diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/all-tests.nix | 4 | ||||
-rw-r--r-- | nixos/tests/binary-cache.nix | 62 | ||||
-rw-r--r-- | nixos/tests/envoy.nix | 35 | ||||
-rw-r--r-- | nixos/tests/k3s/default.nix | 8 | ||||
-rw-r--r-- | nixos/tests/k3s/multi-node.nix | 6 | ||||
-rw-r--r-- | nixos/tests/k3s/single-node.nix | 9 | ||||
-rw-r--r-- | nixos/tests/luks.nix | 69 | ||||
-rw-r--r-- | nixos/tests/maddy.nix | 2 | ||||
-rw-r--r-- | nixos/tests/miriway.nix | 6 | ||||
-rw-r--r-- | nixos/tests/opensearch.nix | 52 | ||||
-rw-r--r-- | nixos/tests/pass-secret-service.nix | 2 | ||||
-rw-r--r-- | nixos/tests/predictable-interface-names.nix | 2 | ||||
-rw-r--r-- | nixos/tests/quake3.nix | 8 | ||||
-rw-r--r-- | nixos/tests/systemd-cryptenroll.nix | 1 | ||||
-rw-r--r-- | nixos/tests/systemd-repart.nix | 134 | ||||
-rw-r--r-- | nixos/tests/wireguard/snakeoil-keys.nix | 3 |
16 files changed, 378 insertions, 25 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 1af7456fad8be..ac15ecdad6b86 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -92,6 +92,7 @@ in { bcachefs = handleTestOn ["x86_64-linux" "aarch64-linux"] ./bcachefs.nix {}; beanstalkd = handleTest ./beanstalkd.nix {}; bees = handleTest ./bees.nix {}; + binary-cache = handleTest ./binary-cache.nix {}; bind = handleTest ./bind.nix {}; bird = handleTest ./bird.nix {}; bitcoind = handleTest ./bitcoind.nix {}; @@ -367,6 +368,7 @@ in { login = handleTest ./login.nix {}; logrotate = handleTest ./logrotate.nix {}; loki = handleTest ./loki.nix {}; + luks = handleTest ./luks.nix {}; lvm2 = handleTest ./lvm2 {}; lxd = handleTest ./lxd.nix {}; lxd-nftables = handleTest ./lxd-nftables.nix {}; @@ -489,6 +491,7 @@ in { ombi = handleTest ./ombi.nix {}; openarena = handleTest ./openarena.nix {}; openldap = handleTest ./openldap.nix {}; + opensearch = discoverTests (import ./opensearch.nix); openresty-lua = handleTest ./openresty-lua.nix {}; opensmtpd = handleTest ./opensmtpd.nix {}; opensmtpd-rspamd = handleTest ./opensmtpd-rspamd.nix {}; @@ -665,6 +668,7 @@ in { systemd-nspawn = handleTest ./systemd-nspawn.nix {}; systemd-oomd = handleTest ./systemd-oomd.nix {}; systemd-portabled = handleTest ./systemd-portabled.nix {}; + systemd-repart = handleTest ./systemd-repart.nix {}; systemd-shutdown = handleTest ./systemd-shutdown.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-user-tmpfiles-rules = handleTest ./systemd-user-tmpfiles-rules.nix {}; diff --git a/nixos/tests/binary-cache.nix b/nixos/tests/binary-cache.nix new file mode 100644 index 0000000000000..0809e59e5a115 --- /dev/null +++ b/nixos/tests/binary-cache.nix @@ -0,0 +1,62 @@ +import ./make-test-python.nix ({ lib, ... }: + +with lib; + +{ + name = "binary-cache"; + meta.maintainers = with maintainers; [ thomasjm ]; + + nodes.machine = + { pkgs, ... }: { + imports = [ ../modules/installer/cd-dvd/channel.nix ]; + environment.systemPackages = with pkgs; [python3]; + system.extraDependencies = with pkgs; [hello.inputDerivation]; + nix.extraOptions = '' + experimental-features = nix-command + ''; + }; + + testScript = '' + # Build the cache, then remove it from the store + cachePath = machine.succeed("nix-build --no-out-link -E 'with import <nixpkgs> {}; mkBinaryCache { rootPaths = [hello]; }'").strip() + machine.succeed("cp -r %s/. /tmp/cache" % cachePath) + machine.succeed("nix-store --delete " + cachePath) + + # Sanity test of cache structure + status, stdout = machine.execute("ls /tmp/cache") + cache_files = stdout.split() + assert ("nix-cache-info" in cache_files) + assert ("nar" in cache_files) + + # Nix store ping should work + machine.succeed("nix store ping --store file:///tmp/cache") + + # Cache should contain a .narinfo referring to "hello" + grepLogs = machine.succeed("grep -l 'StorePath: /nix/store/[[:alnum:]]*-hello-.*' /tmp/cache/*.narinfo") + + # Get the store path referenced by the .narinfo + narInfoFile = grepLogs.strip() + narInfoContents = machine.succeed("cat " + narInfoFile) + import re + match = re.match(r"^StorePath: (/nix/store/[a-z0-9]*-hello-.*)$", narInfoContents, re.MULTILINE) + if not match: raise Exception("Couldn't find hello store path in cache") + storePath = match[1] + + # Delete the store path + machine.succeed("nix-store --delete " + storePath) + machine.succeed("[ ! -d %s ] || exit 1" % storePath) + + # Should be able to build hello using the cache + logs = machine.succeed("nix-build -A hello '<nixpkgs>' --option require-sigs false --option trusted-substituters file:///tmp/cache --option substituters file:///tmp/cache 2>&1") + logLines = logs.split("\n") + if not "this path will be fetched" in logLines[0]: raise Exception("Unexpected first log line") + def shouldBe(got, desired): + if got != desired: raise Exception("Expected '%s' but got '%s'" % (desired, got)) + shouldBe(logLines[1], " " + storePath) + shouldBe(logLines[2], "copying path '%s' from 'file:///tmp/cache'..." % storePath) + shouldBe(logLines[3], storePath) + + # Store path should exist in the store now + machine.succeed("[ -d %s ] || exit 1" % storePath) + ''; +}) diff --git a/nixos/tests/envoy.nix b/nixos/tests/envoy.nix index 9d2c32ce102f2..1e4bfe626398e 100644 --- a/nixos/tests/envoy.nix +++ b/nixos/tests/envoy.nix @@ -13,7 +13,7 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : { socket_address = { protocol = "TCP"; address = "127.0.0.1"; - port_value = 9901; + port_value = 80; }; }; }; @@ -22,12 +22,33 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : { clusters = []; }; }; + specialisation = { + withoutConfigValidation.configuration = { ... }: { + services.envoy = { + requireValidConfig = false; + settings.admin.access_log_path = lib.mkForce "/var/log/envoy/access.log"; + }; + }; + }; }; - testScript = '' - machine.start() - machine.wait_for_unit("envoy.service") - machine.wait_for_open_port(9901) - machine.wait_until_succeeds("curl -fsS localhost:9901/ready") - ''; + testScript = { nodes, ... }: + let + specialisations = "${nodes.machine.system.build.toplevel}/specialisation"; + in + '' + machine.start() + + with subtest("envoy.service starts and responds with ready"): + machine.wait_for_unit("envoy.service") + machine.wait_for_open_port(80) + machine.wait_until_succeeds("curl -fsS localhost:80/ready") + + with subtest("envoy.service works with config path not available at eval time"): + machine.succeed('${specialisations}/withoutConfigValidation/bin/switch-to-configuration test') + machine.wait_for_unit("envoy.service") + machine.wait_for_open_port(80) + machine.wait_until_succeeds("curl -fsS localhost:80/ready") + machine.succeed('test -f /var/log/envoy/access.log') + ''; }) diff --git a/nixos/tests/k3s/default.nix b/nixos/tests/k3s/default.nix index 07d93c41c7a68..e168f8233c763 100644 --- a/nixos/tests/k3s/default.nix +++ b/nixos/tests/k3s/default.nix @@ -1,9 +1,13 @@ { system ? builtins.currentSystem , pkgs ? import ../../.. { inherit system; } +, lib ? pkgs.lib }: +let + allK3s = lib.filterAttrs (n: _: lib.strings.hasPrefix "k3s_" n) pkgs; +in { # Run a single node k3s cluster and verify a pod can run - single-node = import ./single-node.nix { inherit system pkgs; }; + single-node = lib.mapAttrs (_: k3s: import ./single-node.nix { inherit system pkgs k3s; }) allK3s; # Run a multi-node k3s cluster and verify pod networking works across nodes - multi-node = import ./multi-node.nix { inherit system pkgs; }; + multi-node = lib.mapAttrs (_: k3s: import ./multi-node.nix { inherit system pkgs k3s; }) allK3s; } diff --git a/nixos/tests/k3s/multi-node.nix b/nixos/tests/k3s/multi-node.nix index 9a6c7fd465739..932b4639b39c8 100644 --- a/nixos/tests/k3s/multi-node.nix +++ b/nixos/tests/k3s/multi-node.nix @@ -1,4 +1,4 @@ -import ../make-test-python.nix ({ pkgs, lib, ... }: +import ../make-test-python.nix ({ pkgs, lib, k3s, ... }: let imageEnv = pkgs.buildEnv { name = "k3s-pause-image-env"; @@ -39,7 +39,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: tokenFile = pkgs.writeText "token" "p@s$w0rd"; in { - name = "k3s-multi-node"; + name = "${k3s.name}-multi-node"; nodes = { server = { pkgs, ... }: { @@ -52,7 +52,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: inherit tokenFile; enable = true; role = "server"; - package = pkgs.k3s; + package = k3s; clusterInit = true; extraFlags = builtins.toString [ "--disable" "coredns" diff --git a/nixos/tests/k3s/single-node.nix b/nixos/tests/k3s/single-node.nix index a95fa4a031e3f..d61595d889e2a 100644 --- a/nixos/tests/k3s/single-node.nix +++ b/nixos/tests/k3s/single-node.nix @@ -1,4 +1,4 @@ -import ../make-test-python.nix ({ pkgs, lib, ... }: +import ../make-test-python.nix ({ pkgs, lib, k3s, ... }: let imageEnv = pkgs.buildEnv { name = "k3s-pause-image-env"; @@ -24,7 +24,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: ''; in { - name = "k3s"; + name = "${k3s.name}-single-node"; meta = with pkgs.lib.maintainers; { maintainers = [ euank ]; }; @@ -38,7 +38,7 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: services.k3s.enable = true; services.k3s.role = "server"; - services.k3s.package = pkgs.k3s; + services.k3s.package = k3s; # Slightly reduce resource usage services.k3s.extraFlags = builtins.toString [ "--disable" "coredns" @@ -77,6 +77,9 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: machine.succeed("k3s kubectl wait --for 'condition=Ready' pod/test") machine.succeed("k3s kubectl delete -f ${testPodYaml}") + # regression test for #176445 + machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'") + machine.shutdown() ''; }) diff --git a/nixos/tests/luks.nix b/nixos/tests/luks.nix new file mode 100644 index 0000000000000..82f5095cb2602 --- /dev/null +++ b/nixos/tests/luks.nix @@ -0,0 +1,69 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "luks"; + + nodes.machine = { pkgs, ... }: { + # Use systemd-boot + virtualisation = { + emptyDiskImages = [ 512 512 ]; + useBootLoader = true; + useEFIBoot = true; + }; + boot.loader.systemd-boot.enable = true; + + boot.kernelParams = lib.mkOverride 5 [ "console=tty1" ]; + + environment.systemPackages = with pkgs; [ cryptsetup ]; + + specialisation = rec { + boot-luks.configuration = { + boot.initrd.luks.devices = lib.mkVMOverride { + # We have two disks and only type one password - key reuse is in place + cryptroot.device = "/dev/vdc"; + cryptroot2.device = "/dev/vdd"; + }; + virtualisation.bootDevice = "/dev/mapper/cryptroot"; + }; + boot-luks-custom-keymap.configuration = lib.mkMerge [ + boot-luks.configuration + { + console.keyMap = "neo"; + } + ]; + }; + }; + + enableOCR = true; + + testScript = '' + # Create encrypted volume + machine.wait_for_unit("multi-user.target") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdd -") + + # Boot from the encrypted disk + machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") + machine.succeed("sync") + machine.crash() + + # Boot and decrypt the disk + machine.start() + machine.wait_for_text("Passphrase for") + machine.send_chars("supersecret\n") + machine.wait_for_unit("multi-user.target") + + assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount") + + # Boot from the encrypted disk with custom keymap + machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks-custom-keymap.conf") + machine.succeed("sync") + machine.crash() + + # Boot and decrypt the disk + machine.start() + machine.wait_for_text("Passphrase for") + machine.send_chars("havfkhfrkfl\n") + machine.wait_for_unit("multi-user.target") + + assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount") + ''; +}) diff --git a/nixos/tests/maddy.nix b/nixos/tests/maddy.nix index b9d0416482da1..800d254f17704 100644 --- a/nixos/tests/maddy.nix +++ b/nixos/tests/maddy.nix @@ -9,6 +9,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { hostname = "server"; primaryDomain = "server"; openFirewall = true; + ensureAccounts = [ "postmaster@server" ]; }; }; @@ -50,7 +51,6 @@ import ./make-test-python.nix ({ pkgs, ... }: { server.wait_for_open_port(587) server.succeed("maddyctl creds create --password test postmaster@server") - server.succeed("maddyctl imap-acct create postmaster@server") client.succeed("send-testmail") client.succeed("test-imap") diff --git a/nixos/tests/miriway.nix b/nixos/tests/miriway.nix index c4c50646f0153..d0d9f16d40f95 100644 --- a/nixos/tests/miriway.nix +++ b/nixos/tests/miriway.nix @@ -3,7 +3,10 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { meta = { maintainers = with lib.maintainers; [ OPNA2608 ]; - # FIXME On ARM Miriway inside the VM doesn't receive keyboard inputs, why? + # Natively running Mir has problems with capturing the first registered libinput device. + # In our VM runners on ARM and on some hardware configs (my RPi4, distro-independent), this misses the keyboard. + # It can be worked around by dis- and reconnecting the affected hardware, but we can't do this in these tests. + # https://github.com/MirServer/mir/issues/2837 broken = pkgs.stdenv.hostPlatform.isAarch; }; @@ -30,6 +33,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { enable = true; config = '' add-wayland-extensions=all + enable-x11= ctrl-alt=t:foot --maximized ctrl-alt=a:env WINIT_UNIX_BACKEND=x11 WAYLAND_DISPLAY=invalid alacritty --option window.startup_mode=maximized diff --git a/nixos/tests/opensearch.nix b/nixos/tests/opensearch.nix new file mode 100644 index 0000000000000..c0caf950cb9c9 --- /dev/null +++ b/nixos/tests/opensearch.nix @@ -0,0 +1,52 @@ +let + opensearchTest = + import ./make-test-python.nix ( + { pkgs, lib, extraSettings ? {} }: { + name = "opensearch"; + meta.maintainers = with pkgs.lib.maintainers; [ shyim ]; + + nodes.machine = lib.mkMerge [ + { + virtualisation.memorySize = 2048; + services.opensearch.enable = true; + } + extraSettings + ]; + + testScript = '' + machine.start() + machine.wait_for_unit("opensearch.service") + machine.wait_for_open_port(9200) + + machine.succeed( + "curl --fail localhost:9200" + ) + ''; + }); +in +{ + opensearch = opensearchTest {}; + opensearchCustomPathAndUser = opensearchTest { + extraSettings = { + services.opensearch.dataDir = "/var/opensearch_test"; + services.opensearch.user = "open_search"; + services.opensearch.group = "open_search"; + system.activationScripts.createDirectory = { + text = '' + mkdir -p "/var/opensearch_test" + chown open_search:open_search /var/opensearch_test + chmod 0700 /var/opensearch_test + ''; + deps = [ "users" "groups" ]; + }; + users = { + groups.open_search = {}; + users.open_search = { + description = "OpenSearch daemon user"; + group = "open_search"; + isSystemUser = true; + }; + }; + }; + }; +} diff --git a/nixos/tests/pass-secret-service.nix b/nixos/tests/pass-secret-service.nix index a85a508bfe16b..e0dddf0ad29e2 100644 --- a/nixos/tests/pass-secret-service.nix +++ b/nixos/tests/pass-secret-service.nix @@ -1,6 +1,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "pass-secret-service"; - meta.maintainers = with lib; [ aidalgol ]; + meta.maintainers = [ lib.maintainers.aidalgol ]; nodes.machine = { nodes, pkgs, ... }: { diff --git a/nixos/tests/predictable-interface-names.nix b/nixos/tests/predictable-interface-names.nix index 08773120bc127..684df9c39246c 100644 --- a/nixos/tests/predictable-interface-names.nix +++ b/nixos/tests/predictable-interface-names.nix @@ -13,7 +13,7 @@ in pkgs.lib.listToAttrs (builtins.map ({ predictable, withNetworkd }: { name = pkgs.lib.optionalString (!predictable) "un" + "predictable" + pkgs.lib.optionalString withNetworkd "Networkd"; value = makeTest { - name = "${if predictable then "" else "un"}predictableInterfaceNames${if withNetworkd then "-with-networkd" else ""}"; + name = "${pkgs.lib.optionalString (!predictable) "un"}predictableInterfaceNames${pkgs.lib.optionalString withNetworkd "-with-networkd"}"; meta = {}; nodes.machine = { lib, ... }: { diff --git a/nixos/tests/quake3.nix b/nixos/tests/quake3.nix index 82af1af463d03..ef5fcc41476bc 100644 --- a/nixos/tests/quake3.nix +++ b/nixos/tests/quake3.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, lib, ...} : let @@ -11,9 +11,9 @@ let }; # Only allow the demo data to be used (only if it's unfreeRedistributable). - unfreePredicate = pkg: with pkgs.lib; let + unfreePredicate = pkg: with lib; let allowPackageNames = [ "quake3-demodata" "quake3-pointrelease" ]; - allowLicenses = [ pkgs.lib.licenses.unfreeRedistributable ]; + allowLicenses = [ lib.licenses.unfreeRedistributable ]; in elem pkg.pname allowPackageNames && elem (pkg.meta.license or null) allowLicenses; @@ -31,7 +31,7 @@ in rec { name = "quake3"; - meta = with pkgs.stdenv.lib.maintainers; { + meta = with lib.maintainers; { maintainers = [ domenkozar eelco ]; }; diff --git a/nixos/tests/systemd-cryptenroll.nix b/nixos/tests/systemd-cryptenroll.nix index 9ee2d280fbbea..055ae7d1681f2 100644 --- a/nixos/tests/systemd-cryptenroll.nix +++ b/nixos/tests/systemd-cryptenroll.nix @@ -2,7 +2,6 @@ import ./make-test-python.nix ({ pkgs, ... }: { name = "systemd-cryptenroll"; meta = with pkgs.lib.maintainers; { maintainers = [ ymatsiuk ]; - broken = true; # times out after two hours, details -> https://github.com/NixOS/nixpkgs/issues/167994 }; nodes.machine = { pkgs, lib, ... }: { diff --git a/nixos/tests/systemd-repart.nix b/nixos/tests/systemd-repart.nix new file mode 100644 index 0000000000000..36de5d988fdb1 --- /dev/null +++ b/nixos/tests/systemd-repart.nix @@ -0,0 +1,134 @@ +{ system ? builtins.currentSystem +, config ? { } +, pkgs ? import ../.. { inherit system config; } +}: + +with import ../lib/testing-python.nix { inherit system pkgs; }; +with pkgs.lib; + +let + # A testScript fragment that prepares a disk with some empty, unpartitioned + # space. and uses it to boot the test with. Takes a single argument `machine` + # from which the diskImage is extraced. + useDiskImage = machine: '' + import os + import shutil + import subprocess + import tempfile + + tmp_disk_image = tempfile.NamedTemporaryFile() + + shutil.copyfile("${machine.system.build.diskImage}/nixos.img", tmp_disk_image.name) + + subprocess.run([ + "${pkgs.qemu}/bin/qemu-img", + "resize", + "-f", + "raw", + tmp_disk_image.name, + "+32M", + ]) + + # Fix the GPT table by moving the backup table to the end of the enlarged + # disk image. This is necessary because we increased the size of the disk + # before. The disk needs to be a raw disk because sgdisk can only run on + # raw images. + subprocess.run([ + "${pkgs.gptfdisk}/bin/sgdisk", + "--move-second-header", + tmp_disk_image.name, + ]) + + # Set NIX_DISK_IMAGE so that the qemu script finds the right disk image. + os.environ['NIX_DISK_IMAGE'] = tmp_disk_image.name + ''; + + common = { config, pkgs, lib, ... }: { + virtualisation.useDefaultFilesystems = false; + virtualisation.fileSystems = { + "/" = { + device = "/dev/vda2"; + fsType = "ext4"; + }; + }; + + # systemd-repart operates on disks with a partition table. The qemu module, + # however, creates separate filesystem images without a partition table, so + # we have to create a disk image manually. + # + # This creates two partitions, an ESP mounted on /dev/vda1 and the root + # partition mounted on /dev/vda2 + system.build.diskImage = import ../lib/make-disk-image.nix { + inherit config pkgs lib; + # Use a raw format disk so that it can be resized before starting the + # test VM. + format = "raw"; + # Keep the image as small as possible but leave some room for changes. + bootSize = "32M"; + additionalSpace = "0M"; + # GPT with an EFI System Partition is the typical use case for + # systemd-repart because it does not support MBR. + partitionTableType = "efi"; + # We do not actually care much about the content of the partitions, so we + # do not need a bootloader installed. + installBootLoader = false; + # Improve determinism by not copying a channel. + copyChannel = false; + }; + }; +in +{ + basic = makeTest { + name = "systemd-repart"; + meta.maintainers = with maintainers; [ nikstur ]; + + nodes.machine = { config, pkgs, ... }: { + imports = [ common ]; + + boot.initrd.systemd.enable = true; + + boot.initrd.systemd.repart.enable = true; + systemd.repart.partitions = { + "10-root" = { + Type = "linux-generic"; + }; + }; + }; + + testScript = { nodes, ... }: '' + ${useDiskImage nodes.machine} + + machine.start() + machine.wait_for_unit("multi-user.target") + + systemd_repart_logs = machine.succeed("journalctl --boot --unit systemd-repart.service") + assert "Growing existing partition 1." in systemd_repart_logs + ''; + }; + + after-initrd = makeTest { + name = "systemd-repart-after-initrd"; + meta.maintainers = with maintainers; [ nikstur ]; + + nodes.machine = { config, pkgs, ... }: { + imports = [ common ]; + + systemd.repart.enable = true; + systemd.repart.partitions = { + "10-root" = { + Type = "linux-generic"; + }; + }; + }; + + testScript = { nodes, ... }: '' + ${useDiskImage nodes.machine} + + machine.start() + machine.wait_for_unit("multi-user.target") + + systemd_repart_logs = machine.succeed("journalctl --unit systemd-repart.service") + assert "Growing existing partition 1." in systemd_repart_logs + ''; + }; +} diff --git a/nixos/tests/wireguard/snakeoil-keys.nix b/nixos/tests/wireguard/snakeoil-keys.nix index 55ad582d40595..c979f0e0c8a96 100644 --- a/nixos/tests/wireguard/snakeoil-keys.nix +++ b/nixos/tests/wireguard/snakeoil-keys.nix @@ -6,6 +6,7 @@ peer1 = { privateKey = "uO8JVo/sanx2DOM0L9GUEtzKZ82RGkRnYgpaYc7iXmg="; - publicKey = "Ks9yRJIi/0vYgRmn14mIOQRwkcUGBujYINbMpik2SBI="; + # readFile'd keys may have trailing newlines, emulate this + publicKey = "Ks9yRJIi/0vYgRmn14mIOQRwkcUGBujYINbMpik2SBI=\n"; }; } |