pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / signal-desktop.nix
at 23.11-pre 2.2 kB view raw
1import ./make-test-python.nix ({ pkgs, ...} : 2 3let 4 sqlcipher-signal = pkgs.writeShellScriptBin "sqlcipher" '' 5 set -eu 6 7 readonly CFG=~/.config/Signal/config.json 8 readonly KEY="$(${pkgs.jq}/bin/jq --raw-output '.key' $CFG)" 9 readonly DB="$1" 10 readonly SQL="SELECT * FROM sqlite_master where type='table'" 11 ${pkgs.sqlcipher}/bin/sqlcipher "$DB" "PRAGMA key = \"x'$KEY'\"; $SQL" 12 ''; 13in { 14 name = "signal-desktop"; 15 meta = with pkgs.lib.maintainers; { 16 maintainers = [ flokli primeos ]; 17 }; 18 19 nodes.machine = { ... }: 20 21 { 22 imports = [ 23 ./common/user-account.nix 24 ./common/x11.nix 25 ]; 26 27 services.xserver.enable = true; 28 test-support.displayManager.auto.user = "alice"; 29 environment.systemPackages = with pkgs; [ 30 signal-desktop file sqlite sqlcipher-signal 31 ]; 32 }; 33 34 enableOCR = true; 35 36 testScript = { nodes, ... }: let 37 user = nodes.machine.config.users.users.alice; 38 in '' 39 start_all() 40 machine.wait_for_x() 41 42 # start signal desktop 43 machine.execute("su - alice -c signal-desktop >&2 &") 44 45 # Wait for the Signal window to appear. Since usually the tests 46 # are run sandboxed and therefore with no internet, we can not wait 47 # for the message "Link your phone ...". Nor should we wait for 48 # the "Failed to connect to server" message, because when manually 49 # running this test it will be not sandboxed. 50 machine.wait_for_text("Signal") 51 machine.wait_for_text("File Edit View Window Help") 52 machine.screenshot("signal_desktop") 53 54 # Test if the database is encrypted to prevent these issues: 55 # - https://github.com/NixOS/nixpkgs/issues/108772 56 # - https://github.com/NixOS/nixpkgs/pull/117555 57 print(machine.succeed("su - alice -c 'file ~/.config/Signal/sql/db.sqlite'")) 58 machine.fail( 59 "su - alice -c 'file ~/.config/Signal/sql/db.sqlite' | grep -e SQLite -e database" 60 ) 61 # Only SQLCipher should be able to read the encrypted DB: 62 machine.fail( 63 "su - alice -c 'sqlite3 ~/.config/Signal/sql/db.sqlite .tables'" 64 ) 65 print(machine.succeed( 66 "su - alice -c 'sqlcipher ~/.config/Signal/sql/db.sqlite'" 67 )) 68 ''; 69})