b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
489754 commits 2 branches 0 tags 3.3 GiB
Commit graph

6329 commits

Author SHA1 Message Date
Julien Malka 9631553153 Revert "nixos/ntfy-sh: add defaults, use dynamic user" 
This reverts commit 3dcca62a5e.
 2023-05-29 11:11:32 -04:00
Florian Klink 8b8a64d737
Merge pull request #234442 from rnhmjoj/pr-fix-ifnames 
network-interfaces-scripted: fix interface cleanup
 2023-05-29 15:14:12 +02:00
happysalada 3dcca62a5e nixos/ntfy-sh: add defaults, use dynamic user 2023-05-28 21:17:14 -04:00
Martin Weinelt 6b554aae1c
Merge pull request #234186 from hmenke/shadowsocks 
nixos/shadowsocks: wait for nginx to prevent race condition
 2023-05-29 01:37:36 +02:00
Alyssa Ross ad31856bd9
nixosTests.public-inbox: extend sleep 
5 seconds isn't reliably enough here on my system.
 2023-05-28 16:40:13 +00:00
Thomas Gerbet 85f15277d0 etcd: switch to etcd_3_5 2023-05-28 08:04:43 +10:00
rnhmjoj ea0b4a694a
nixos/test/networking: test unusual interface names 2023-05-27 19:19:37 +02:00
Victor Freire fca068a558 nixos/tests/legit: init 2023-05-27 16:20:05 +00:00
Raito Bezarius 69bb0f94de nixos/nginx: first-class PROXY protocol support 
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
 2023-05-26 19:48:26 +02:00
Ryan Lahfa 435237d641
Merge pull request #233350 from GrahamDennis/grahamdennis/testing-networks 
nixos/qemu-vm: add option for named network interfaces
 2023-05-26 15:57:01 +02:00
Henri Menke 7d621d6be5
nixos/shadowsocks: wait for nginx to prevent race condition 2023-05-26 11:24:21 +02:00
Weijia Wang 9b6c126355
Merge pull request #234116 from chkno/nar-serve-fix 
nixos/tests/nar-serve: Fix
 2023-05-26 11:43:24 +03:00
Scott Worley 8dcfb6853c nixos/tests/nar-serve: Fix 2023-05-25 19:10:22 -07:00
Yaya 931a1b97f7 nixos/tests/sftpgo: init 2023-05-25 22:46:15 +02:00
Sandro e29207b95a
Merge pull request #231630 from OPNA2608/fix/mir_keyboard_missing 
mir: Pull patch to fix evdev device misses
 2023-05-25 21:40:42 +02:00
Will Fancher fe43923a70
Merge pull request #229767 from mberndt123/mberndt123/stratis-rootfs 
nixos/stratis: initrd support for stratis root volumes
 2023-05-25 14:06:31 -04:00
zowoq 7a697fefe2 nixosTests.etcd-cluster: update name 2023-05-24 14:14:05 +10:00
zowoq 3865e5f46e nixosTests.etcd-cluster: fix test 
match changes in 25f3323d60
 2023-05-24 14:14:05 +10:00
Graham Dennis 93502aa3b1 nixos/qemu-vm: add option for named network interfaces 
Adds a new option to the virtualisation modules that enables specifying explicitly named network interfaces in QEMU VMs.
The existing `virtualisation.vlans` option is still supported for cases where the name of the network interface is irrelevant.
 2023-05-24 08:54:20 +10:00
Matthias Berndt feb5a3cdcd remove unneeded import 2023-05-23 14:56:49 +02:00
Alexander Sieg 5ade08168a
outline: add nixos test 2023-05-23 12:03:39 +02:00
0x4A6F afad0c152b
Merge pull request #214428 from mweinelt/frigate-init 
frigate: init at 0.12.0
 2023-05-22 18:29:37 +02:00
Ryan Lahfa 2e1e1f8765
Merge pull request #231502 from SuperSandro2000/portunus-openldap 
nixos/portunus: use openldap compiled with libxcrypt-legacy
 2023-05-22 18:20:52 +02:00
Naïm Favier 7b28ea6783
Merge pull request #233377 from ncfavier/revert-226088 
Revert "nixos/syncthing: use rfc42 style settings"
 2023-05-22 16:35:04 +02:00
Martin Weinelt c7ad6560b0
nixos/tests/frigate: init 
Starts a frigate instance with a dummy video stream provided by ffmpeg.

Co-Authored-By: fleaz <mail@felixbreidenstein.de>
 2023-05-22 16:29:55 +02:00
Will Fancher 636e03bef3
Merge pull request #232533 from nikstur/systemd-repart-create-root 
nixos/systemd-repart: enable creating root partition
 2023-05-22 09:13:00 -04:00
ajs124 b6ec248dd4
Merge pull request #233007 from LeSuisse/varnish73-init 
varnish73: init at 7.3.0
 2023-05-22 12:48:33 +02:00
Naïm Favier d5e090d2d8
Revert "nixos/syncthing: use rfc42 style settings" 
This reverts commit 32866f8d58.
This reverts commit 40a2df0fb0.
This reverts commit 4762932601.
 2023-05-22 10:29:52 +02:00
Ryan Lahfa 0e662e669a
Merge pull request #227642 from Flakebi/powerdns-admin2 
powerdns-admin: 0.3.0 -> 0.4.1
 2023-05-22 09:30:24 +02:00
Nick Cao cf577b1ef8
Merge pull request #232828 from Luflosi/update/apfsprogs 
apfsprogs: unstable-2023-03-21 -> unstable-2023-05-16
 2023-05-21 23:51:46 -06:00
Flakebi 1a13b4c0f9
powerdns-admin: 0.3.0 -> 0.4.1 
- Fix with flask-migrate 4+
- Update to 0.4.1
- Improve the test to check that using the database works
 2023-05-22 00:39:58 +02:00
Sandro Jäckel 00000006e9
nixos/tests: init portunus 2023-05-21 23:56:02 +02:00
Martin Weinelt f113e06f0f
Merge pull request #233245 from teutat3s/zhf/fix-prometheus-exporter-domain 
nixosTests.prometheus-exporters.domain fix test
 2023-05-21 22:05:56 +02:00
figsoda 611def187a
Merge pull request #233151 from Misterio77/headscale-better-test 
nixos/tests/headscale: test improvements
 2023-05-21 14:30:09 -04:00
Sandro a74a4a2f32
Merge pull request #232534 from teutat3s/zhf/fix-prometheus-exporter-jitsi 
jitsi-videobridge: refactor broken `apis` option to `colibriRestApi`
 2023-05-21 18:43:59 +02:00
Martin Weinelt 84229fb9cb
Merge pull request #233247 from teutat3s/zhf/fix-prometheus-exporter-statsd 
nixosTests.prometheus-exporters.statsd fix test
 2023-05-21 17:47:07 +02:00
teutat3s 810268b853
nixosTests.prometheus-exporters.statsd fix test 2023-05-21 17:10:44 +02:00
pennae 727086540f
Merge pull request #233238 from emilylange/username-change 
maintainers: rename indeednotjames to emilylange
 2023-05-21 17:07:05 +02:00
teutat3s 998819a01a
nixosTests.prometheus-exporters.domain fix test 2023-05-21 16:47:12 +02:00
emilylange b0e7f7f5db
maintainers: rename indeednotjames to emilylange 2023-05-21 16:01:35 +02:00
teutat3s cb81bd9340
jitsi-videobridge: refactor broken apis option to 
colibriRestApi

Refactor option to use jvb.conf and convert to boolean. Using the CLI
argument broke a while ago and is deprecated by upstream since 2021:
https://github.com/jitsi/jitsi-videobridge/pull/1738/files#diff-d9f589d2aae1673693461d7c3b9214324201ca1f43db63a3c773d4acfc52bc81

This fixes the currently broken test:
nixosTests.prometheus-exporters.jitsi
 2023-05-21 15:31:14 +02:00
Gabriel Fontes d18612fa7c
nixos/tests/headscale: test improvements 
The test covers actual headscale+tailscale usage now.
 2023-05-21 01:37:06 -03:00
Ryan Lahfa 07a84e229f
Merge pull request #232890 from nevivurn/feature/fix-fcitx5-test 
nixosTests.fcitx5: unbreak, add rest of CJK
 2023-05-20 17:54:51 +02:00
Robert Scott 04547deb91
Merge pull request #232884 from teutat3s/zhf/prometheus-exporters-json-test 
nixosTests.prometheus-exporters.json: fix test script
 2023-05-20 15:51:59 +01:00
Thomas Gerbet 16c6122a88 varnish73: init at 7.3.0 
https://varnish-cache.org/releases/rel7.3.0.html
 2023-05-20 13:49:24 +02:00
figsoda 202699c918 nixos/tests: fix typos 2023-05-19 22:31:04 -04:00
Martin Weinelt ee68357205
nixos/tests/home-assistant: Don't test matter 
It is affected by the OpenSSL 1.1 EOL and removing it makes hydra build
this test again.
 2023-05-20 00:31:07 +02:00
Yongun Seong 3be52dc1db
nixosTests.fcitx5: unbreak, add rest of CJK 2023-05-20 05:21:02 +09:00
teutat3s 1d556fd9f3
nixosTests.prometheus-exporters.json: fix test script 
Upstream changed the config format in https://github.com/prometheus-community/json_exporter/pull/146
 2023-05-19 21:49:55 +02:00
nikstur ef80e11032 nixos/systemd-repart: enable creating root partition 2023-05-19 15:54:55 +02:00