pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / canaille.nix
at 25.11-pre 1.8 kB view raw
1import ./make-test-python.nix ( 2 { pkgs, ... }: 3 let 4 certs = import ./common/acme/server/snakeoil-certs.nix; 5 inherit (certs) domain; 6 in 7 { 8 name = "canaille"; 9 meta.maintainers = with pkgs.lib.maintainers; [ erictapen ]; 10 11 nodes.server = 12 { pkgs, lib, ... }: 13 { 14 services.canaille = { 15 enable = true; 16 secretKeyFile = pkgs.writeText "canaille-secret-key" '' 17 this is not a secret key 18 ''; 19 settings = { 20 SERVER_NAME = domain; 21 }; 22 }; 23 24 services.nginx.virtualHosts."${domain}" = { 25 enableACME = lib.mkForce false; 26 sslCertificate = certs."${domain}".cert; 27 sslCertificateKey = certs."${domain}".key; 28 }; 29 30 networking.hosts."::1" = [ "${domain}" ]; 31 networking.firewall.allowedTCPPorts = [ 32 80 33 443 34 ]; 35 36 users.users.canaille.shell = pkgs.bashInteractive; 37 38 security.pki.certificateFiles = [ certs.ca.cert ]; 39 }; 40 41 nodes.client = 42 { nodes, ... }: 43 { 44 networking.hosts."${nodes.server.networking.primaryIPAddress}" = [ "${domain}" ]; 45 security.pki.certificateFiles = [ certs.ca.cert ]; 46 }; 47 48 testScript = 49 { ... }: 50 '' 51 import json 52 53 start_all() 54 server.wait_for_unit("canaille.socket") 55 server.wait_until_succeeds("curl -f https://${domain}") 56 server.succeed("sudo -iu canaille -- canaille create user --user-name admin --password adminpass --emails admin@${domain}") 57 json_str = server.succeed("sudo -iu canaille -- canaille get user") 58 assert json.loads(json_str)[0]["user_name"] == "admin" 59 server.succeed("sudo -iu canaille -- canaille config check") 60 ''; 61 } 62)