pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / akkoma.nix
at 23.11-beta 3.9 kB view raw
1/* 2 End-to-end test for Akkoma. 3 4 Based in part on nixos/tests/pleroma. 5 6 TODO: Test federation. 7*/ 8import ./make-test-python.nix ({ pkgs, package ? pkgs.akkoma, confined ? false, ... }: 9let 10 userPassword = "4LKOrGo8SgbPm1a6NclVU5Wb"; 11 12 provisionUser = pkgs.writers.writeBashBin "provisionUser" '' 13 set -eu -o errtrace -o pipefail 14 15 pleroma_ctl user new jamy jamy@nixos.test --password '${userPassword}' --moderator --admin -y 16 ''; 17 18 tlsCert = pkgs.runCommand "selfSignedCerts" { 19 nativeBuildInputs = with pkgs; [ openssl ]; 20 } '' 21 mkdir -p $out 22 openssl req -x509 \ 23 -subj '/CN=akkoma.nixos.test/' -days 49710 \ 24 -addext 'subjectAltName = DNS:akkoma.nixos.test' \ 25 -keyout "$out/key.pem" -newkey ed25519 \ 26 -out "$out/cert.pem" -noenc 27 ''; 28 29 sendToot = pkgs.writers.writeBashBin "sendToot" '' 30 set -eu -o errtrace -o pipefail 31 32 export REQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" 33 34 echo '${userPassword}' | ${pkgs.toot}/bin/toot login_cli -i "akkoma.nixos.test" -e "jamy@nixos.test" 35 echo "y" | ${pkgs.toot}/bin/toot post "hello world Jamy here" 36 37 # Retrieving timeline with toot currently broken due to incompatible timestamp format 38 # cf. <https://akkoma.dev/AkkomaGang/akkoma/issues/637> and <https://github.com/ihabunek/toot/issues/399> 39 #echo "y" | ${pkgs.toot}/bin/toot timeline | grep -F -q "hello world Jamy here" 40 41 # Test file upload 42 echo "y" | ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none) \ 43 | grep -F -q "https://akkoma.nixos.test/media" 44 ''; 45 46 checkFe = pkgs.writers.writeBashBin "checkFe" '' 47 set -eu -o errtrace -o pipefail 48 49 paths=( / /static/{config,styles}.json /pleroma/admin/ ) 50 51 for path in "''${paths[@]}"; do 52 diff \ 53 <(${pkgs.curl}/bin/curl -f -S -s -o /dev/null -w '%{response_code}' "https://akkoma.nixos.test$path") \ 54 <(echo -n 200) 55 done 56 ''; 57 58 hosts = nodes: '' 59 ${nodes.akkoma.networking.primaryIPAddress} akkoma.nixos.test 60 ${nodes.client.networking.primaryIPAddress} client.nixos.test 61 ''; 62in 63{ 64 name = "akkoma"; 65 nodes = { 66 client = { nodes, pkgs, config, ... }: { 67 security.pki.certificateFiles = [ "${tlsCert}/cert.pem" ]; 68 networking.extraHosts = hosts nodes; 69 }; 70 71 akkoma = { nodes, pkgs, config, ... }: { 72 networking.extraHosts = hosts nodes; 73 networking.firewall.allowedTCPPorts = [ 443 ]; 74 environment.systemPackages = with pkgs; [ provisionUser ]; 75 systemd.services.akkoma.confinement.enable = confined; 76 77 services.akkoma = { 78 enable = true; 79 package = package; 80 config = { 81 ":pleroma" = { 82 ":instance" = { 83 name = "NixOS test Akkoma server"; 84 description = "NixOS test Akkoma server"; 85 email = "akkoma@nixos.test"; 86 notify_email = "akkoma@nixos.test"; 87 registration_open = true; 88 }; 89 90 ":media_proxy" = { 91 enabled = false; 92 }; 93 94 "Pleroma.Web.Endpoint" = { 95 url.host = "akkoma.nixos.test"; 96 }; 97 }; 98 }; 99 100 nginx = { 101 addSSL = true; 102 sslCertificate = "${tlsCert}/cert.pem"; 103 sslCertificateKey = "${tlsCert}/key.pem"; 104 }; 105 }; 106 107 services.nginx.enable = true; 108 services.postgresql.enable = true; 109 }; 110 }; 111 112 testScript = { nodes, ... }: '' 113 start_all() 114 akkoma.wait_for_unit('akkoma-initdb.service') 115 akkoma.systemctl('restart akkoma-initdb.service') # test repeated initialisation 116 akkoma.wait_for_unit('akkoma.service') 117 akkoma.wait_for_file('/run/akkoma/socket'); 118 akkoma.succeed('${provisionUser}/bin/provisionUser') 119 akkoma.wait_for_unit('nginx.service') 120 client.succeed('${sendToot}/bin/sendToot') 121 client.succeed('${checkFe}/bin/checkFe') 122 ''; 123}) 124