.firmwares); - message = "Option klipper.settings.$mcu.serial must be set when klipper.firmware.$mcu is specified"; + assertion = (cfg.configFile != null) != (cfg.settings != null); + message = "You need to either specify services.klipper.settings or services.klipper.defaultConfig."; } ]; - environment.etc."klipper.cfg".source = format.generate "klipper.cfg" cfg.settings; + environment.etc = mkIf (!cfg.mutableConfig) { + "klipper.cfg".source = if cfg.settings != null then format.generate "klipper.cfg" cfg.settings else cfg.configFile; + }; services.klipper = mkIf cfg.octoprintIntegration { user = config.services.octoprint.user; @@ -118,15 +152,34 @@ in let klippyArgs = "--input-tty=${cfg.inputTTY}" + optionalString (cfg.apiSocket != null) " --api-server=${cfg.apiSocket}"; + printerConfigPath = + if cfg.mutableConfig + then cfg.mutableConfigFolder + "/printer.cfg" + else "/etc/klipper.cfg"; + printerConfigFile = + if cfg.settings != null + then format.generate "klipper.cfg" cfg.settings + else cfg.configFile; in { description = "Klipper 3D Printer Firmware"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; + preStart = '' + mkdir -p ${cfg.mutableConfigFolder} + ${lib.optionalString (cfg.mutableConfig) '' + [ -e ${printerConfigPath} ] || { + cp ${printerConfigFile} ${printerConfigPath} + chmod +w ${printerConfigPath} + } + ''} + mkdir -p ${cfg.mutableConfigFolder}/gcodes + ''; serviceConfig = { - ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} /etc/klipper.cfg"; + ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} ${printerConfigPath}"; RuntimeDirectory = "klipper"; + StateDirectory = "klipper"; SupplementaryGroups = [ "dialout" ]; WorkingDirectory = "${cfg.package}/lib"; OOMScoreAdjust = "-999"; @@ -134,6 +187,7 @@ in CPUSchedulingPriority = 99; IOSchedulingClass = "realtime"; IOSchedulingPriority = 0; + UMask = "0002"; } // (if cfg.user != null then { Group = cfg.group; User = cfg.user; @@ -146,8 +200,9 @@ in environment.systemPackages = with pkgs; let + default = a: b: if a != null then a else b; firmwares = filterAttrs (n: v: v!= null) (mapAttrs - (mcu: { enable, configFile }: if enable then pkgs.klipper-firmware.override { + (mcu: { enable, configFile, serial }: if enable then pkgs.klipper-firmware.override { mcu = lib.strings.sanitizeDerivationName mcu; firmwareConfig = configFile; } else null) @@ -156,11 +211,14 @@ in (mcu: firmware: pkgs.klipper-flash.override { mcu = lib.strings.sanitizeDerivationName mcu; klipper-firmware = firmware; - flashDevice = cfg.settings."${mcu}".serial; + flashDevice = default cfg.firmwares."${mcu}".serial cfg.settings."${mcu}".serial; firmwareConfig = cfg.firmwares."${mcu}".configFile; }) firmwares; in [ klipper-genconf ] ++ firmwareFlasher ++ attrValues firmwares; }; + meta.maintainers = [ + maintainers.cab404 + ]; } diff --git a/nixos/modules/services/web-servers/caddy/default.nix b/nixos/modules/services/web-servers/caddy/default.nix index e364cb33be3..e1456091717 100644 --- a/nixos/modules/services/web-servers/caddy/default.nix +++ b/nixos/modules/services/web-servers/caddy/default.nix @@ -26,7 +26,7 @@ let configFile = let - Caddyfile = pkgs.writeText "Caddyfile" '' + Caddyfile = pkgs.writeTextDir "Caddyfile" '' { ${cfg.globalConfig} } @@ -34,10 +34,11 @@ let ''; Caddyfile-formatted = pkgs.runCommand "Caddyfile-formatted" { nativeBuildInputs = [ cfg.package ]; } '' - ${cfg.package}/bin/caddy fmt ${Caddyfile} > $out + mkdir -p $out + ${cfg.package}/bin/caddy fmt ${Caddyfile}/Caddyfile > $out/Caddyfile ''; in - if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform then Caddyfile-formatted else Caddyfile; + "${if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform then Caddyfile-formatted else Caddyfile}/Caddyfile"; acmeHosts = unique (catAttrs "useACMEHost" acmeVHosts); @@ -142,7 +143,7 @@ in default = configFile; defaultText = "A Caddyfile automatically generated by values from services.caddy.*"; example = literalExpression '' - pkgs.writeText "Caddyfile" ''' + pkgs.writeTextDir "Caddyfile" ''' example.com root * /var/www/wordpress @@ -157,17 +158,24 @@ in }; adapter = mkOption { - default = "caddyfile"; - example = "nginx"; - type = types.str; + default = null; + example = literalExpression "nginx"; + type = with types; nullOr str; description = lib.mdDoc '' Name of the config adapter to use. See <https://caddyserver.com/docs/config-adapters> for the full list. + If `null` is specified, the `--adapter` argument is omitted when + starting or restarting Caddy. Notably, this allows specification of a + configuration file in Caddy's native JSON format, as long as the + filename does not start with `Caddyfile` (in which case the `caddyfile` + adapter is implicitly enabled). See + <https://caddyserver.com/docs/command-line#caddy-run> for details. + ::: {.note} - Any value other than `caddyfile` is only valid when - providing your own {option}`configFile`. + Any value other than `null` or `caddyfile` is only valid when providing + your own `configFile`. ::: ''; }; @@ -264,8 +272,8 @@ in config = mkIf cfg.enable { assertions = [ - { assertion = cfg.adapter != "caddyfile" -> cfg.configFile != configFile; - message = "Any value other than 'caddyfile' is only valid when providing your own `services.caddy.configFile`"; + { assertion = cfg.configFile == configFile -> cfg.adapter == "caddyfile" || cfg.adapter == null; + message = "To specify an adapter other than 'caddyfile' please provide your own configuration via `services.caddy.configFile`"; } ] ++ map (name: mkCertOwnershipAssertion { inherit (cfg) group user; @@ -295,10 +303,9 @@ in serviceConfig = { # https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart= # If the empty string is assigned to this option, the list of commands to start is reset, prior assignments of this option will have no effect. - ExecStart = [ "" "${cfg.package}/bin/caddy run --config ${cfg.configFile} --adapter ${cfg.adapter} ${optionalString cfg.resume "--resume"}" ]; - ExecReload = [ "" "${cfg.package}/bin/caddy reload --config ${cfg.configFile} --adapter ${cfg.adapter} --force" ]; - - ExecStartPre = "${cfg.package}/bin/caddy validate --config ${cfg.configFile} --adapter ${cfg.adapter}"; + ExecStart = [ "" ''${cfg.package}/bin/caddy run --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"} ${optionalString cfg.resume "--resume"}'' ]; + ExecReload = [ "" ''${cfg.package}/bin/caddy reload --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"} --force'' ]; + ExecStartPre = ''${cfg.package}/bin/caddy validate --config ${cfg.configFile} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"}''; User = cfg.user; Group = cfg.group; ReadWriteDirectories = cfg.dataDir; diff --git a/nixos/modules/system/boot/systemd/oomd.nix b/nixos/modules/system/boot/systemd/oomd.nix new file mode 100644 index 00000000000..fad755e278c --- /dev/null +++ b/nixos/modules/system/boot/systemd/oomd.nix @@ -0,0 +1,57 @@ +{ config, lib, ... }: let + + cfg = config.systemd.oomd; + +in { + options.systemd.oomd = { + enable = lib.mkEnableOption (lib.mdDoc "the `systemd-oomd` OOM killer") // { default = true; }; + + # Fedora enables the first and third option by default. See the 10-oomd-* files here: + # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac351025597 + enableRootSlice = lib.mkEnableOption (lib.mdDoc "oomd on the root slice (`-.slice`)"); + enableSystemSlice = lib.mkEnableOption (lib.mdDoc "oomd on the system slice (`system.slice`)"); + enableUserServices = lib.mkEnableOption (lib.mdDoc "oomd on all user services (`user@.service`)"); + + extraConfig = lib.mkOption { + type = with lib.types; attrsOf (oneOf [ str int bool ]); + default = {}; + example = lib.literalExpression ''{ DefaultMemoryPressureDurationSec = "20s"; }''; + description = lib.mdDoc '' + Extra config options for `systemd-oomd`. See {command}`man oomd.conf` + for available options. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.additionalUpstreamSystemUnits = [ + "systemd-oomd.service" + "systemd-oomd.socket" + ]; + systemd.services.systemd-oomd.wantedBy = [ "multi-user.target" ]; + + environment.etc."systemd/oomd.conf".text = lib.generators.toINI {} { + OOM = cfg.extraConfig; + }; + + systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = lib.mkDefault "20s"; # Fedora default + + users.users.systemd-oom = { + description = "systemd-oomd service user"; + group = "systemd-oom"; + isSystemUser = true; + }; + users.groups.systemd-oom = { }; + + systemd.slices."-".sliceConfig = lib.mkIf cfg.enableRootSlice { + ManagedOOMSwap = "kill"; + }; + systemd.slices."system".sliceConfig = lib.mkIf cfg.enableSystemSlice { + ManagedOOMSwap = "kill"; + }; + systemd.services."user@".serviceConfig = lib.mkIf cfg.enableUserServices { + ManagedOOMMemoryPressure = "kill"; + ManagedOOMMemoryPressureLimit = "50%"; + }; + }; +} diff --git a/nixos/release.nix b/nixos/release.nix index f70b02c4292..4f27e5dbb21 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -22,8 +22,8 @@ let import ./tests/all-tests.nix { inherit system; pkgs = import ./.. { inherit system; }; - callTest = t: { - ${system} = hydraJob t.test; + callTest = config: { + ${system} = hydraJob config.test; }; } // { # for typechecking of the scripts and evaluation of @@ -32,8 +32,8 @@ let import ./tests/all-tests.nix { inherit system; pkgs = import ./.. { inherit system; }; - callTest = t: { - ${system} = hydraJob t.test.driver; + callTest = config: { + ${system} = hydraJob config.driver; }; }; }; diff --git a/nixos/tests/3proxy.nix b/nixos/tests/3proxy.nix index 8127438fabd..647d9d57c7f 100644 --- a/nixos/tests/3proxy.nix +++ b/nixos/tests/3proxy.nix @@ -1,6 +1,6 @@ -import ./make-test-python.nix ({ pkgs, ...} : { +{ lib, pkgs, ... }: { name = "3proxy"; - meta = with pkgs.lib.maintainers; { + meta = with lib.maintainers; { maintainers = [ misuzu ]; }; @@ -92,7 +92,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { networking.firewall.allowedTCPPorts = [ 3128 9999 ]; }; - peer3 = { lib, ... }: { + peer3 = { lib, pkgs, ... }: { networking.useDHCP = false; networking.interfaces.eth1 = { ipv4.addresses = [ @@ -186,4 +186,4 @@ import ./make-test-python.nix ({ pkgs, ...} : { "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://127.0.0.1:9999" ) ''; -}) +} diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index c07f99c5db3..d3a436080eb 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -1,7 +1,7 @@ -import ./make-test-python.nix ({ pkgs, lib, ... }: let +{ pkgs, lib, ... }: let commonConfig = ./common/acme/client; - dnsServerIP = nodes: nodes.dnsserver.config.networking.primaryIPAddress; + dnsServerIP = nodes: nodes.dnsserver.networking.primaryIPAddress; dnsScript = nodes: let dnsAddress = dnsServerIP nodes; @@ -153,7 +153,7 @@ in { description = "Pebble ACME challenge test server"; wantedBy = [ "network.target" ]; serviceConfig = { - ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.config.networking.primaryIPAddress}'"; + ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.networking.primaryIPAddress}'"; # Required to bind on privileged ports. AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; }; @@ -175,7 +175,7 @@ in { specialisation = { # First derivation used to test general ACME features general.configuration = { ... }: let - caDomain = nodes.acme.config.test-support.acme.caDomain; + caDomain = nodes.acme.test-support.acme.caDomain; email = config.security.acme.defaults.email; # Exit 99 to make it easier to track if this is the reason a renew failed accountCreateTester = '' @@ -316,7 +316,7 @@ in { testScript = { nodes, ... }: let - caDomain = nodes.acme.config.test-support.acme.caDomain; + caDomain = nodes.acme.test-support.acme.caDomain; newServerSystem = nodes.webserver.config.system.build.toplevel; switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test"; in @@ -438,7 +438,7 @@ in { client.wait_for_unit("default.target") client.succeed( - 'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.config.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a' + 'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a' ) acme.wait_for_unit("network-online.target") @@ -594,4 +594,4 @@ in { wait_for_server() check_connection_key_bits(client, test_domain, "384") ''; -}) +} diff --git a/nixos/tests/adguardhome.nix b/nixos/tests/adguardhome.nix index ddbe8ff9c11..1a220f99699 100644 --- a/nixos/tests/adguardhome.nix +++ b/nixos/tests/adguardhome.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix { +{ name = "adguardhome"; nodes = { diff --git a/nixos/tests/aesmd.nix b/nixos/tests/aesmd.nix index 9f07426be8d..5da661afd54 100644 --- a/nixos/tests/aesmd.nix +++ b/nixos/tests/aesmd.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, lib, ... }: { +{ pkgs, lib, ... }: { name = "aesmd"; meta = { maintainers = with lib.maintainers; [ veehaitch ]; @@ -59,4 +59,4 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { assert aesmd_config == "whitelist url = http://nixos.org\nproxy type = direct\ndefault quoting type = ecdsa_256\n", "aesmd.conf differs" ''; -}) +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 6d90d0112a0..403ddd4cd1c 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -1,4 +1,11 @@ -{ system, pkgs, callTest }: +{ system, + pkgs, + + # Projects the test configuration into a the desired value; usually + # the test runner: `config: config.test`. + callTest, + +}: # The return value of this function will be an attrset with arbitrary depth and # the `anything` returned by callTest at its test leafs. # The tests not supported by `system` will be replaced with `{}`, so that @@ -11,9 +18,18 @@ with pkgs.lib; let discoverTests = val: - if !isAttrs val then val - else if hasAttr "test" val then callTest val - else mapAttrs (n: s: discoverTests s) val; + if isAttrs val + then + if hasAttr "test" val then callTest val + else mapAttrs (n: s: discoverTests s) val + else if isFunction val + then + # Tests based on make-test-python.nix will return the second lambda + # in that file, which are then forwarded to the test definition + # following the `import make-test-python.nix` expression + # (if it is a function). + discoverTests (val { inherit system pkgs; }) + else val; handleTest = path: args: discoverTests (import path ({ inherit system pkgs; } // args)); handleTestOn = systems: path: args: @@ -27,12 +43,34 @@ let }; evalMinimalConfig = module: nixosLib.evalModules { modules = [ module ]; }; + inherit + (rec { + doRunTest = arg: (import ../lib/testing-python.nix { inherit system pkgs; }).runTest { + imports = [ arg { inherit callTest; } ]; + }; + findTests = tree: + if tree?recurseForDerivations && tree.recurseForDerivations + then + mapAttrs + (k: findTests) + (builtins.removeAttrs tree ["recurseForDerivations"]) + else callTest tree; + + runTest = arg: let r = doRunTest arg; in findTests r; + runTestOn = systems: arg: + if elem system systems then runTest arg + else {}; + }) + runTest + runTestOn + ; + in { - _3proxy = handleTest ./3proxy.nix {}; - acme = handleTest ./acme.nix {}; - adguardhome = handleTest ./adguardhome.nix {}; - aesmd = handleTest ./aesmd.nix {}; - agate = handleTest ./web-servers/agate.nix {}; + _3proxy = runTest ./3proxy.nix; + acme = runTest ./acme.nix; + adguardhome = runTest ./adguardhome.nix; + aesmd = runTest ./aesmd.nix; + agate = runTest ./web-servers/agate.nix; agda = handleTest ./agda.nix {}; airsonic = handleTest ./airsonic.nix {}; allTerminfo = handleTest ./all-terminfo.nix {}; @@ -568,6 +606,7 @@ in { systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {}; systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {}; systemd-nspawn = handleTest ./systemd-nspawn.nix {}; + systemd-oomd = handleTest ./systemd-oomd.nix {}; systemd-shutdown = handleTest ./systemd-shutdown.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-misc = handleTest ./systemd-misc.nix {}; diff --git a/nixos/tests/common/acme/client/default.nix b/nixos/tests/common/acme/client/default.nix index 9dbe345e7a0..503e610d1ac 100644 --- a/nixos/tests/common/acme/client/default.nix +++ b/nixos/tests/common/acme/client/default.nix @@ -1,7 +1,7 @@ { lib, nodes, pkgs, ... }: let - caCert = nodes.acme.config.test-support.acme.caCert; - caDomain = nodes.acme.config.test-support.acme.caDomain; + caCert = nodes.acme.test-support.acme.caCert; + caDomain = nodes.acme.test-support.acme.caDomain; in { security.acme = { diff --git a/nixos/tests/common/acme/server/default.nix b/nixos/tests/common/acme/server/default.nix index fa1b9b545d0..b81f860125c 100644 --- a/nixos/tests/common/acme/server/default.nix +++ b/nixos/tests/common/acme/server/default.nix @@ -18,10 +18,10 @@ # # example = { nodes, ... }: { # networking.nameservers = [ -# nodes.acme.config.networking.primaryIPAddress +# nodes.acme.networking.primaryIPAddress # ]; # security.pki.certificateFiles = [ -# nodes.acme.config.test-support.acme.caCert +# nodes.acme.test-support.acme.caCert # ]; # }; # } @@ -36,7 +36,7 @@ # acme = { nodes, lib, ... }: { # imports = [ ./common/acme/server ]; # networking.nameservers = lib.mkForce [ -# nodes.myresolver.config.networking.primaryIPAddress +# nodes.myresolver.networking.primaryIPAddress # ]; # }; # diff --git a/nixos/tests/corerad.nix b/nixos/tests/corerad.nix index 638010f92f4..b6f5d7fc6f7 100644 --- a/nixos/tests/corerad.nix +++ b/nixos/tests/corerad.nix @@ -1,5 +1,6 @@ import ./make-test-python.nix ( { + name = "corerad"; nodes = { router = {config, pkgs, ...}: { config = { diff --git a/nixos/tests/cri-o.nix b/nixos/tests/cri-o.nix index d3a8713d6a9..08e1e8f36b0 100644 --- a/nixos/tests/cri-o.nix +++ b/nixos/tests/cri-o.nix @@ -1,7 +1,7 @@ # This test runs CRI-O and verifies via critest import ./make-test-python.nix ({ pkgs, ... }: { name = "cri-o"; - meta.maintainers = with pkgs.lib.maintainers; teams.podman.members; + meta.maintainers = with pkgs.lib; teams.podman.members; nodes = { crio = { diff --git a/nixos/tests/ghostunnel.nix b/nixos/tests/ghostunnel.nix index 8bea6485402..91a7b7085f6 100644 --- a/nixos/tests/ghostunnel.nix +++ b/nixos/tests/ghostunnel.nix @@ -1,4 +1,5 @@ import ./make-test-python.nix ({ pkgs, ... }: { + name = "ghostunnel"; nodes = { backend = { pkgs, ... }: { services.nginx.enable = true; diff --git a/nixos/tests/installed-tests/default.nix b/nixos/tests/installed-tests/default.nix index 3bb678d3678..b2c1b43f90e 100644 --- a/nixos/tests/installed-tests/default.nix +++ b/nixos/tests/installed-tests/default.nix @@ -40,7 +40,7 @@ let name = tested.name; meta = { - maintainers = tested.meta.maintainers; + maintainers = tested.meta.maintainers or []; }; nodes.machine = { ... }: { diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 8bef4fad3dd..d9f64a781c5 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -324,6 +324,9 @@ let desktop-file-utils docbook5 docbook_xsl_ns + (docbook-xsl-ns.override { + withManOptDedupPatch = true; + }) kmod.dev libarchive.dev libxml2.bin @@ -333,6 +336,13 @@ let perlPackages.ListCompare perlPackages.XMLLibXML python3Minimal + # make-options-doc/default.nix + (let + self = (pkgs.python3Minimal.override { + inherit self; + includeSiteCustomize = true; + }); + in self.withPackages (p: [ p.mistune ])) shared-mime-info sudo texinfo diff --git a/nixos/tests/lorri/default.nix b/nixos/tests/lorri/default.nix index 209b87f9f26..a4bdc92490c 100644 --- a/nixos/tests/lorri/default.nix +++ b/nixos/tests/lorri/default.nix @@ -1,4 +1,6 @@ import ../make-test-python.nix { + name = "lorri"; + nodes.machine = { pkgs, ... }: { imports = [ ../../modules/profiles/minimal.nix ]; environment.systemPackages = [ pkgs.lorri ]; diff --git a/nixos/tests/matomo.nix b/nixos/tests/matomo.nix index 526a24fc4db..0e09ad295f9 100644 --- a/nixos/tests/matomo.nix +++ b/nixos/tests/matomo.nix @@ -7,6 +7,8 @@ with pkgs.lib; let matomoTest = package: makeTest { + name = "matomo"; + nodes.machine = { config, pkgs, ... }: { services.matomo = { package = package; diff --git a/nixos/tests/matrix/conduit.nix b/nixos/tests/matrix/conduit.nix index 780837f962f..2b81c23598e 100644 --- a/nixos/tests/matrix/conduit.nix +++ b/nixos/tests/matrix/conduit.nix @@ -3,6 +3,8 @@ import ../make-test-python.nix ({ pkgs, ... }: name = "conduit"; in { + name = "matrix-conduit"; + nodes = { conduit = args: { services.matrix-conduit = { diff --git a/nixos/tests/nixops/default.nix b/nixos/tests/nixops/default.nix index 227b3881507..b77ac247639 100644 --- a/nixos/tests/nixops/default.nix +++ b/nixos/tests/nixops/default.nix @@ -19,6 +19,7 @@ let }); testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({ + name = "nixops-legacy-network"; nodes = { deployer = { config, lib, nodes, pkgs, ... }: { imports = [ ../../modules/installer/cd-dvd/channel.nix ]; diff --git a/nixos/tests/pam/pam-file-contents.nix b/nixos/tests/pam/pam-file-contents.nix index 86c61003aeb..2bafd90618e 100644 --- a/nixos/tests/pam/pam-file-contents.nix +++ b/nixos/tests/pam/pam-file-contents.nix @@ -2,6 +2,7 @@ let name = "pam"; in import ../make-test-python.nix ({ pkgs, ... }: { + name = "pam-file-contents"; nodes.machine = { ... }: { imports = [ ../../modules/profiles/minimal.nix ]; diff --git a/nixos/tests/pppd.nix b/nixos/tests/pppd.nix index bda0aa75bb5..e714a6c21a6 100644 --- a/nixos/tests/pppd.nix +++ b/nixos/tests/pppd.nix @@ -5,6 +5,8 @@ import ./make-test-python.nix ( mode = "0640"; }; in { + name = "pppd"; + nodes = { server = {config, pkgs, ...}: { config = { diff --git a/nixos/tests/rabbitmq.nix b/nixos/tests/rabbitmq.nix index f8e8e61c47d..040679e68d9 100644 --- a/nixos/tests/rabbitmq.nix +++ b/nixos/tests/rabbitmq.nix @@ -1,6 +1,12 @@ # This test runs rabbitmq and checks if rabbitmq is up and running. -import ./make-test-python.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: +let + # in real life, you would keep this out of your repo and deploy it to a safe + # location using safe means. + configKeyPath = pkgs.writeText "fake-config-key" "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01"; +in +{ name = "rabbitmq"; meta = with pkgs.lib.maintainers; { maintainers = [ eelco offline ]; @@ -10,6 +16,29 @@ import ./make-test-python.nix ({ pkgs, ... }: { services.rabbitmq = { enable = true; managementPlugin.enable = true; + + # To encrypt: + # rabbitmqctl --quiet encode --cipher blowfish_cfb64 --hash sha256 \ + # --iterations 10000 '<<"dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw">>' \ + # "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01" ; + config = '' + [ { rabbit + , [ {default_user, <<"alice">>} + , { default_pass + , {encrypted,<<"oKKxyTze9PYmsEfl6FG1MxIUhxY7WPQL7HBoMPRC/1ZOdOZbtr9+DxjWW3e1D5SL48n3D9QOsGD0cOgYG7Qdvb7Txrepw8w=">>} + } + , {config_entry_decoder + , [ {passphrase, {file, <<"${configKeyPath}">>}} + , {cipher, blowfish_cfb64} + , {hash, sha256} + , {iterations, 10000} + ] + } + % , {rabbitmq_management, [{path_prefix, "/_queues"}]} + ] + } + ]. + ''; }; # Ensure there is sufficient extra disk space for rabbitmq to be happy virtualisation.diskSize = 1024; @@ -23,5 +52,10 @@ import ./make-test-python.nix ({ pkgs, ... }: { 'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"' ) machine.wait_for_open_port(15672) + + # The password is the plaintext that was encrypted with rabbitmqctl encode above. + machine.wait_until_succeeds( + '${pkgs.rabbitmq-java-client}/bin/PerfTest --time 10 --uri amqp://alice:dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw@localhost' + ) ''; }) diff --git a/nixos/tests/systemd-oomd.nix b/nixos/tests/systemd-oomd.nix new file mode 100644 index 00000000000..f0b5a5f8e01 --- /dev/null +++ b/nixos/tests/systemd-oomd.nix @@ -0,0 +1,37 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +{ + name = "systemd-oomd"; + + nodes.machine = { pkgs, ... }: { + systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = "1s"; # makes the test faster + # Kill cgroups when more than 1% pressure is encountered + systemd.slices."-".sliceConfig = { + ManagedOOMMemoryPressure = "kill"; + ManagedOOMMemoryPressureLimit = "1%"; + }; + # A service to bring the system under memory pressure + systemd.services.testservice = { + serviceConfig.ExecStart = "${pkgs.coreutils}/bin/tail /dev/zero"; + }; + # Do not kill the backdoor + systemd.services.backdoor.serviceConfig.ManagedOOMMemoryPressure = "auto"; + + virtualisation.memorySize = 1024; + }; + + testScript = '' + # Start the system + machine.wait_for_unit("multi-user.target") + machine.succeed("oomctl") + + # Bring the system into memory pressure + machine.succeed("echo 0 > /proc/sys/vm/panic_on_oom") # NixOS tests kill the VM when the OOM killer is invoked - override this + machine.succeed("systemctl start testservice") + + # Wait for oomd to kill something + # Matches these lines: + # systemd-oomd[508]: Killed /system.slice/systemd-udevd.service due to memory pressure for / being 3.26% > 1.00% for > 1s with reclaim activity + machine.wait_until_succeeds("journalctl -b | grep -q 'due to memory pressure for'") + ''; +}) diff --git a/nixos/tests/thelounge.nix b/nixos/tests/thelounge.nix index e9b85685bf2..8d5a37d46c4 100644 --- a/nixos/tests/thelounge.nix +++ b/nixos/tests/thelounge.nix @@ -1,4 +1,6 @@ import ./make-test-python.nix { + name = "thelounge"; + nodes = { private = { config, pkgs, ... }: { services.thelounge = { diff --git a/nixos/tests/web-servers/agate.nix b/nixos/tests/web-servers/agate.nix index e364e134cfd..e8d789a9ca4 100644 --- a/nixos/tests/web-servers/agate.nix +++ b/nixos/tests/web-servers/agate.nix @@ -1,29 +1,27 @@ -import ../make-test-python.nix ( - { pkgs, lib, ... }: - { - name = "agate"; - meta = with lib.maintainers; { maintainers = [ jk ]; }; +{ pkgs, lib, ... }: +{ + name = "agate"; + meta = with lib.maintainers; { maintainers = [ jk ]; }; - nodes = { - geminiserver = { pkgs, ... }: { - services.agate = { - enable = true; - hostnames = [ "localhost" ]; - contentDir = pkgs.writeTextDir "index.gmi" '' - # Hello NixOS! - ''; - }; + nodes = { + geminiserver = { pkgs, ... }: { + services.agate = { + enable = true; + hostnames = [ "localhost" ]; + contentDir = pkgs.writeTextDir "index.gmi" '' + # Hello NixOS! + ''; }; }; + }; - testScript = { nodes, ... }: '' - geminiserver.wait_for_unit("agate") - geminiserver.wait_for_open_port(1965) + testScript = { nodes, ... }: '' + geminiserver.wait_for_unit("agate") + geminiserver.wait_for_open_port(1965) - with subtest("check is serving over gemini"): - response = geminiserver.succeed("${pkgs.gmni}/bin/gmni -j once -i -N gemini://localhost:1965") - print(response) - assert "Hello NixOS!" in response - ''; - } -) + with subtest("check is serving over gemini"): + response = geminiserver.succeed("${pkgs.gmni}/bin/gmni -j once -i -N gemini://localhost:1965") + print(response) + assert "Hello NixOS!" in response + ''; +} diff --git a/nixos/tests/zrepl.nix b/nixos/tests/zrepl.nix index 85dd834a6aa..0ed73fea34b 100644 --- a/nixos/tests/zrepl.nix +++ b/nixos/tests/zrepl.nix @@ -1,5 +1,7 @@ import ./make-test-python.nix ( { + name = "zrepl"; + nodes.host = {config, pkgs, ...}: { config = { # Prerequisites for ZFS and tests. |