commit 702853c61a74734d4d670b187d09628f7d89f989 · pyrox.dev/nixpkgs

nixos/modules/services/misc/forgejo.nix

···

       632
       632
        
             };

     

       633
       633
        
           };

     

       634
       634
        
       

     

       635
       635
       +
           services.openssh.settings.AcceptEnv = mkIf (!cfg.settings.START_SSH_SERVER or false) "GIT_PROTOCOL";

     

       636
       636
       +
       

     

       635
       637
        
           users.users = mkIf (cfg.user == "forgejo") {

     

       636
       638
        
             forgejo = {

     

       637
       639
        
               home = cfg.stateDir;

+22 -1

nixos/tests/forgejo.nix

···

       37
       37
        
                 settings."repository.signing".SIGNING_KEY = signingPrivateKeyId;

     

       38
       38
        
                 settings.actions.ENABLED = true;

     

       39
       39
        
               };

     

       40
       40
       -
               environment.systemPackages = [ config.services.forgejo.package pkgs.gnupg pkgs.jq ];

     

       40
       40
       +
               environment.systemPackages = [ config.services.forgejo.package pkgs.gnupg pkgs.jq pkgs.file ];

     

       41
       41
        
               services.openssh.enable = true;

     

       42
       42
        
       

     

       43
       43
        
               specialisation.runner = {

     
···

       53
       53
        
                   tokenFile = "/var/lib/forgejo/runner_token";

     

       54
       54
        
                 };

     

       55
       55
        
               };

     

       56
       56
       +
               specialisation.dump = {

     

       57
       57
       +
                 inheritParentConfig = true;

     

       58
       58
       +
                 configuration.services.forgejo.dump = {

     

       59
       59
       +
                   enable = true;

     

       60
       60
       +
                   type = "tar.zst";

     

       61
       61
       +
                   file = "dump.tar.zst";

     

       62
       62
       +
                 };

     

       63
       63
       +
               };

     

       56
       64
        
             };

     

       57
       65
        
             client1 = { config, pkgs, ... }: {

     

       58
       66
        
               environment.systemPackages = [ pkgs.git ];

     
···

       66
       74
        
             let

     

       67
       75
        
               inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;

     

       68
       76
        
               serverSystem = nodes.server.system.build.toplevel;

     

       77
       77
       +
               dumpFile = with nodes.server.specialisation.dump.configuration.services.forgejo.dump; "${backupDir}/${file}";

     

       69
       78
        
             in

     

       70
       79
        
             ''

     

       80
       80
       +
               import json

     

       71
       81
        
               GIT_SSH_COMMAND = "ssh -i $HOME/.ssh/privk -o StrictHostKeyChecking=no"

     

       72
       82
        
               REPO = "forgejo@server:test/repo"

     

       73
       83
        
               PRIVK = "${snakeOilPrivateKey}"

     
···

       137
       147
        
               client2.succeed(f"GIT_SSH_COMMAND='{GIT_SSH_COMMAND}' git clone {REPO}")

     

       138
       148
        
               client2.succeed('test "$(cat repo/testfile | xargs echo -n)" = "hello world"')

     

       139
       149
        
       

     

       150
       150
       +
               with subtest("Testing git protocol version=2 over ssh"):

     

       151
       151
       +
                   git_protocol = client2.succeed(f"GIT_SSH_COMMAND='{GIT_SSH_COMMAND}' GIT_TRACE2_EVENT=true git -C repo fetch |& grep negotiated-version")

     

       152
       152
       +
                   version = json.loads(git_protocol).get("value")

     

       153
       153
       +
                   assert version == "2", f"git did not negotiate protocol version 2, but version {version} instead."

     

       154
       154
       +
       

     

       140
       155
        
               server.wait_until_succeeds(

     

       141
       156
        
                   'test "$(curl http://localhost:3000/api/v1/repos/test/repo/commits '

     

       142
       157
        
                   + '-H "Accept: application/json" | jq length)" = "1"',

     
···

       150
       165
        
                   server.succeed("${serverSystem}/specialisation/runner/bin/switch-to-configuration test")

     

       151
       166
        
                   server.wait_for_unit("gitea-runner-test.service")

     

       152
       167
        
                   server.succeed("journalctl -o cat -u gitea-runner-test.service | grep -q 'Runner registered successfully'")

     

       168
       168
       +
       

     

       169
       169
       +
               with subtest("Testing backup service"):

     

       170
       170
       +
                   server.succeed("${serverSystem}/specialisation/dump/bin/switch-to-configuration test")

     

       171
       171
       +
                   server.systemctl("start forgejo-dump")

     

       172
       172
       +
                   assert "Zstandard compressed data" in server.succeed("file ${dumpFile}")

     

       173
       173
       +
                   server.copy_from_vm("${dumpFile}")

     

       153
       174
        
             '';

     

       154
       175
        
         });

     

       155
       176
        
       in