aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

278
nixos/tests/xmpp/ejabberd.nix Normal file
View file

@ -0,0 +1,278 @@
import ../make-test-python.nix ({ pkgs, ... }: {
name = "ejabberd";
meta = with pkgs.lib.maintainers; {
maintainers = [ ajs124 ];
};
nodes = {
client = { nodes, pkgs, ... }: {
networking.extraHosts = ''
${nodes.server.config.networking.primaryIPAddress} example.com
'';
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
];
};
server = { config, pkgs, ... }: {
networking.extraHosts = ''
${config.networking.primaryIPAddress} example.com
'';
services.ejabberd = {
enable = true;
configFile = "/etc/ejabberd.yml";
};
environment.etc."ejabberd.yml" = {
user = "ejabberd";
mode = "0600";
text = ''
loglevel: 3
hosts:
- "example.com"
listen:
-
port: 5222
module: ejabberd_c2s
zlib: false
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
-
port: 5347
ip: "127.0.0.1"
module: ejabberd_service
access: local
shaper: fast
-
port: 5444
module: ejabberd_http
request_handlers:
"/upload": mod_http_upload
## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
## password storage (see auth_password_format option).
disable_sasl_mechanisms: "digest-md5"
## Outgoing S2S options
## Preferred address families (which to try first) and connect timeout
## in seconds.
outgoing_s2s_families:
- ipv4
- ipv6
## auth_method: Method used to authenticate the users.
## The default method is the internal.
## If you want to use a different method,
## comment this line and enable the correct ones.
auth_method: internal
## Store the plain passwords or hashed for SCRAM:
## auth_password_format: plain
auth_password_format: scram
###' TRAFFIC SHAPERS
shaper:
# in B/s
normal: 1000000
fast: 50000000
## This option specifies the maximum number of elements in the queue
## of the FSM. Refer to the documentation for details.
max_fsm_queue: 1000
###' ACCESS CONTROL LISTS
acl:
## The 'admin' ACL grants administrative privileges to XMPP accounts.
## You can put here as many accounts as you want.
admin:
user:
- "root": "example.com"
## Local users: don't modify this.
local:
user_regexp: ""
## Loopback network
loopback:
ip:
- "127.0.0.0/8"
- "::1/128"
- "::FFFF:127.0.0.1/128"
###' SHAPER RULES
shaper_rules:
## Maximum number of simultaneous sessions allowed for a single user:
max_user_sessions: 10
## Maximum number of offline messages that users can have:
max_user_offline_messages:
- 5000: admin
- 1024
## For C2S connections, all users except admins use the "normal" shaper
c2s_shaper:
- none: admin
- normal
## All S2S connections use the "fast" shaper
s2s_shaper: fast
###' ACCESS RULES
access_rules:
## This rule allows access only for local users:
local:
- allow: local
## Only non-blocked users can use c2s connections:
c2s:
- deny: blocked
- allow
## Only admins can send announcement messages:
announce:
- allow: admin
## Only admins can use the configuration interface:
configure:
- allow: admin
## Only accounts of the local ejabberd server can create rooms:
muc_create:
- allow: local
## Only accounts on the local ejabberd server can create Pubsub nodes:
pubsub_createnode:
- allow: local
## In-band registration allows registration of any possible username.
## To disable in-band registration, replace 'allow' with 'deny'.
register:
- allow
## Only allow to register from localhost
trusted_network:
- allow: loopback
## ===============
## API PERMISSIONS
## ===============
##
## This section allows you to define who and using what method
## can execute commands offered by ejabberd.
##
## By default "console commands" section allow executing all commands
## issued using ejabberdctl command, and "admin access" section allows
## users in admin acl that connect from 127.0.0.1 to execute all
## commands except start and stop with any available access method
## (ejabberdctl, http-api, xmlrpc depending what is enabled on server).
##
## If you remove "console commands" there will be one added by
## default allowing executing all commands, but if you just change
## permissions in it, version from config file will be used instead
## of default one.
##
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
language: "en"
###' MODULES
## Modules enabled in all ejabberd virtual hosts.
modules:
mod_adhoc: {}
mod_announce: # recommends mod_adhoc
access: announce
mod_blocking: {} # requires mod_privacy
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {} # requires mod_adhoc
## mod_delegation: {} # for xep0356
mod_disco: {}
#mod_irc:
# host: "irc.@HOST@"
# default_encoding: "utf-8"
## mod_bosh: {}
## mod_http_fileserver:
## docroot: "/var/www"
## accesslog: "/var/log/ejabberd/access.log"
mod_http_upload:
thumbnail: false # otherwise needs the identify command from ImageMagick installed
put_url: "http://@HOST@:5444/upload"
## # docroot: "@HOME@/upload"
#mod_http_upload_quota:
# max_days: 14
mod_last: {}
## XEP-0313: Message Archive Management
## You might want to setup a SQL backend for MAM because the mnesia database is
## limited to 2GB which might be exceeded on large servers
mod_mam: {}
mod_muc:
host: "muc.@HOST@"
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
mod_muc_admin: {}
mod_muc_log: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
## mod_pres_counter:
## count: 5
## interval: 60
mod_privacy: {}
mod_private: {}
mod_roster:
versioning: true
mod_shared_roster: {}
mod_stats: {}
mod_time: {}
mod_vcard:
search: false
mod_vcard_xupdate: {}
## Convert all avatars posted by Android clients from WebP to JPEG
mod_avatar: {}
# convert:
# webp: jpeg
mod_version: {}
mod_stream_mgmt: {}
## The module for S2S dialback (XEP-0220). Please note that you cannot
## rely solely on dialback if you want to federate with other servers,
## because a lot of servers have dialback disabled and instead rely on
## PKIX authentication. Make sure you have proper certificates installed
## and check your accessibility at https://check.messaging.one/
mod_s2s_dialback: {}
mod_pubsub:
plugins:
- "pep"
mod_push: {}
'';
};
networking.firewall.enable = false;
};
};
testScript = { nodes, ... }: ''
ejabberd_prefix = "su ejabberd -s $(which ejabberdctl) "
server.wait_for_unit("ejabberd.service")
assert "status: started" in server.succeed(ejabberd_prefix + "status")
server.succeed(
ejabberd_prefix + "register azurediamond example.com hunter2",
ejabberd_prefix + "register cthon98 example.com nothunter2",
)
server.fail(ejabberd_prefix + "register asdf wrong.domain")
client.succeed("send-message")
server.succeed(
ejabberd_prefix + "unregister cthon98 example.com",
ejabberd_prefix + "unregister azurediamond example.com",
)
'';
})

124
nixos/tests/xmpp/prosody-mysql.nix Normal file
View file

@ -0,0 +1,124 @@
let
cert = pkgs: pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=example.com/CN=uploads.example.com/CN=conference.example.com' -days 36500
mkdir -p $out
cp key.pem cert.pem $out
'';
createUsers = pkgs: pkgs.writeScriptBin "create-prosody-users" ''
#!${pkgs.bash}/bin/bash
set -e
# Creates and set password for the 2 xmpp test users.
#
# Doing that in a bash script instead of doing that in the test
# script allow us to easily provision the users when running that
# test interactively.
prosodyctl register cthon98 example.com nothunter2
prosodyctl register azurediamond example.com hunter2
'';
delUsers = pkgs: pkgs.writeScriptBin "delete-prosody-users" ''
#!${pkgs.bash}/bin/bash
set -e
# Deletes the test users.
#
# Doing that in a bash script instead of doing that in the test
# script allow us to easily provision the users when running that
# test interactively.
prosodyctl deluser cthon98@example.com
prosodyctl deluser azurediamond@example.com
'';
in import ../make-test-python.nix {
name = "prosody-mysql";
nodes = {
client = { nodes, pkgs, config, ... }: {
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
console.keyMap = "fr-bepo";
networking.extraHosts = ''
${nodes.server.config.networking.primaryIPAddress} example.com
${nodes.server.config.networking.primaryIPAddress} conference.example.com
${nodes.server.config.networking.primaryIPAddress} uploads.example.com
'';
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
];
};
server = { config, pkgs, ... }: {
nixpkgs.overlays = [
(self: super: {
prosody = super.prosody.override {
withExtraLuaPackages = p: [ p.luadbi-mysql ];
};
})
];
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
console.keyMap = "fr-bepo";
networking.extraHosts = ''
${config.networking.primaryIPAddress} example.com
${config.networking.primaryIPAddress} conference.example.com
${config.networking.primaryIPAddress} uploads.example.com
'';
networking.firewall.enable = false;
environment.systemPackages = [
(createUsers pkgs)
(delUsers pkgs)
];
services.prosody = {
enable = true;
ssl.cert = "${cert pkgs}/cert.pem";
ssl.key = "${cert pkgs}/key.pem";
virtualHosts.example = {
domain = "example.com";
enabled = true;
ssl.cert = "${cert pkgs}/cert.pem";
ssl.key = "${cert pkgs}/key.pem";
};
muc = [
{
domain = "conference.example.com";
}
];
uploadHttp = {
domain = "uploads.example.com";
};
extraConfig = ''
storage = "sql"
sql = {
driver = "MySQL";
database = "prosody";
host = "mysql";
port = 3306;
username = "prosody";
password = "password123";
};
'';
};
};
mysql = { config, pkgs, ... }: {
networking.firewall.enable = false;
services.mysql = {
enable = true;
initialScript = pkgs.writeText "mysql_init.sql" ''
CREATE DATABASE prosody;
CREATE USER 'prosody'@'server' IDENTIFIED BY 'password123';
GRANT ALL PRIVILEGES ON prosody.* TO 'prosody'@'server';
FLUSH PRIVILEGES;
'';
package = pkgs.mariadb;
};
};
};
testScript = { nodes, ... }: ''
# Check with mysql storage
mysql.wait_for_unit("mysql.service")
server.wait_for_unit("prosody.service")
server.succeed('prosodyctl status | grep "Prosody is running"')
server.succeed("create-prosody-users")
client.succeed("send-message")
server.succeed("delete-prosody-users")
'';
}

92
nixos/tests/xmpp/prosody.nix Normal file
View file

@ -0,0 +1,92 @@
let
cert = pkgs: pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=example.com/CN=uploads.example.com/CN=conference.example.com' -days 36500
mkdir -p $out
cp key.pem cert.pem $out
'';
createUsers = pkgs: pkgs.writeScriptBin "create-prosody-users" ''
#!${pkgs.bash}/bin/bash
set -e
# Creates and set password for the 2 xmpp test users.
#
# Doing that in a bash script instead of doing that in the test
# script allow us to easily provision the users when running that
# test interactively.
prosodyctl register cthon98 example.com nothunter2
prosodyctl register azurediamond example.com hunter2
'';
delUsers = pkgs: pkgs.writeScriptBin "delete-prosody-users" ''
#!${pkgs.bash}/bin/bash
set -e
# Deletes the test users.
#
# Doing that in a bash script instead of doing that in the test
# script allow us to easily provision the users when running that
# test interactively.
prosodyctl deluser cthon98@example.com
prosodyctl deluser azurediamond@example.com
'';
in import ../make-test-python.nix {
name = "prosody";
nodes = {
client = { nodes, pkgs, config, ... }: {
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
console.keyMap = "fr-bepo";
networking.extraHosts = ''
${nodes.server.config.networking.primaryIPAddress} example.com
${nodes.server.config.networking.primaryIPAddress} conference.example.com
${nodes.server.config.networking.primaryIPAddress} uploads.example.com
'';
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
];
};
server = { config, pkgs, ... }: {
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
console.keyMap = "fr-bepo";
networking.extraHosts = ''
${config.networking.primaryIPAddress} example.com
${config.networking.primaryIPAddress} conference.example.com
${config.networking.primaryIPAddress} uploads.example.com
'';
networking.firewall.enable = false;
environment.systemPackages = [
(createUsers pkgs)
(delUsers pkgs)
];
services.prosody = {
enable = true;
ssl.cert = "${cert pkgs}/cert.pem";
ssl.key = "${cert pkgs}/key.pem";
virtualHosts.example = {
domain = "example.com";
enabled = true;
ssl.cert = "${cert pkgs}/cert.pem";
ssl.key = "${cert pkgs}/key.pem";
};
muc = [
{
domain = "conference.example.com";
}
];
uploadHttp = {
domain = "uploads.example.com";
};
};
};
};
testScript = { nodes, ... }: ''
# Check with sqlite storage
server.wait_for_unit("prosody.service")
server.succeed('prosodyctl status | grep "Prosody is running"')
server.succeed("create-prosody-users")
client.succeed("send-message")
server.succeed("delete-prosody-users")
'';
}

84
nixos/tests/xmpp/xmpp-sendmessage.nix Normal file
View file

@ -0,0 +1,84 @@
{ writeScriptBin, writeText, python3, connectTo ? "localhost" }:
let
dummyFile = writeText "dummy-file" ''
Dear dog,
Please find this *really* important attachment.
Yours truly,
John
'';
in writeScriptBin "send-message" ''
#!${(python3.withPackages (ps: [ ps.slixmpp ])).interpreter}
import logging
import sys
from types import MethodType
from slixmpp import ClientXMPP
from slixmpp.exceptions import IqError, IqTimeout
class CthonTest(ClientXMPP):
def __init__(self, jid, password):
ClientXMPP.__init__(self, jid, password)
self.add_event_handler("session_start", self.session_start)
self.test_succeeded = False
async def session_start(self, event):
try:
# Exceptions in event handlers are printed to stderr but not
# propagated, they do not make the script terminate with a non-zero
# exit code. We use the `test_succeeded` flag as a workaround and
# check it later at the end of the script to exit with a proper
# exit code.
# Additionally, this flag ensures that this event handler has been
# actually run by ClientXMPP, which may well not be the case.
await self.test_xmpp_server()
self.test_succeeded = True
finally:
# Even if an exception happens in `test_xmpp_server()`, we still
# need to disconnect explicitly, otherwise the process will hang
# forever.
self.disconnect(wait=True)
async def test_xmpp_server(self):
log = logging.getLogger(__name__)
self.send_presence()
self.get_roster()
# Sending a test message
self.send_message(mto="azurediamond@example.com", mbody="Hello, this is dog.", mtype="chat")
log.info('Message sent')
# Test http upload (XEP_0363)
try:
url = await self['xep_0363'].upload_file("${dummyFile}",timeout=10)
except:
log.error("ERROR: Cannot run upload command. XEP_0363 seems broken")
sys.exit(1)
log.info('Upload success!')
# Test MUC
# TODO: use join_muc_wait() after slixmpp 1.8.0 is released.
self.plugin['xep_0045'].join_muc('testMucRoom', 'cthon98')
log.info('MUC join success!')
log.info('XMPP SCRIPT TEST SUCCESS')
if __name__ == '__main__':
logging.basicConfig(level=logging.DEBUG,
format='%(levelname)-8s %(message)s')
ct = CthonTest('cthon98@example.com', 'nothunter2')
ct.register_plugin('xep_0071')
ct.register_plugin('xep_0128')
# HTTP Upload
ct.register_plugin('xep_0363')
# MUC
ct.register_plugin('xep_0045')
ct.connect(("server", 5222))
ct.process(forever=False)
if not ct.test_succeeded:
sys.exit(1)
''