Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Additional redwax modules #76417

Merged
merged 1 commit into from Jan 8, 2020
Merged

Additional redwax modules #76417

merged 1 commit into from Jan 8, 2020

Conversation

@dirkx
Copy link
Contributor

@dirkx dirkx commented Dec 24, 2019

Submission of redwax modules to NixOS packages; including comments from review on #75620.

  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
Notify maintainers

cc @

@dirkx dirkx mentioned this pull request Dec 24, 2019
6 of 9 tasks complete
@aanderse
Copy link
Contributor

@aanderse aanderse commented Dec 24, 2019

Do you have a working configuration.nix snippet you used to test this code with that you could share?

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Dec 24, 2019

Aanderse - still working on extracting that -- my test is currently tied in with some proprietary HSM code - which I am swapping for OpenSC/pcsclite.

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Dec 25, 2019

Ok - got a bunch of example files liberated and working in our end to end test.

E.g. for the time stamping: https://pastebin.com/GsSHj3DB

What is the proper way to add an example to a pull request ? Or make it part of the overal body of examples ?

@aanderse
Copy link
Contributor

@aanderse aanderse commented Dec 30, 2019

@dirkx looking good 👍

I'm playing with your test example and will get back to you in the next couple days... but I think this is good to merge. Thanks for the work on this!

@aanderse
Copy link
Contributor

@aanderse aanderse commented Dec 30, 2019

@dirkx I threw together a nixos test. Generally we don't make nixos tests for packages, just modules, unless there is a pressing need. Personally I think we should have tests for packages which do cool things like this one... 😎 but I'll leave that decision up to someone else. Take a look and see if my test makes sense based on your pastebin: master...aanderse:redwax

NOTE: There have been some changes to the httpd module since you created your PR so the configuration I have is a little bit off what you had.

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Dec 30, 2019

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Dec 31, 2019

Slightly simplified and more realistic test at https://gist.github.com/dirkx/e4dc43ebcea0b3f372f5d6a3dce302e5.

Is it ok to use things like <(echo foo) in these scripts - or strictly bourne-shell neutral ?

@aanderse
Copy link
Contributor

@aanderse aanderse commented Jan 1, 2020

@GrahamcOfBorg build mod_ca mod_crl mod_csr mod_ocsp mod_scep mod_pkcs12 mod_spkac mod_timestamp

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Jan 1, 2020

@aanderse is there a way to kick off the tests `raw' without firing up the kvm/qemu isolation (as this is 90+ second affair from the docker containers that I use) ?

@dirkx dirkx closed this Jan 1, 2020
@dirkx dirkx reopened this Jan 1, 2020
@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Jan 1, 2020

Did not mean to close this. Slip of the mouse/finger.

@aanderse aanderse merged commit e9d3a3c into NixOS:master Jan 8, 2020
16 checks passed
16 checks passed
Evaluation Performance Report Evaluator Performance Report
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-maintainers matching changed paths to changed attrs...
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A darwin-tested
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release-combined.nix -A tested
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
mod_ca, mod_crl, mod_csr, mod_ocsp, mod_pkcs12, mod_scep, mod_spkac, mod_timestamp on aarch64-linux Success
Details
mod_ca, mod_crl, mod_csr, mod_ocsp, mod_pkcs12, mod_scep, mod_spkac, mod_timestamp on x86_64-darwin Success
Details
mod_ca, mod_crl, mod_csr, mod_ocsp, mod_pkcs12, mod_scep, mod_spkac, mod_timestamp on x86_64-linux Success
Details
@aanderse
Copy link
Contributor

@aanderse aanderse commented Jan 8, 2020

@dirkx thanks again for contributing this! I'm excited to see someone using apache httpd like this on NixOS.

@aanderse is there a way to kick off the tests `raw' without firing up the kvm/qemu isolation (as this is 90+ second affair from the docker containers that I use) ?

I think NixOS tests are tied to qemu, but I don't know all the details because I've never looked at the implementation. If you post questions like this on https://discourse.nixos.org/ you will get great answers... better than I can give you 😄

@dirkx
Copy link
Contributor Author

@dirkx dirkx commented Jan 8, 2020

Ack - will do & will do a PR for the test/example use cases for the other modules too.

@dirkx dirkx deleted the dirkx:redwax-modules branch Jan 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.