nixos/tests/web-apps/mastodon/standard.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / web-apps / mastodon / standard.nix
at master 2.7 kB view raw
  1import ../../make-test-python.nix (
  2  { pkgs, ... }:
  3  let
  4    cert =
  5      pkgs:
  6      pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
  7        openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=mastodon.local' -days 36500
  8        mkdir -p $out
  9        cp key.pem cert.pem $out
 10      '';
 11
 12    hosts = ''
 13      192.168.2.101 mastodon.local
 14    '';
 15
 16  in
 17  {
 18    name = "mastodon-standard";
 19    meta.maintainers = with pkgs.lib.maintainers; [
 20      erictapen
 21      izorkin
 22      turion
 23    ];
 24
 25    nodes = {
 26      server =
 27        { pkgs, ... }:
 28        {
 29
 30          virtualisation.memorySize = 2048;
 31
 32          networking = {
 33            interfaces.eth1 = {
 34              ipv4.addresses = [
 35                {
 36                  address = "192.168.2.101";
 37                  prefixLength = 24;
 38                }
 39              ];
 40            };
 41            extraHosts = hosts;
 42            firewall.allowedTCPPorts = [
 43              80
 44              443
 45            ];
 46          };
 47
 48          security = {
 49            pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
 50          };
 51
 52          services.mastodon = {
 53            enable = true;
 54            configureNginx = true;
 55            localDomain = "mastodon.local";
 56            enableUnixSocket = false;
 57            streamingProcesses = 2;
 58            smtp = {
 59              createLocally = false;
 60              fromAddress = "mastodon@mastodon.local";
 61            };
 62            extraConfig = {
 63              EMAIL_DOMAIN_ALLOWLIST = "example.com";
 64            };
 65          };
 66
 67          services.nginx = {
 68            virtualHosts."mastodon.local" = {
 69              enableACME = pkgs.lib.mkForce false;
 70              sslCertificate = "${cert pkgs}/cert.pem";
 71              sslCertificateKey = "${cert pkgs}/key.pem";
 72            };
 73          };
 74        };
 75
 76      client =
 77        { pkgs, ... }:
 78        {
 79          environment.systemPackages = [ pkgs.jq ];
 80          networking = {
 81            interfaces.eth1 = {
 82              ipv4.addresses = [
 83                {
 84                  address = "192.168.2.102";
 85                  prefixLength = 24;
 86                }
 87              ];
 88            };
 89            extraHosts = hosts;
 90          };
 91
 92          security = {
 93            pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
 94          };
 95        };
 96    };
 97
 98    testScript = import ./script.nix {
 99      inherit pkgs;
100      extraInit = ''
101        server.wait_for_unit("nginx.service")
102        server.wait_for_open_port(443)
103        server.wait_for_unit("redis-mastodon.service")
104        server.wait_for_unit("postgresql.target")
105        server.wait_for_open_port(5432)
106      '';
107    };
108  }
109)