pyrox.dev
1{ pkgs, ... }:
2let
3 pantalaimonInstanceName = "testing";
4
5 # Set up SSL certs for Synapse to be happy.
6 runWithOpenSSL =
7 file: cmd:
8 pkgs.runCommand file {
9 buildInputs = [ pkgs.openssl ];
10 } cmd;
11
12 ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048";
13 ca_pem = runWithOpenSSL "ca.pem" ''
14 openssl req \
15 -x509 -new -nodes -key ${ca_key} \
16 -days 10000 -out $out -subj "/CN=snakeoil-ca"
17 '';
18 key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048";
19 csr = runWithOpenSSL "matrix.csr" ''
20 openssl req \
21 -new -key ${key} \
22 -out $out -subj "/CN=localhost" \
23 '';
24 cert = runWithOpenSSL "matrix_cert.pem" ''
25 openssl x509 \
26 -req -in ${csr} \
27 -CA ${ca_pem} -CAkey ${ca_key} \
28 -CAcreateserial -out $out \
29 -days 365
30 '';
31in
32{
33 name = "pantalaimon";
34 meta = with pkgs.lib; {
35 maintainers = teams.matrix.members;
36 };
37
38 nodes.machine =
39 { pkgs, ... }:
40 {
41 services.pantalaimon-headless.instances.${pantalaimonInstanceName} = {
42 homeserver = "https://localhost:8448";
43 listenAddress = "0.0.0.0";
44 listenPort = 8888;
45 logLevel = "debug";
46 ssl = false;
47 };
48
49 services.matrix-synapse = {
50 enable = true;
51 settings = {
52 listeners = [
53 {
54 port = 8448;
55 bind_addresses = [
56 "127.0.0.1"
57 "::1"
58 ];
59 type = "http";
60 tls = true;
61 x_forwarded = false;
62 resources = [
63 {
64 names = [
65 "client"
66 ];
67 compress = true;
68 }
69 {
70 names = [
71 "federation"
72 ];
73 compress = false;
74 }
75 ];
76 }
77 ];
78 database.name = "sqlite3";
79 tls_certificate_path = "${cert}";
80 tls_private_key_path = "${key}";
81 };
82 };
83 };
84
85 testScript = ''
86 start_all()
87 machine.wait_for_unit("pantalaimon-${pantalaimonInstanceName}.service")
88 machine.wait_for_unit("matrix-synapse.service")
89 machine.wait_until_succeeds(
90 "curl --fail -L http://localhost:8888/"
91 )
92 '';
93}