This option replaces the active runtime manifest in the user directory.
Games running through Steam's Pressure Vessel cannot read /etc so
forcefully overriding the file every time the service starts, will allow
those games to use Monado.
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
GNU sed's man page has this to say about "-i":
Because -i takes an optional argument, it should not be followed by
other short options:
[..]
sed -iE '...' FILE
This is equivalent to --in-place=E, creating FILEE as backup of FILE
This means all "-iX" did not have the intended effect X, so we can
instead remove them.
The refactoring parallelizes preliminary tasks like the node start and
import of the pause image to speed up execution of the test. It also
uniforms the usage of extraFlags for all nodes.
PostgreSQL with JIT support enabled doesn't work with plv8. Hence, we'd
get an evaluation failure for each
`nixosTests.postgresql.postgresql.postgresql_jit_X`.
This should be restructured in the future (less VM tests for custom
extensions, but a single VM test for this case to cover). For now, we
should get this fix out and this is a good-enough approach.
The plv8 plugin requires access to pkey syscalls. The execution will
crash hard when it is not allowed by the syscall filter.
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
This will be EOL at the end of November, so there's little reason to
keep it in 24.11[1]. As discussed, we'd like to keep it for as long as
possible to make sure there's a state in nixpkgs that has the latest
minor of postgresql_12 available with the most recent CVEs fixed for
people who cannot upgrade[2].
This aspect has been made explicit in the manual now for the next .11
release.
During the discussions it has been brought up that if people just do
`services.postgresql.enable = true;` and let the code decide the
postgresql version based on `system.stateVersion`, there's a chance that
such EOL dates will be missed. To make this harder, a warning will now
be raised when using the stateVersion-condition and the oldest still
available major is selected.
Additionally regrouped the postgresql things in the release notes to
make sure these are all shown consecutively. Otherwise it's a little
hard to keep track of all the changes made to postgresql in 24.11.
[1] https://endoflife.date/postgresql
[2] https://github.com/NixOS/nixpkgs/pull/353158#issuecomment-2453056692
The test previously violated the Kubernetes version skew policy by
deploying a kubelet of hte most recent version in a cluster with an
older apiserver.
This was intended for quite some time already, but ever since enableJIT
was changed to be the source of truth of JIT-iness for the PostgreSQL
module, this hasn't worked for the tests anymore.
There is no need to fire up a whole VM just to run a two line test of
creating the extension. We can use postgresqlTestExtension for that.
This has the advantage that it runs with postgresqlTestHook, so without
a VM, making it more portable.
Manually importing postgresql packages from the /pkgs/ folder or
manually importing the test from /nixos/tests/ in generic.nix is not
only ugly, but also forbidden should we ever move to pkgs/by-name.
We can achieve almost the same with a slightly different setup. We allow
overriding the postgresql package for the test via passthru.override, to
make sure that each postgresql_xx.tests.postgresql-wal-receiver is
properly teted with the right version.
Addresses
The -k option will be deprecated. Please use the --set-key-file option
instead.
This isn't causing any problems _yet_, but it seems easy enough to fix it now
already.
There now is a "Refresh Hardware Keys" icon since 2.7.7, which we have to skip.
I also needed to add more explicit handling of the intermediate file dialog to
get the test to pass.
git v2.47.0 made changes to trace2's nesting.
trace2.eventNesting (GIT_TRACE2_EVENT_NESTING) defaults to 2, but the
nested region we are after gained a level and is now at level 3 instead
of 2.
eventNesting describes the maximum nesting level to be logged.
So to make it log the negotated-version in connect.c again, we increase
the default by one, from 2 to 3.
Previously, the base system had grub in `systemPackages` but the
specialisations did not. This is because of a few factors:
- Grub was enabled in the nixos config
- Specialisations set `grub.device = "nodev"` (see: system/activation/no-clone.nix)
- Grub is added to `systemPackages` depending on whether `devices == ["nodev"]`
This meant that switching between the base system and a specialisation
always changed `system-path.drv`, which is a reload trigger for
dbus. With grub disabled in this test, this no longer happens.
Reverts #344407
This has broken nixos-rebuild switch so that it no longer updates the profile, which has bad consequences including not updating the systemd-boot menu with new generations.
bitcoind v28 made a breaking change that affects lnd. This setting
reverts bitcoind to old behavior until lnd is updated to be compatible
with bitcoind v28.
There is a nasty race condition in the cups tests.
To understand what is going on, one must first note that
printers are installed in the vms with ensure-printers.service,
which is started as part of multi-user.target.
ensure-printers.service in turn triggers a start of
cups.service as it needs to connect to the local cups daemon.
This is what happens when the test runs:
1 the test waits for cups.socket or cups.service to start up
(subtest "Make sure that cups is up on both sides...")
2 after cups.service started
(it starts even in the "socket" case,
triggered by ensure-printers.service),
ensure-printers.service is started
3 the test tries to connect to the cups daemons via curl
(subtest "HTTP server is available too")
4 the test verifies the required printers are installed
("lpstat -a" called by subtest "LP status checks")
Usually, 3 needs some time, so ensure-printers.service
already installed all printers that are required by 4.
But if 3 is too fast, or if ensure-printers.service is too slow,
4 fails to find the printers it is looking for.
One can provoke the problem by adding
> systemd.services.ensure-printers.serviceConfig.ExecStartPre = "/run/current-system/sw/bin/sleep 10";
to the `nodes.client` configuration.
The commit at hand fixes the problem by changing 1:
Instead of waiting for cups,
it now waits for ensure-printers.service
(which in turn waits for cups.service and cups.socket).
This is also in accordance with the
subtest description in the code that promises to
"Make sure that cups is up [...] and printers are set up".
Prior to this contribution, every boot with a default configuration was
considered `ConditionFirstBoot=true` by systemd, since /etc/machine-id
was not commited to disk.
This also extends the systemd with a check for subsequent boots not
being considered first boots.
Adds explicit network configuration for etcd service
Waits for etcd to be fully healthy before running tests
Makes endpoint configuration explicit in etcdctl commands
Migrate to pkgs/by-name,
and update the test so that it passes for all versions
This version is added as EOL, since NetBox 4.1 is out,
but it might be still useful in case of an upgrade issue.
Modernize it. This allows the test to be extended, and pkgs to be
reused (later) to speed up evaluations a bit.
I believe this also makes it run on darwin hosts, but my linux-builder's
disk is too small to fit the massive closure of this test.
(cherry picked from commit 1396a03bee18a0993a4f3e97fda8938ff61c2918)
Modernize it. This allows the test to be extended, and pkgs to be
reused (later) to speed up evaluations a bit.
I believe this also makes it run on darwin hosts, but my linux-builder's
disk is too small to fit the massive closure of this test.
(cherry picked from commit 8c06d2cf667106dd440e7c140e70051dc1c321cb)
- remove dead code
- pass around a lot less redundant stuff
- add a timeout to the read so it can actually fail when characters are dropped
- run the input reader in systemd-cat so we can see the errors on console
This does not actually fix the flakiness in the tests, but it should make it
easier to find.
Before this change, the hash of the etc metadata image was included in
the mount unit that's responsible for mounting this metadata image in the
initrd.
And because this metadata image changes with every change to the etc
contents, the initrd would be rebuild every time as well.
This can lead to a lot of rebuilds (especially when revision info is
included in /etc/os-release) and all these initrd archives use up a lot of
space on the ESP.
With this change, we instead include a symlink to the metadata image in the
top-level directory, in the same way as we already do for things like init and
prepare-root, and we deduce the store path from the init= kernel parameter,
in the same way as we already do to find the path to init and prepare-root.
Doing so avoids rebuilding the initrd all the time.
The URL scheme for downloading plugins has changed a long time ago and
the used URL is dead. Gerrit only throws an error since it can't load
the plugin but it continues to boot. However, instead of maintaining
URLs to 3rdparty plugins, which end up dead anyway, just drop it. The
test should cover Gerrit and not 3rd party plugins.
Also, while on it, drop the setting `plugins.allowRemoteAdmin = true`
since it's not needed.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
In order to emulate the `nixos-rebuild switch` that is called if the EC2
user data is a nix expression, run the switch-to-configuration script
for the current running config.
In order to avoid unnecessary CI errors regarding unsupported
architectures, limit the target architectures to the supported ones by
the Redmine package.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Tests were not changed according to the new prometheus firewall port
settings.
With this change we now check that the port is not accessible form the
outside, while everything still works from localhost.
