nixos/tests/pinnwand.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / pinnwand.nix
at 23.05-pre 2.5 kB view raw
 1import ./make-test-python.nix ({ pkgs, ...}:
 2let
 3  pythonEnv = pkgs.python3.withPackages (py: with py; [ appdirs toml ]);
 4
 5  port = 8000;
 6  baseUrl = "http://server:${toString port}";
 7
 8  configureSteck = pkgs.writeScript "configure.py" ''
 9    #!${pythonEnv.interpreter}
10    import appdirs
11    import toml
12    import os
13
14    CONFIG = {
15      "base": "${baseUrl}/",
16      "confirm": False,
17      "magic": True,
18      "ignore": True
19    }
20
21    os.makedirs(appdirs.user_config_dir('steck'))
22    with open(os.path.join(appdirs.user_config_dir('steck'), 'steck.toml'), "w") as fd:
23        toml.dump(CONFIG, fd)
24    '';
25in
26{
27  name = "pinnwand";
28  meta = with pkgs.lib.maintainers; {
29    maintainers =[ hexa ];
30  };
31
32  nodes = {
33    server = { config, ... }:
34    {
35      networking.firewall.allowedTCPPorts = [
36        port
37      ];
38
39      services.pinnwand = {
40        enable = true;
41        port = port;
42      };
43    };
44
45    client = { pkgs, ... }:
46    {
47      environment.systemPackages = [ pkgs.steck ];
48    };
49  };
50
51  testScript = ''
52    start_all()
53
54    server.wait_for_unit("pinnwand.service")
55    client.wait_for_unit("network.target")
56
57    # create steck.toml config file
58    client.succeed("${configureSteck}")
59
60    # wait until the server running pinnwand is reachable
61    client.wait_until_succeeds("ping -c1 server")
62
63    # make sure pinnwand is listening
64    server.wait_for_open_port(${toString port})
65
66    # send the contents of /etc/machine-id
67    response = client.succeed("steck paste /etc/machine-id")
68
69    # parse the steck response
70    raw_url = None
71    removal_link = None
72    for line in response.split("\n"):
73        if line.startswith("View link:"):
74            raw_url = f"${baseUrl}/raw/{line.split('/')[-1]}"
75        if line.startswith("Removal link:"):
76            removal_link = line.split(":", 1)[1]
77
78
79    # start the reaper, it shouldn't do anything meaningful here
80    server.systemctl("start pinnwand-reaper.service")
81    server.wait_until_fails("systemctl is-active -q pinnwand-reaper.service")
82    server.log(server.execute("journalctl -u pinnwand-reaper -e --no-pager")[1])
83
84    # check whether paste matches what we sent
85    client.succeed(f"curl {raw_url} > /tmp/machine-id")
86    client.succeed("diff /tmp/machine-id /etc/machine-id")
87
88    # remove paste and check that it's not available any more
89    client.succeed(f"curl {removal_link}")
90    client.fail(f"curl --fail {raw_url}")
91
92    server.log(server.succeed("systemd-analyze security pinnwand"))
93  '';
94})