nixos/tests/powerdns-admin.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / powerdns-admin.nix
at 25.11-pre 4.8 kB view raw
  1# Test powerdns-admin
  2{
  3  system ? builtins.currentSystem,
  4  config ? { },
  5  pkgs ? import ../.. { inherit system config; },
  6}:
  7
  8with import ../lib/testing-python.nix { inherit system pkgs; };
  9with pkgs.lib;
 10let
 11  defaultConfig = ''
 12    import cachelib
 13
 14    BIND_ADDRESS = '127.0.0.1'
 15    PORT = 8000
 16    CAPTCHA_ENABLE = False
 17    SESSION_TYPE = 'cachelib'
 18    SESSION_CACHELIB = cachelib.simple.SimpleCache()
 19  '';
 20
 21  makeAppTest =
 22    name: configs:
 23    makeTest {
 24      name = "powerdns-admin-${name}";
 25      meta = with pkgs.lib.maintainers; {
 26        maintainers = [
 27          Flakebi
 28          zhaofengli
 29        ];
 30      };
 31
 32      nodes.server =
 33        { pkgs, config, ... }:
 34        mkMerge (
 35          [
 36            {
 37              services.powerdns-admin = {
 38                enable = true;
 39                secretKeyFile = "/etc/powerdns-admin/secret";
 40                saltFile = "/etc/powerdns-admin/salt";
 41              };
 42              # It's insecure to have secrets in the world-readable nix store, but this is just a test
 43              environment.etc."powerdns-admin/secret".text = "secret key";
 44              environment.etc."powerdns-admin/salt".text = "salt";
 45              environment.systemPackages = [
 46                (pkgs.writeShellScriptBin "run-test" config.system.build.testScript)
 47              ];
 48            }
 49          ]
 50          ++ configs
 51        );
 52
 53      testScript = ''
 54        server.wait_for_unit("powerdns-admin.service")
 55        server.wait_until_succeeds("run-test", timeout=10)
 56      '';
 57    };
 58
 59  matrix = {
 60    backend = {
 61      mysql = {
 62        services.powerdns-admin = {
 63          config = ''
 64            ${defaultConfig}
 65            SQLALCHEMY_DATABASE_URI = 'mysql://powerdnsadmin@/powerdnsadmin?unix_socket=/run/mysqld/mysqld.sock'
 66          '';
 67        };
 68        systemd.services.powerdns-admin = {
 69          after = [ "mysql.service" ];
 70          serviceConfig.BindPaths = "/run/mysqld";
 71        };
 72
 73        services.mysql = {
 74          enable = true;
 75          package = pkgs.mariadb;
 76          ensureDatabases = [ "powerdnsadmin" ];
 77          ensureUsers = [
 78            {
 79              name = "powerdnsadmin";
 80              ensurePermissions = {
 81                "powerdnsadmin.*" = "ALL PRIVILEGES";
 82              };
 83            }
 84          ];
 85        };
 86      };
 87      postgresql = {
 88        services.powerdns-admin = {
 89          config = ''
 90            ${defaultConfig}
 91            SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql'
 92          '';
 93        };
 94        systemd.services.powerdns-admin = {
 95          after = [ "postgresql.service" ];
 96          serviceConfig.BindPaths = "/run/postgresql";
 97        };
 98
 99        services.postgresql = {
100          enable = true;
101          ensureDatabases = [ "powerdnsadmin" ];
102          ensureUsers = [
103            {
104              name = "powerdnsadmin";
105              ensureDBOwnership = true;
106            }
107          ];
108        };
109      };
110    };
111    listen = {
112      tcp = {
113        services.powerdns-admin.extraArgs = [
114          "-b"
115          "127.0.0.1:8000"
116        ];
117        system.build.testScript = ''
118          set -euxo pipefail
119          curl -sSf http://127.0.0.1:8000/
120
121          # Create account to check that the database migrations ran
122          csrf_token="$(curl -sSfc session http://127.0.0.1:8000/register | grep _csrf_token | cut -d\" -f6)"
123          # Outputs 'Redirecting' if successful
124          curl -sSfb session http://127.0.0.1:8000/register \
125            -F "_csrf_token=$csrf_token" \
126            -F "firstname=first" \
127            -F "lastname=last" \
128            -F "email=a@example.com" \
129            -F "username=user" \
130            -F "password=password" \
131            -F "rpassword=password" | grep Redirecting
132
133          # Login
134          # Outputs 'Redirecting' if successful
135          curl -sSfb session http://127.0.0.1:8000/login \
136            -F "_csrf_token=$csrf_token" \
137            -F "username=user" \
138            -F "password=password" | grep Redirecting
139
140          # Check that we are logged in, this redirects to /admin/setting/pdns if we are
141          curl -sSfb session http://127.0.0.1:8000/dashboard/ | grep /admin/setting
142        '';
143      };
144      unix = {
145        services.powerdns-admin.extraArgs = [
146          "-b"
147          "unix:/run/powerdns-admin/http.sock"
148        ];
149        system.build.testScript = ''
150          curl -sSf --unix-socket /run/powerdns-admin/http.sock http://somehost/
151        '';
152      };
153    };
154  };
155in
156with matrix;
157{
158  postgresql = makeAppTest "postgresql" [
159    backend.postgresql
160    listen.tcp
161  ];
162  mysql = makeAppTest "mysql" [
163    backend.mysql
164    listen.tcp
165  ];
166  unix-listener = makeAppTest "unix-listener" [
167    backend.postgresql
168    listen.unix
169  ];
170}