pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / akkoma.nix
at 23.11-pre 3.7 kB view raw
1/* 2 End-to-end test for Akkoma. 3 4 Based in part on nixos/tests/pleroma. 5 6 TODO: Test federation. 7*/ 8import ./make-test-python.nix ({ pkgs, package ? pkgs.akkoma, confined ? false, ... }: 9let 10 userPassword = "4LKOrGo8SgbPm1a6NclVU5Wb"; 11 12 provisionUser = pkgs.writers.writeBashBin "provisionUser" '' 13 set -eu -o errtrace -o pipefail 14 15 pleroma_ctl user new jamy jamy@nixos.test --password '${userPassword}' --moderator --admin -y 16 ''; 17 18 tlsCert = pkgs.runCommand "selfSignedCerts" { 19 nativeBuildInputs = with pkgs; [ openssl ]; 20 } '' 21 mkdir -p $out 22 openssl req -x509 \ 23 -subj '/CN=akkoma.nixos.test/' -days 49710 \ 24 -addext 'subjectAltName = DNS:akkoma.nixos.test' \ 25 -keyout "$out/key.pem" -newkey ed25519 \ 26 -out "$out/cert.pem" -noenc 27 ''; 28 29 sendToot = pkgs.writers.writeBashBin "sendToot" '' 30 set -eu -o errtrace -o pipefail 31 32 export REQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" 33 34 echo '${userPassword}' | ${pkgs.toot}/bin/toot login_cli -i "akkoma.nixos.test" -e "jamy@nixos.test" 35 echo "y" | ${pkgs.toot}/bin/toot post "hello world Jamy here" 36 echo "y" | ${pkgs.toot}/bin/toot timeline | grep -F -q "hello world Jamy here" 37 38 # Test file upload 39 echo "y" | ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none) \ 40 | grep -F -q "https://akkoma.nixos.test/media" 41 ''; 42 43 checkFe = pkgs.writers.writeBashBin "checkFe" '' 44 set -eu -o errtrace -o pipefail 45 46 paths=( / /static/{config,styles}.json /pleroma/admin/ ) 47 48 for path in "''${paths[@]}"; do 49 diff \ 50 <(${pkgs.curl}/bin/curl -f -S -s -o /dev/null -w '%{response_code}' "https://akkoma.nixos.test$path") \ 51 <(echo -n 200) 52 done 53 ''; 54 55 hosts = nodes: '' 56 ${nodes.akkoma.networking.primaryIPAddress} akkoma.nixos.test 57 ${nodes.client.networking.primaryIPAddress} client.nixos.test 58 ''; 59in 60{ 61 name = "akkoma"; 62 nodes = { 63 client = { nodes, pkgs, config, ... }: { 64 security.pki.certificateFiles = [ "${tlsCert}/cert.pem" ]; 65 networking.extraHosts = hosts nodes; 66 }; 67 68 akkoma = { nodes, pkgs, config, ... }: { 69 networking.extraHosts = hosts nodes; 70 networking.firewall.allowedTCPPorts = [ 443 ]; 71 environment.systemPackages = with pkgs; [ provisionUser ]; 72 systemd.services.akkoma.confinement.enable = confined; 73 74 services.akkoma = { 75 enable = true; 76 package = package; 77 config = { 78 ":pleroma" = { 79 ":instance" = { 80 name = "NixOS test Akkoma server"; 81 description = "NixOS test Akkoma server"; 82 email = "akkoma@nixos.test"; 83 notify_email = "akkoma@nixos.test"; 84 registration_open = true; 85 }; 86 87 ":media_proxy" = { 88 enabled = false; 89 }; 90 91 "Pleroma.Web.Endpoint" = { 92 url.host = "akkoma.nixos.test"; 93 }; 94 }; 95 }; 96 97 nginx = { 98 addSSL = true; 99 sslCertificate = "${tlsCert}/cert.pem"; 100 sslCertificateKey = "${tlsCert}/key.pem"; 101 }; 102 }; 103 104 services.nginx.enable = true; 105 services.postgresql.enable = true; 106 }; 107 }; 108 109 testScript = { nodes, ... }: '' 110 start_all() 111 akkoma.wait_for_unit('akkoma-initdb.service') 112 akkoma.systemctl('restart akkoma-initdb.service') # test repeated initialisation 113 akkoma.wait_for_unit('akkoma.service') 114 akkoma.wait_for_file('/run/akkoma/socket'); 115 akkoma.succeed('${provisionUser}/bin/provisionUser') 116 akkoma.wait_for_unit('nginx.service') 117 client.succeed('${sendToot}/bin/sendToot') 118 client.succeed('${checkFe}/bin/checkFe') 119 ''; 120}) 121