Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/master' into HEAD
Browse files Browse the repository at this point in the history
  • Loading branch information
@FRidh
FRidh committed Sep 7, 2017
2 parents 0c660ad + aabadda commit d38ee5b
Show file tree
Hide file tree
Showing 70 changed files with 1,478 additions and 248 deletions.
37 changes: 27 additions & 10 deletions .github/CODEOWNERS
View file
Validating CODEOWNERS rules …
Expand Up @@ -7,17 +7,34 @@
# For documentation on this file, see https://help.github.com/articles/about-codeowners/
# Mentioned users will get code review requests.

# Boostraping and core infra
pkgs/stdenv/ @Ericson2314
pkgs/build-support/cc-wrapper/ @Ericson2314

# Libraries
lib/ @Profpatsch

# Build-Support
pkgs/build-support @Profpatsch

# Python-related code and docs
pkgs/top-level/python-packages.nix @FRidh
pkgs/development/interpreters/python/* @FRidh
pkgs/development/python-modules/* @FRidh
doc/languages-frameworks/python.md @FRidh
pkgs/top-level/python-packages.nix @FRidh
pkgs/development/interpreters/python/* @FRidh
pkgs/development/python-modules/* @FRidh
doc/languages-frameworks/python.md @FRidh

# Boostraping and core infra
pkgs/stdenv/ @Ericson2314
pkgs/build-support/cc-wrapper/ @Ericson2314
# Haskell
pkgs/development/compilers/ghc @peti
pkgs/development/haskell-modules @peti
pkgs/development/haskell-modules/default.nix @Profpatsch @peti
pkgs/development/haskell-modules/generic-builder.nix @Profpatsch @peti
pkgs/development/haskell-modules/hoogle.nix @Profpatsch @peti

# R
pkgs/applications/science/math/R @peti
pkgs/development/r-modules @peti

# Darwin-related
pkgs/stdenv/darwin/* @copumpkin @LnL7
pkgs/os-specific/darwin/* @LnL7
pkgs/os-specific/darwin/apple-source-releases/* @copumpkin
pkgs/stdenv/darwin/* @copumpkin @LnL7
pkgs/os-specific/darwin/* @LnL7
pkgs/os-specific/darwin/apple-source-releases/* @copumpkin
1 change: 1 addition & 0 deletions lib/maintainers.nix
View file
Expand Up @@ -577,6 +577,7 @@
tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
ltavard = "Laure Tavard <laure.tavard@univ-grenoble-alpes.fr>";
teh = "Tom Hunger <tehunger@gmail.com>";
teto = "Matthieu Coudron <mcoudron@hotmail.com>";
telotortium = "Robert Irelan <rirelan@gmail.com>";
thall = "Niclas Thall <niclas.thall@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
Expand Down
17 changes: 13 additions & 4 deletions nixos/modules/virtualisation/docker.nix
View file
Expand Up @@ -126,14 +126,23 @@ in
'';
};
};

package = mkOption {
default = pkgs.docker;
type = types.package;
example = pkgs.docker-edge;
description = ''
Docker package to be used in the module.
'';
};
};

###### implementation

config = mkIf cfg.enable (mkMerge [{
environment.systemPackages = [ pkgs.docker ];
environment.systemPackages = [ cfg.package ];
users.extraGroups.docker.gid = config.ids.gids.docker;
systemd.packages = [ pkgs.docker ];
systemd.packages = [ cfg.package ];

systemd.services.docker = {
wantedBy = optional cfg.enableOnBoot "multi-user.target";
Expand All @@ -142,7 +151,7 @@ in
ExecStart = [
""
''
${pkgs.docker}/bin/dockerd \
${cfg.package}/bin/dockerd \
--group=docker \
--host=fd:// \
--log-driver=${cfg.logDriver} \
Expand Down Expand Up @@ -180,7 +189,7 @@ in
serviceConfig.Type = "oneshot";

script = ''
${pkgs.docker}/bin/docker system prune -f ${toString cfg.autoPrune.flags}
${cfg.package}/bin/docker system prune -f ${toString cfg.autoPrune.flags}
'';

startAt = optional cfg.autoPrune.enable cfg.autoPrune.dates;
Expand Down
6 changes: 6 additions & 0 deletions nixos/release-combined.nix
View file
Expand Up @@ -81,7 +81,10 @@ in rec {
(all nixos.tests.boot.uefiUsb)
(all nixos.tests.boot-stage1)
nixos.tests.hibernate.x86_64-linux # i686 is flaky, see #23107
nixos.tests.docker.x86_64-linux
nixos.tests.docker-edge.x86_64-linux
(all nixos.tests.ecryptfs)
(all nixos.tests.env)
(all nixos.tests.ipv6)
(all nixos.tests.i3wm)
(all nixos.tests.keymap.azerty)
Expand All @@ -93,6 +96,7 @@ in rec {
(all nixos.tests.plasma5)
(all nixos.tests.kernel-latest)
(all nixos.tests.kernel-lts)
(all nixos.tests.kernel-params)
#(all nixos.tests.lightdm)
(all nixos.tests.login)
(all nixos.tests.misc)
Expand All @@ -115,8 +119,10 @@ in rec {
(all nixos.tests.sddm.default)
(all nixos.tests.simple)
(all nixos.tests.slim)
(all nixos.tests.sysctl)
(all nixos.tests.udisks2)
(all nixos.tests.xfce)
(all nixos.tests.xmonad)

nixpkgs.tarball
(all allSupportedNixpkgs.emacs)
Expand Down
5 changes: 5 additions & 0 deletions nixos/release.nix
View file
Expand Up @@ -234,12 +234,14 @@ in rec {
tests.containers-hosts = callTest tests/containers-hosts.nix {};
tests.containers-macvlans = callTest tests/containers-macvlans.nix {};
tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
tests.docker-edge = hydraJob (import tests/docker-edge.nix { system = "x86_64-linux"; });
tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };
tests.ecryptfs = callTest tests/ecryptfs.nix {};
tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });
tests.ec2-nixops = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-nixops;
tests.ec2-config = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-config;
tests.elk = callTest tests/elk.nix {};
tests.env = callTest tests/env.nix {};
tests.ferm = callTest tests/ferm.nix {};
tests.firefox = callTest tests/firefox.nix {};
tests.firewall = callTest tests/firewall.nix {};
Expand All @@ -264,6 +266,7 @@ in rec {
tests.kernel-copperhead = tests/kernel-copperhead.nix {};
tests.kernel-latest = tests/kernel-latest.nix {};
tests.kernel-lts = tests/kernel-lts.nix {};
tests.kernel-params = tests/kernel-params.nix {};
tests.keystone = callTest tests/keystone.nix {};
tests.kubernetes = hydraJob (import tests/kubernetes.nix { system = "x86_64-linux"; });
tests.latestKernel.login = callTest tests/login.nix { latestKernel = true; };
Expand Down Expand Up @@ -309,12 +312,14 @@ in rec {
tests.slim = callTest tests/slim.nix {};
tests.smokeping = callTest tests/smokeping.nix {};
tests.snapper = callTest tests/snapper.nix {};
tests.sysctl = callTest tests/sysctl.nix {};
tests.taskserver = callTest tests/taskserver.nix {};
tests.tomcat = callTest tests/tomcat.nix {};
tests.udisks2 = callTest tests/udisks2.nix {};
tests.virtualbox = callSubTests tests/virtualbox.nix { system = "x86_64-linux"; };
tests.wordpress = callTest tests/wordpress.nix {};
tests.xfce = callTest tests/xfce.nix {};
tests.xmonad = callTest tests/xmonad.nix {};


/* Build a bunch of typical closures so that Hydra can keep track of
Expand Down
47 changes: 47 additions & 0 deletions nixos/tests/docker-edge.nix
View file
@@ -0,0 +1,47 @@
# This test runs docker and checks if simple container starts

import ./make-test.nix ({ pkgs, ...} : {
name = "docker";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ nequissimus offline ];
};

nodes = {
docker =
{ config, pkgs, ... }:
{
virtualisation.docker.enable = true;
virtualisation.docker.package = pkgs.docker-edge;

users.users = {
noprivs = {
isNormalUser = true;
description = "Can't access the docker daemon";
password = "foobar";
};

hasprivs = {
isNormalUser = true;
description = "Can access the docker daemon";
password = "foobar";
extraGroups = [ "docker" ];
};
};
};
};

testScript = ''
startAll;
$docker->waitForUnit("sockets.target");
$docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg");
$docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10");
$docker->succeed("docker ps | grep sleeping");
$docker->succeed("sudo -u hasprivs docker ps");
$docker->fail("sudo -u noprivs docker ps");
$docker->succeed("docker stop sleeping");
# Must match version twice to ensure client and server versions are correct
$docker->succeed('[ $(docker version | grep ${pkgs.docker-edge.version} | wc -l) = "2" ]');
'';
})
6 changes: 5 additions & 1 deletion nixos/tests/docker.nix
View file
Expand Up @@ -3,14 +3,15 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "docker";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ offline ];
maintainers = [ nequissimus offline ];
};

nodes = {
docker =
{ config, pkgs, ... }:
{
virtualisation.docker.enable = true;
virtualisation.docker.package = pkgs.docker;

users.users = {
noprivs = {
Expand Down Expand Up @@ -39,5 +40,8 @@ import ./make-test.nix ({ pkgs, ...} : {
$docker->succeed("sudo -u hasprivs docker ps");
$docker->fail("sudo -u noprivs docker ps");
$docker->succeed("docker stop sleeping");
# Must match version twice to ensure client and server versions are correct
$docker->succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "2" ]');
'';
})
35 changes: 35 additions & 0 deletions nixos/tests/env.nix
View file
@@ -0,0 +1,35 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "environment";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ nequissimus ];
};

machine = { config, lib, pkgs, ... }:
{
boot.kernelPackages = pkgs.linuxPackages;
environment.etc."plainFile".text = ''
Hello World
'';
environment.etc."folder/with/file".text = ''
Foo Bar!
'';

environment.sessionVariables = {
TERMINFO_DIRS = "/run/current-system/sw/share/terminfo";
NIXCON = "awesome";
};
};

testScript =
''
$machine->succeed('[ -L "/etc/plainFile" ]');
$machine->succeed('cat "/etc/plainFile" | grep "Hello World"');
$machine->succeed('[ -d "/etc/folder" ]');
$machine->succeed('[ -d "/etc/folder/with" ]');
$machine->succeed('[ -L "/etc/folder/with/file" ]');
$machine->succeed('cat "/etc/plainFile" | grep "Hello World"');
$machine->succeed('echo ''${TERMINFO_DIRS} | grep "/run/current-system/sw/share/terminfo"');
$machine->succeed('echo ''${NIXCON} | grep "awesome"');
'';
})
24 changes: 24 additions & 0 deletions nixos/tests/kernel-params.nix
View file
@@ -0,0 +1,24 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "kernel-params";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ nequissimus ];
};

machine = { config, lib, pkgs, ... }:
{
boot.kernelPackages = pkgs.linuxPackages;
boot.kernelParams = [
"nohibernate"
"page_poison=1"
"vsyscall=none"
];
};

testScript =
''
$machine->fail("cat /proc/cmdline | grep page_poison=0");
$machine->succeed("cat /proc/cmdline | grep nohibernate");
$machine->succeed("cat /proc/cmdline | grep page_poison=1");
$machine->succeed("cat /proc/cmdline | grep vsyscall=none");
'';
})
25 changes: 25 additions & 0 deletions nixos/tests/sysctl.nix
View file
@@ -0,0 +1,25 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "sysctl";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ nequissimus ];
};

machine = { config, lib, pkgs, ... }:
{
boot.kernelPackages = pkgs.linuxPackages;
boot.kernel.sysctl = {
"kernel.dmesg_restrict" = true; # Restrict dmesg access
"net.core.bpf_jit_enable" = false; # Turn off bpf JIT
"user.max_user_namespaces" = 0; # Disable user namespaces
"vm.swappiness" = 2; # Low swap usage
};
};

testScript =
''
$machine->succeed("sysctl kernel.dmesg_restrict | grep 'kernel.dmesg_restrict = 1'");
$machine->succeed("sysctl net.core.bpf_jit_enable | grep 'net.core.bpf_jit_enable = 0'");
$machine->succeed("sysctl user.max_user_namespaces | grep 'user.max_user_namespaces = 0'");
$machine->succeed("sysctl vm.swappiness | grep 'vm.swappiness = 2'");
'';
})
28 changes: 28 additions & 0 deletions nixos/tests/xmonad.nix
View file
@@ -0,0 +1,28 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "xmonad";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ nequissimus ];
};

machine = { lib, pkgs, ... }: {
imports = [ ./common/x11.nix ./common/user-account.nix ];
services.xserver.displayManager.auto.user = "alice";
services.xserver.windowManager.default = lib.mkForce "xmonad";
services.xserver.windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
extraPackages = with pkgs.haskellPackages; haskellPackages: [ xmobar ];
};
};

testScript = { nodes, ... }: ''
$machine->waitForX;
$machine->waitForFile("/home/alice/.Xauthority");
$machine->succeed("xauth merge ~alice/.Xauthority");
$machine->sleep(3);
$machine->sendKeys("alt-shift-ret");
$machine->waitForWindow(qr/machine.*alice/);
$machine->sleep(1);
$machine->screenshot("terminal");
'';
})
10 changes: 8 additions & 2 deletions pkgs/applications/misc/toot/default.nix
View file
@@ -1,19 +1,25 @@
{ stdenv, fetchFromGitHub, pythonPackages }:

pythonPackages.buildPythonApplication rec {
version = "0.8.0";
version = "0.13.0";
name = "toot-${version}";

src = fetchFromGitHub {
owner = "ihabunek";
repo = "toot";
rev = "${version}";
sha256 = "1y1jz4f53njq94zab0icf7jhd4jp10ywm508l4lw6spb69wr7rdy";
sha256 = "0gbsq43qv5qg4avx7czs57k40m8lzh8f1z5yizqqc7r02p2sacnc";
};

checkInputs = with pythonPackages; [ pytest ];

propagatedBuildInputs = with pythonPackages;
[ requests beautifulsoup4 future ];

checkPhase = ''
py.test
'';

meta = with stdenv.lib; {
description = "Mastodon CLI interface";
homepage = "https://github.com/ihabunek/toot";
Expand Down
4 changes: 2 additions & 2 deletions pkgs/applications/networking/syncthing/default.nix
View file
@@ -1,14 +1,14 @@
{ stdenv, lib, fetchFromGitHub, go, procps, removeReferencesTo }:

stdenv.mkDerivation rec {
version = "0.14.36";
version = "0.14.37";
name = "syncthing-${version}";

src = fetchFromGitHub {
owner = "syncthing";
repo = "syncthing";
rev = "v${version}";
sha256 = "1l4s74qlabwfkpi9lmm588ym0myavbs06a5gpp9nihzrsal18727";
sha256 = "0mk09m5wc6g7w65cf86rrvzb2gfzbg4jrkwpsabn732iyhkkaj4z";
};

buildInputs = [ go removeReferencesTo ];
Expand Down

0 comments on commit d38ee5b

Please sign in to comment.