I guess my time has come as well...
With this commit, I'm not just dropping my maintainer entry, but I'm also
resigning from my duties as a board observer and NixCon project lead.
I also terminated my Summer of Nix contract today.
I'll also stop hosting the local NixOS meetup.
The only "project" I'll finish under the NixOS Foundation umbrella is
Google Summer of Code because the mentees aren't even remotely
responsible for why I'm leaving, and it would be unfair to leave them
hanging.
I'm grateful for all the things I was able to learn, for all the experiences
I could gather, and for all the friends I made along the way.
NixOS is what makes computers bearable for me, so I'll go and work on
some fork (*something something* you always meet twice in life).
sometimes takes a while for upstream to publish on pypi so switch to using github source for master, pkg, worker and github releases for the plugins which require built assets
ChangeLog: https://github.com/grafana/grafana/releases/tag/v11.1.0
A few additional changes were necessary:
* Grafana now refuses to listen on non-IP values and aborts with
Error: ✗ *apiserver.service run error: invalid IP address: localhost
* packages/grafana-e2e doesn't exist anymore, so the build fixes for
that could be removed.
* Make sure we always compile the binary parts of cypress.
* Grafana tends to set the minimum Go version to the latest Go version
available now[1].
* The `url` of a datasource was set to `localhost` by default. I don't
expect anybody to have not set it when needed, also Grafana aborts now
if `url` is non-empty for a random walk datasource (which broke the VM
tests).
[1] https://github.com/grafana/grafana/pull/88794#discussion_r1630563467
This contribution extends the k3s module to
enable the usage of Helm charts and container
images in air-gapped environments. Additionally,
the manifests option allows to specify arbitrary
manifests that are deployed by k3s automatically.
It is now possible to deploy Kubernetes workloads
using the k3s module.
Preflight check failed with error: Journal directory
</var/lib/graylog/data/journal> has not enough free space (3412 MB) available.
You need to provide additional 1707 MB to contain 'message_journal_max_size = 5120 MB'
The spook package includes two separate integrations and the module was
adapted to account for that scenario. Add a test to ensure the changed
keeps working correctly going forward.
tcp*.bt scripts tried to include glibc headers, which didn't work on
nixos because bpftrace tried to call clang-major with some options to
get the paths, but we never told it where to find it.
Give bpftrace the path directly instead of giving it a path to clang.
runqlat.bt doesn't work with glibc headers and requires kernel headers
which are no longer extracted, just provide its value.
Note the default clang output also had some clang-internal headers, but
these seem to be included anyway through libclang API without having to
give them here, so we only pass the glibc ones.
While here:
- also backport another bpftrace patch that made the tcp*.bt tools to
actually not require these includes
- and add tests that we can include these.
Co-authored-by: Arian van Putten <arian.vanputten@gmail.com>
To allow migration from 23.11 to 24.05 without triggering re-registrations,
the account hashing behaviour of the previous release can be retained by setting
`security.acme.defaults.server` to `null`.
We better also check for hash consistency with that setting to avoid unexpected
account hash changes again.
Odoo does not initialize the database by default,
it must be explicitly initialized for the test as written to succeed.
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
Verify that all `href` attributes emitted as part of the entrypoint page
after logging in are reachable.
Co-authored-by: Bruno BELANYI <bruno@belanyi.fr>
Closes#320381
Installation with a custom dbtableprefix is not allowed anymore for a
while[1] and we shouldn't advertise it as such.
The option is deprecated for now since I'm not sure if there are some
weird corner-cases where removing the option directly would break
existing installations from before <20 with a custom dbtableprefix. The
migration-path for such a case is as follows:
* Check if /var/lib/nextcloud/config/config.php has the correct
dbtableprefix set and if not, take care of it.
* Remove `dbtableprefix` from the NixOS configuration. It's effectively
state anyways.
After a bit of time to switch (perhaps after the next release
branchoff), the option can be removed.
[1] https://github.com/nextcloud/server/issues/24836
General cleanup -- following the logic that NixOS 23.11 contains Kafka
3.5, so there is a sensible upgrade path for everyone as long as we keep
that around until after the next release.
- rename hardware.opengl to hardware.graphics
- remove hardware.opengl.driSupport, which does nothing
- remove hardware.opengl.setLdLibraryPath, which should never be done
- rename hardware.opengl.driSupport32Bit to hardware.graphics.enable32Bit
- lost of small docs / formatting cleanups
Allows users to refer to `config.programs.ydotool.group` rather than
hard-coding "ydotool".
Allows users to override the group name for whatever reason.
This closes#317013.
Co-authored-by: Cosima Neidahl <opna2608@protonmail.com>
The tests had very much duplication and some if it was even wrong! For
instance, `withRcloneEnv` in the MySQL test didn't have the `"$@"` at
the bottom to execute commands passed to it. Because of that, the MySQL
testcase never checked whether files can be uploaded.
Since tests are just another module-system I decided to abstract away
common things by using it:
* Define a base module with
* an empty `client` node and a `nextcloud` node with defaults
shared among all tests.
* rclone scripts that are used by all tests.
* a `testScript` checking upload/download. Additional checks can be
added via `test-helpers.extraTests`.
* Make common information such as admin user & password shared via
options.
Also, changed the following things:
* The `name` of the final derivation also includes the Nextcloud major
it was tested against.
* Improved the objecstore test by making sure the file was actually
uploaded into the bucket.
* Make sure `withRcloneEnv` actually invokes the command it gets as
`argv`. Until no, nothing was uploaded. This mistake was copied from
the MySQL test that appears to have the same issue (will be addressed
in the next commit).
* Test upload/download through with rclone once to see if Nextcloud
interaction with S3 works fine.
* Make sure we actually have something in the bucket (until now with an
`ls` and no real check, will do some larger cleanups and make this
better in the next commit).
* Use actual AWS-style access keys.
Allow users to disable the shadow authentication suite.
My primary motivation is to reduce the attack surface via setuid
binaries, which shadow understandably introduces many. I realised,
however, that I don't use any of these.
The test demonstrates login working without needing the shadow suite.
We can expose the PLAT prefix to the client via DNS64 so clatd is able
to determine the prefix dynamically. We can also test that some
systemd-networkd PREF64 settings work as expected when exposed on the
router.
- Introduce more possible options by using the krb format generator.
- Enforce package choice is using a correct package.
- Use meta attribute to decide implementation, allows for overriding the
package.
- Make necessary changes to the format, to allow for multiple ACL files in
heimdal.
- Add systemd target and slice for both implementations.
- Move state to `/var/lib`
- Add documentation
When I initially wrote this test, I wasn't aware that services.openssh
could opt into using OpenSSH's default algorithms by just setting the
relevant settings to null.
That's a better approach since:
* it's a simpler setting for this test to have to worry about
* it introduces test coverage for the null case
* the null case should be demonstrated as an example for those that
want to compile without OpenSSL
- Use the print dialog to create a sample score.
- Copy also the sample score from the vm to $out of the test.
- Create a bit more screenshots
- Only use machine.wait_for_window, never machine.wait_for_text which
requires OCR which is slow.
- Set XDG_RUNTIME_DIR so it won't dump core.
Without this change, the systemd unit will be marked as ready even though BIND has not finished starting yet.
This causes other units that depend on BIND to start even though BIND is not ready yet.
From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900788: "Bind9 will daemonize itself _when it is ready_."
Also modify the NixOS test. With this change, waiting for the unit alone will ensure that BIND is ready to accept queries. I would have expected to see the test failing without this commit but with the `machine.wait_for_open_port(53)` line removed but I found this to not be the case most of the time. This is probably the case because the situation is inherently racy and on my machine BIND happens to start in time most of the time.
