Add Synit overrides to depend on network milestone

Add container service for the simple PostgreSQL variant
- Add missing name parameter to the test function
2023-11-25 19:22:02 +02:00 · 2023-09-22 00:13:47 +02:00 · 2023-09-20 18:36:47 +02:00 · 2022-05-31 18:43:50 +02:00 · 2022-01-30 18:07:47 +01:00 · 2022-01-29 13:34:19 +01:00
46 changed files with 422 additions and 18 deletions
--- a/service-containers-agnostic/apache-tomcat/disnix-appserving-tomcat.nix
+++ b/service-containers-agnostic/apache-tomcat/disnix-appserving-tomcat.nix
@ -1,4 +1,4 @@
-{tomcatConstructorFun, lib, tomcat, libmatthew_java, dbus_java, DisnixWebService, dysnomia, stateDir}:
+{tomcatConstructorFun, lib, tomcat, libmatthew_java, dbus_java, DisnixWebService, dysnomia, stateDir, processManager}:

 {dbus-daemon, ...}@args:

@ -14,5 +14,8 @@ import ./simple-appserving-tomcat.nix {
   "${dbus_java}/share/java/dbus.jar"
  ];
  webapps = instanceArgs.webapps or [ tomcat.webapps ] ++ [ DisnixWebService ];
-  dependencies = instanceArgs.dependencies or [] ++ [ dbus-daemon.pkg ];
+  dependencies = instanceArgs.dependencies or []
+    # If we use systemd, we should not add dbus-daemon as a dependency. It causes infinite recursion.
+    # Moreover, since D-Bus is already enabled for systemd, there is no reason to wait for it anyway.
+    ++ lib.optional (dbus-daemon != null && processManager != "systemd") dbus-daemon.pkg;
 })
--- a/service-containers-agnostic/constructors.nix
+++ b/service-containers-agnostic/constructors.nix
@ -38,7 +38,7 @@ in
  };

  disnixAppservingTomcat = import ./apache-tomcat/disnix-appserving-tomcat.nix {
-    inherit stateDir;
+    inherit stateDir processManager;
    inherit (pkgs) lib libmatthew_java dbus_java DisnixWebService;
    tomcat = pkgs.tomcat9;
    tomcatConstructorFun = constructors.simpleAppservingTomcat;
@ -89,6 +89,15 @@ in
    });
  };

+  simplePostgresql = import ./postgresql/simplepostgresql.nix {
+    inherit runtimeDir;
+    inherit (pkgs) lib;
+    postgresqlConstructorFun = constructors.simplePostgresql;
+    dysnomia = pkgs.dysnomia.override (origArgs: {
+      enablePostgreSQLDatabase = true;
+    });
+  };
+
  extendableSupervisord = import ./supervisord/extendable.nix {
    inherit libDir;
    inherit (pkgs) lib;
--- a/service-containers-agnostic/postgresql/default.nix
+++ b/service-containers-agnostic/postgresql/default.nix
@ -30,6 +30,7 @@ in
 rec {
  name = instanceName;
  postgresqlPort = port;
+  postgresqlRuntimeDir = "${runtimeDir}/${instanceName}";
  postgresqlUsername = username;

  inherit pkg;
--- a/service-containers-agnostic/postgresql/simplepostgresql.nix
+++ b/service-containers-agnostic/postgresql/simplepostgresql.nix
@ -0,0 +1,45 @@
+{postgresqlConstructorFun, lib, dysnomia, runtimeDir}:
+
+{ instanceSuffix ? "", instanceName ? "postgresql${instanceSuffix}"
+, containerName ? "postgresql-database${instanceSuffix}"
+, port ? 5432
+, authentication ? null
+, identMap ? null
+, enableTCPIP ? false
+, settings ? {}
+, type ? null
+, properties ? {}
+}:
+
+let
+  username = instanceName;
+
+  pkg = postgresqlConstructorFun {
+    inherit instanceName instanceSuffix port authentication identMap enableTCPIP settings;
+    postInstall = ''
+      # Add Dysnomia container configuration file for PostgreSQL
+      mkdir -p $out/etc/dysnomia/containers
+      cat > $out/etc/dysnomia/containers/${containerName} <<EOF
+      postgresqlPort=${toString port}
+      postgresqlRuntimeDir=${runtimeDir}/${instanceName}
+      postgresqlUsername=${username}
+      EOF
+
+      # Copy the Dysnomia module that manages a PostgreSQL database
+      mkdir -p $out/libexec/dysnomia
+      ln -s ${dysnomia}/libexec/dysnomia/postgresql-database $out/libexec/dysnomia
+    '';
+  };
+in
+rec {
+  name = instanceName;
+  postgresqlPort = port;
+  postgresqlRuntimeDir = "${runtimeDir}/${instanceName}";
+  postgresqlUsername = username;
+
+  inherit pkg;
+
+  providesContainer = containerName;
+} // lib.optionalAttrs (type != null) {
+  inherit type;
+} // properties
--- a/services-agnostic/agetty/default.nix
+++ b/services-agnostic/agetty/default.nix
@ -0,0 +1,14 @@
+{createManagedProcess, util-linux}:
+{port, instanceName ? "agetty-${port}", baudrate ? 9600, extraOptions ? []}:
+
+createManagedProcess {
+  inherit instanceName;
+  foregroundProcess = "${util-linux}/bin/agetty";
+  args = extraOptions ++ [ port baudrate ];
+
+  overrides = {
+    sysvinit = {
+      runlevels = [ 2 3 4 5 ];
+    };
+  };
+}
--- a/services-agnostic/apache/default.nix
+++ b/services-agnostic/apache/default.nix
@ -34,6 +34,9 @@ createManagedProcess {
  };

  overrides = {
+    synit = {
+      depends-on = [ "<service-state <milestone network> up>>" ];
+    };
    sysvinit = {
      runlevels = [ 3 4 5 ];
    };
--- a/services-agnostic/apache/simple-webapp-apache.nix
+++ b/services-agnostic/apache/simple-webapp-apache.nix
@ -15,6 +15,11 @@
 }:

 let
+  phpPackage = php.override {
+    apxs2Support = true;
+    inherit apacheHttpd;
+  };
+
  user = instanceName;
  group = instanceName;

@ -51,8 +56,8 @@ let
      preferLocalBuild = true;
    }
    ''
-      cat ${php}/etc/php.ini > $out
-      cat ${php.phpIni} > $out
+      cat ${phpPackage}/etc/php.ini > $out
+      cat ${phpPackage.phpIni} > $out
    '';
 in
 import ./default.nix {
@ -106,7 +111,7 @@ import ./default.nix {
        '' else throw "Unknown type for module!"
      ) modules}
      ${lib.optionalString enablePHP ''
-        LoadModule php7_module ${php}/modules/libphp7.so
+        LoadModule php_module ${phpPackage}/modules/libphp.so
      ''}

      ServerAdmin ${serverAdmin}
--- a/services-agnostic/constructors.nix
+++ b/services-agnostic/constructors.nix
@ -169,13 +169,13 @@ in

  supervisord = import ./supervisord {
    inherit createManagedProcess runtimeDir logDir;
-    inherit (pkgs.pythonPackages) supervisor;
+    inherit (pkgs.python3Packages) supervisor;
  };

  extendableSupervisord = import ./supervisord/extendable.nix {
    inherit createManagedProcess libDir runtimeDir logDir;
    inherit (pkgs) writeTextFile;
-    inherit (pkgs.pythonPackages) supervisor;
+    inherit (pkgs.python3Packages) supervisor;
  };

  svnserve = import ./svnserve {
@ -197,4 +197,19 @@ in
    inherit createManagedProcess runtimeDir tmpDir libDir forceDisableUserChange callingUser;
    inherit (pkgs) lib xinetd writeTextFile;
  };
+
+  vsftpd = import ./vsftpd {
+    inherit createManagedProcess;
+    inherit (pkgs) vsftpd;
+  };
+
+  simpleVsftpd = import ./vsftpd/simple.nix {
+    inherit createManagedProcess forceDisableUserChange logDir libDir callingUser callingGroup;
+    inherit (pkgs) stdenv vsftpd writeTextFile lib;
+  };
+
+  agetty = import ./agetty {
+    inherit createManagedProcess;
+    inherit (pkgs) util-linux;
+  };
 }
--- a/services-agnostic/disnix-service/dysnomia-env.nix
+++ b/services-agnostic/disnix-service/dysnomia-env.nix
@ -39,7 +39,7 @@ let
    inherit processManager;
  };

-  processManagerContainer = lib.recursiveUpdate (stdenv.lib.optionalAttrs (processManager == "supervisord") {
+  processManagerContainer = lib.recursiveUpdate (lib.optionalAttrs (processManager == "supervisord") {
    supervisord-program = {
      supervisordTargetDir = "/etc/supervisor/conf.d";
    };
--- a/services-agnostic/hydra/hydra-queue-runner.nix
+++ b/services-agnostic/hydra/hydra-queue-runner.nix
@ -44,7 +44,7 @@ createManagedProcess {

    if [ "$found" != "1" ]
    then
-        echo "ERRORDatabase was still not created!" >&2
+        echo "ERROR: Database was still not created!" >&2
        exit 1
    fi
  '';
--- a/services-agnostic/nginx/default.nix
+++ b/services-agnostic/nginx/default.nix
@ -43,6 +43,9 @@ createManagedProcess {
  };

  overrides = {
+    synit = {
+      depends-on = [ "<service-state <milestone network> up>>" ];
+    };
    sysvinit = {
      runlevels = [ 3 4 5 ];
    };
--- a/services-agnostic/nginx/simple-webapp-nginx.nix
+++ b/services-agnostic/nginx/simple-webapp-nginx.nix
@ -5,6 +5,8 @@
 , instanceName ? "nginx${instanceSuffix}"
 , documentRoot ? ../http-server-common/webapp
 , workerConnections ? 190000
+, extraConfig ? ""
+, extraHTTPConfig ? ""
 }:

 let
@ -48,7 +50,11 @@ import ./default.nix {
          listen ${toString port};
          root ${documentRoot};
        }
+
+        ${extraHTTPConfig}
      }
+
+      ${extraConfig}
    '';
  };
 }
--- a/services-agnostic/sshd/default.nix
+++ b/services-agnostic/sshd/default.nix
@ -70,6 +70,9 @@ createManagedProcess {
  };

  overrides = {
+    synit = {
+      depends-on = [ "<service-state <milestone network> up>>" ];
+    };
    sysvinit = {
      runlevels = [ 3 4 5 ];
    };
--- a/services-agnostic/svnserve/default.nix
+++ b/services-agnostic/svnserve/default.nix
@ -26,6 +26,9 @@ createManagedProcess {
  daemonExtraArgs = [ "--pid-file" pidFile ];

  overrides = {
+    synit = {
+      depends-on = [ "<service-state <milestone network> up>>" ];
+    };
    sysvinit = {
      runlevels = [ 3 4 5 ];
    };
--- a/services-agnostic/vsftpd/default.nix
+++ b/services-agnostic/vsftpd/default.nix
@ -0,0 +1,34 @@
+{createManagedProcess, vsftpd}:
+{instanceSuffix ? "", instanceName ? "vsftpd${instanceSuffix}", initialize ? "", configFile}:
+
+let
+  user = instanceName;
+  group = instanceName;
+in
+createManagedProcess {
+  inherit instanceName initialize;
+
+  foregroundProcess = "${vsftpd}/bin/vsftpd";
+  args = [ configFile ];
+
+  credentials = {
+    groups = {
+      "${group}" = {};
+    };
+    users = {
+      "${user}" = {
+        inherit group;
+        description = "vsftpd user";
+      };
+    };
+  };
+
+  overrides = {
+    synit = {
+      depends-on = [ "<service-state <milestone network> up>>" ];
+    };
+    sysvinit = {
+      runlevels = [ 3 4 5 ];
+    };
+  };
+}
--- a/services-agnostic/vsftpd/simple.nix
+++ b/services-agnostic/vsftpd/simple.nix
@ -0,0 +1,78 @@
+{createManagedProcess, stdenv, vsftpd, writeTextFile, lib, logDir, libDir, forceDisableUserChange, callingUser, callingGroup}:
+
+{ instanceSuffix ? ""
+, instanceName ? "vsftpd${instanceSuffix}"
+, dataPort ? 20
+, listenPort ? dataPort + 1
+, options ? {}
+, enableAnonymousUser ? false
+, anonymousUsername ? "ftp"
+, anonymousRoot ? if forceDisableUserChange then "/home/${callingUser}" else "/home/${anonymousUsername}"
+}:
+
+let
+  user = instanceName;
+  group = instanceName;
+
+  vsftpdLogDir = "${logDir}/${instanceName}";
+
+  configFile = writeTextFile {
+    name = "vsftpd.conf";
+    text =
+      lib.optionalString (stdenv.isLinux) ''
+        seccomp_sandbox=NO
+      ''
+      +
+      ''
+        vsftpd_log_file=${vsftpdLogDir}/vsftpd.log
+        xferlog_file=${vsftpdLogDir}/xferlog
+      '' +
+      (if forceDisableUserChange then ''
+        run_as_launching_user=YES
+        ftp_username=${callingUser}
+      '' else ''
+        nopriv_user=${user}
+        ftp_username=${if enableAnonymousUser then anonymousUsername else "nobody"}
+        pam_service_name=vsftpd
+        secure_chroot_dir=/var/empty
+      '')
+      + ''
+        ftp_data_port=${toString dataPort}
+        listen_port=${toString listenPort}
+      ''
+      + lib.optionalString enableAnonymousUser ''
+        anon_root=${anonymousRoot}
+      ''
+      + lib.concatMapStrings (name:
+        let
+          value = builtins.getAttr name options;
+        in
+        "${name}=${toString value}\n"
+      ) (builtins.attrNames options);
+  };
+in
+import ./default.nix {
+  inherit createManagedProcess vsftpd;
+} {
+  inherit instanceSuffix instanceName;
+
+  # When running as unprivileged user, we need to make a copy of the config file and make the calling user the owner
+  configFile = if forceDisableUserChange then "${libDir}/${instanceName}/vsftpd.conf" else configFile;
+
+  initialize =
+    ''
+      mkdir -p ${vsftpdLogDir}
+    ''
+    +
+    # Make the unprivileged user the owner of the config file
+    lib.optionalString forceDisableUserChange
+      (let
+        dynamicConfigFile = "${libDir}/${instanceName}/vsftpd.conf";
+      in
+      ''
+        mkdir -p ${libDir}/${instanceName}
+        cp ${configFile} ${dynamicConfigFile}
+        chmod u+w ${dynamicConfigFile}
+        chown ${callingUser}:${callingGroup} ${dynamicConfigFile}
+      '');
+}
--- a/tests/agetty/note.md
+++ b/tests/agetty/note.md
@ -0,0 +1,9 @@
+This test is for setting up a connection with a null modem cable that works
+to link up my PC with my Commodore Amiga 500.
+
+It cannot be automated with the NixOS test driver, but you can manually deploy
+it by running the following command as root user:
+
+```bash
+nixproc-supervisord-deploy-stateless processes.nix
+```
--- a/tests/agetty/processes.nix
+++ b/tests/agetty/processes.nix
@ -0,0 +1,28 @@
+{ pkgs ? import <nixpkgs> { inherit system; }
+, system ? builtins.currentSystem
+, stateDir ? "/var"
+, runtimeDir ? "${stateDir}/run"
+, logDir ? "${stateDir}/log"
+, spoolDir ? "${stateDir}/spool"
+, cacheDir ? "${stateDir}/cache"
+, libDir ? "${stateDir}/lib"
+, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
+, forceDisableUserChange ? false
+, processManager
+, nix-processmgmt ? ../../../nix-processmgmt
+}:
+
+let
+  constructors = import ../../services-agnostic/constructors.nix {
+    inherit pkgs stateDir runtimeDir logDir tmpDir cacheDir libDir spoolDir forceDisableUserChange processManager nix-processmgmt;
+  };
+in
+{
+  agetty-nullmodem = {
+    pkg = constructors.agetty {
+      baudrate = 19200;
+      port = "ttyUSB0";
+      extraOptions = [ "--flow-control" ];
+    };
+  };
+}
--- a/tests/apache-tomcat-ajp-reverse-proxy/default.nix
+++ b/tests/apache-tomcat-ajp-reverse-proxy/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "apache-tomcat-ajp-reverse-proxy";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/apache-tomcat/default.nix
+++ b/tests/apache-tomcat/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "apache-tomcat";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/apache/default.nix
+++ b/tests/apache/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "apache";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
@ -13,7 +14,7 @@ testService {

  tests = {instanceName, instance, ...}:
    ''
-      machine.succeed("curl --fail http://localhost:${toString instance.port} | grep 'Hello world!'")
+      machine.succeed("curl --fail http://localhost:${toString instance.port} | grep 'Hello world'")
    '';

  inherit processManagers profiles;
--- a/tests/apache/processes.nix
+++ b/tests/apache/processes.nix
@ -50,7 +50,7 @@ let
          </head>

          <body>
-              <h1><?php print("Hello world!"); ?></h1>
+              <h1><?php print("Hello world from PHP!"); ?></h1>
          </body>
      </html>
      EOF
--- a/tests/default.nix
+++ b/tests/default.nix
@ -104,4 +104,8 @@ in
  xinetd-extendable = import ./xinetd/extendable {
    inherit pkgs processManagers profiles testService nix-processmgmt;
  };
+
+  vsftpd = import ./vsftpd {
+    inherit pkgs processManagers profiles testService nix-processmgmt;
+  };
 }
--- a/tests/disnix/apache-mysql/default.nix
+++ b/tests/disnix/apache-mysql/default.nix
@ -4,6 +4,7 @@ let
  env = "NIX_PATH='nixpkgs=${<nixpkgs>}' SSH_OPTS='-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' DISNIX_REMOTE_CLIENT=disnix-client";
 in
 testService {
+  name = "disnix-with-apache-mysql";
  exprFile = ../../../example-deployments/disnix/processes-with-apache-mysql.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/disnix/bare/default.nix
+++ b/tests/disnix/bare/default.nix
@ -4,6 +4,7 @@ let
  env = "NIX_PATH='nixpkgs=${<nixpkgs>}' SSH_OPTS='-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' DISNIX_REMOTE_CLIENT=disnix-client";
 in
 testService {
+  name = "disnix";
  exprFile = ../../../example-deployments/disnix/processes-bare.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/disnix/tomcat-mysql-multi-instance/default.nix
+++ b/tests/disnix/tomcat-mysql-multi-instance/default.nix
@ -4,6 +4,7 @@ let
  env = "NIX_PATH='nixpkgs=${<nixpkgs>}' SSH_OPTS='-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' DISNIX_REMOTE_CLIENT=disnix-client";
 in
 testService {
+  name = "disnix-with-tomcat-mysql-multi-instance";
  exprFile = ../../../example-deployments/disnix/processes-with-tomcat-mysql-multi-instance.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/disnix/tomcat-mysql/default.nix
+++ b/tests/disnix/tomcat-mysql/default.nix
@ -4,6 +4,7 @@ let
  env = "NIX_PATH='nixpkgs=${<nixpkgs>}' DISNIX_CLIENT_INTERFACE=disnix-soap-client DISNIX_TARGET_PROPERTY=targetEPR DISNIX_SOAP_CLIENT_USERNAME=admin DISNIX_SOAP_CLIENT_PASSWORD=secret";
 in
 testService {
+  name = "disnix-with-tomcat-mysql";
  exprFile = ../../../example-deployments/disnix/processes-with-tomcat-mysql.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/docker/default.nix
+++ b/tests/docker/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "docker";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/fcron/default.nix
+++ b/tests/fcron/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "fcron";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/hydra/default.nix
+++ b/tests/hydra/default.nix
@ -62,6 +62,7 @@ let
  };
 in
 testService {
+  name = "hydra";
  exprFile = ../../example-deployments/hydra/processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/influxdb/default.nix
+++ b/tests/influxdb/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "influxdb";
  exprFile = ./processes.nix;
  systemPackages = [ pkgs.influxdb ];
  extraParams = {
--- a/tests/mongodb/default.nix
+++ b/tests/mongodb/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "mongodb";
  exprFile = ./processes.nix;
  systemPackages = [ pkgs.mongodb ];
  nixosConfig = {
--- a/tests/mysql/default.nix
+++ b/tests/mysql/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "mysql";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/nginx/reverse-proxy-hostbased/default.nix
+++ b/tests/nginx/reverse-proxy-hostbased/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "nginx-reverse-proxy-hostbased";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/nginx/reverse-proxy-hostbased/processes.nix
+++ b/tests/nginx/reverse-proxy-hostbased/processes.nix
@ -93,7 +93,7 @@ rec {
  };

  nginx2 = rec {
-    port = if forceDisableUserChange then 8081 else 8080;
+    port = if forceDisableUserChange then 8081 else 81;
    webapps = [ webapp5 webapp6 ];

    pkg = sharedConstructors.nginxReverseProxyHostBased {
--- a/tests/nginx/reverse-proxy-pathbased/default.nix
+++ b/tests/nginx/reverse-proxy-pathbased/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "nginx-reverse-proxy-pathbased";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/nginx/simple-webapp/default.nix
+++ b/tests/nginx/simple-webapp/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "nginx";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/postgresql/default.nix
+++ b/tests/postgresql/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "postgresql";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/s6-svscan/default.nix
+++ b/tests/s6-svscan/default.nix
@ -41,6 +41,7 @@ let
    };
 in
 testService {
+  name = "s6-svscan";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/sshd/default.nix
+++ b/tests/sshd/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "sshd";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
@ -32,11 +33,11 @@ testService {
    # Make a special exception for the first instance running in privileged mode. It should be connectible with the default settings
    if instanceName == "sshd" && !forceDisableUserChange then ''
      machine.succeed(
-          "ssh -i key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost $(type -p ls) /"
+          "ssh -i key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost $(type -p ls) / >&2"
      )
    '' else ''
      machine.succeed(
-          "${pkgs.lib.optionalString forceDisableUserChange "su unprivileged -c '"}ssh -p ${toString instance.port} -i key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost $(type -p ls) /${pkgs.lib.optionalString forceDisableUserChange "'"}"
+          "${pkgs.lib.optionalString forceDisableUserChange "su unprivileged -c '"}ssh -p ${toString instance.port} -i key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost $(type -p ls) /${pkgs.lib.optionalString forceDisableUserChange "'"} >&2"
      )
    '';

--- a/tests/supervisord/default.nix
+++ b/tests/supervisord/default.nix
@ -26,11 +26,12 @@ let
    };
 in
 testService {
+  name = "supervisord";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
  };
-  systemPackages = [ pkgs.pythonPackages.supervisor ];
+  systemPackages = [ pkgs.python3Packages.supervisor ];

  readiness = {instanceName, instance, ...}:
    ''
--- a/tests/svnserve/default.nix
+++ b/tests/svnserve/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "svnserve";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/vsftpd/default.nix
+++ b/tests/vsftpd/default.nix
@ -0,0 +1,45 @@
+{ pkgs, testService, processManagers, profiles, nix-processmgmt }:
+
+testService {
+  name = "vsftpd";
+  exprFile = ./processes.nix;
+  extraParams = {
+    inherit nix-processmgmt;
+  };
+
+  nixosConfig = {
+    users.users.ftp = {
+      description = "Anonymous FTP user";
+      isNormalUser = true;
+      createHome = true;
+      password = "secret";
+    };
+  };
+
+  systemPackages = [ pkgs.inetutils ];
+
+  readiness = {instanceName, instance, ...}:
+    ''
+      machine.wait_for_open_port(${toString instance.listenPort})
+    '';
+
+  tests = {instanceName, instance, forceDisableUserChange, ...}:
+    if forceDisableUserChange then ''
+      machine.succeed("echo test > /home/unprivileged/test.txt")
+      machine.succeed("chown unprivileged:users /home/unprivileged/test.txt")
+      machine.succeed('(echo "user anonymous foobar"; echo "ls") | ftp -n 127.0.0.1 ${toString instance.listenPort} >&2')
+      machine.succeed("curl --fail ftp://anonymous@localhost:${toString instance.listenPort}/test.txt -o test.txt")
+      machine.succeed("grep test test.txt")
+      machine.succeed("rm test.txt")
+    '' else ''
+      machine.succeed("echo test > /home/ftp/test.txt")
+      machine.succeed("chown ftp:users /home/ftp/test.txt")
+      machine.succeed("chmod a-w /home/ftp")
+      machine.succeed('(echo "user anonymous foobar"; echo "ls") | ftp -n 127.0.0.1 ${pkgs.lib.optionalString (instance.listenPort != 21) (toString instance.listenPort)} >&2')
+      machine.succeed("curl -v --fail ftp://anonymous@localhost${pkgs.lib.optionalString (instance.listenPort != 21) ":${toString instance.listenPort}"}/test.txt -o test.txt 2>&1")
+      machine.succeed("grep test test.txt")
+      machine.succeed("rm test.txt")
+    '';
+
+  inherit processManagers profiles;
+}
--- a/tests/vsftpd/processes.nix
+++ b/tests/vsftpd/processes.nix
@ -0,0 +1,54 @@
+{ pkgs ? import <nixpkgs> { inherit system; }
+, system ? builtins.currentSystem
+, stateDir ? "/var"
+, runtimeDir ? "${stateDir}/run"
+, logDir ? "${stateDir}/log"
+, spoolDir ? "${stateDir}/spool"
+, cacheDir ? "${stateDir}/cache"
+, libDir ? "${stateDir}/lib"
+, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
+, forceDisableUserChange ? false
+, callingUser ? null
+, callingGroup ? null
+, processManager
+, nix-processmgmt ? ../../../nix-processmgmt
+}:
+
+let
+  constructors = import ../../services-agnostic/constructors.nix {
+    inherit pkgs stateDir runtimeDir logDir tmpDir cacheDir libDir spoolDir forceDisableUserChange callingUser callingGroup processManager nix-processmgmt;
+  };
+in
+{
+  vsftpd = rec {
+    dataPort = if forceDisableUserChange then 2000 else 20;
+    listenPort = if forceDisableUserChange then 2001 else 21;
+
+    pkg = constructors.simpleVsftpd {
+      inherit dataPort listenPort;
+      enableAnonymousUser = true;
+      options = {
+        dual_log_enable = "YES";
+        local_enable = "YES";
+        anon_world_readable_only = "NO";
+      };
+    };
+  };
+
+  vsftpd-secondary = rec {
+    dataPort = if forceDisableUserChange then 2010 else 30;
+    listenPort = if forceDisableUserChange then 2011 else 31;
+
+    pkg = constructors.simpleVsftpd {
+      inherit dataPort listenPort;
+      enableAnonymousUser = true;
+
+      instanceSuffix = "-secondary";
+      options = {
+        dual_log_enable = "YES";
+        local_enable = "YES";
+        anon_world_readable_only = "NO";
+      };
+    };
+  };
+}
--- a/tests/xinetd/declarative/default.nix
+++ b/tests/xinetd/declarative/default.nix
@ -1,6 +1,7 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "xinetd";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
--- a/tests/xinetd/extendable/default.nix
+++ b/tests/xinetd/extendable/default.nix
@ -1,13 +1,14 @@
 { pkgs, testService, processManagers, profiles, nix-processmgmt }:

 testService {
+  name = "xinetd-extendable";
  exprFile = ./processes.nix;
  extraParams = {
    inherit nix-processmgmt;
  };
  systemPackages = [ pkgs.inetutils ];

-  tests = {instanceName, instance, stateDir, runtimeDir, forceDisableUserChange, ...}:
+  tests = {instanceName, instance, processManager, stateDir, runtimeDir, forceDisableUserChange, ...}:
    if instanceName == "xinetd-primary" then
      let
        tftpService = pkgs.writeTextFile {
@ -33,8 +34,27 @@ testService {
        machine.succeed(
            "cp ${tftpService} ${stateDir}/lib/${instanceName}/xinetd.d"
        )
-        machine.succeed("kill -HUP $(cat ${runtimeDir}/${instanceName}.pid)")

+      ''
+      + (if processManager == "sysvinit" then
+        ''
+          machine.succeed("kill -HUP $(cat ${runtimeDir}/${instanceName}.pid)")
+        ''
+        else if processManager == "systemd" then
+        ''
+          machine.succeed("systemctl restart nix-process-${instanceName}")
+        ''
+        else if processManager == "supervisord" then
+        ''
+          machine.succeed("supervisorctl restart ${instanceName}")
+        ''
+        else if processManager == "s6-rc" then
+        ''
+          machine.succeed("s6-rc -d change ${instanceName}")
+          machine.succeed("s6-rc -u change ${instanceName}")
+        ''
+        else throw "Process manager not supported: ${processManager}")
+      + ''
        machine.succeed("echo hello > ${stateDir}/hello.txt")
        # fmt: off
        machine.succeed(
Author	SHA1	Message	Date
Emery Hemingway	8c504a5f0d	Add Synit overrides to depend on network milestone	2023-11-25 19:22:02 +02:00
Sander van der Burg	8639182fa4	Add container service for the simple PostgreSQL variant	2023-09-22 00:13:47 +02:00
Sander van der Burg	479afcda26	- Add missing name parameter to the test function - Fix PHP deployment - xinetd only accepts HUP when it runs as a daemon, for foreground process use a restart	2023-09-20 18:36:47 +02:00
Sander van der Burg	80e510ab58	Fix supervisor package reference	2022-05-31 18:43:50 +02:00
Sander van der Burg	2a5fc3449d	Add agetty service and null modem test	2022-01-30 18:07:47 +01:00
Sander van der Burg	06b1f460a6	Fix deploying PHP 8.x	2022-01-29 13:34:19 +01:00
Sander van der Burg	364cdea9e2	Add parameters that make it possible to tweak the configuration	2022-01-19 21:13:09 +01:00
Sander van der Burg	fc920c4556	Add vsftpd service	2021-09-13 22:44:01 +02:00
Sander van der Burg	465225cc62	Fix port number	2021-04-25 00:34:08 +02:00
Sander van der Burg	c3f8ac395e	Fix infinite recursion problem on systemd	2021-04-24 13:55:51 +02:00