···
1
+
import ../make-test-python.nix (
4
+
# Set up SSL certs for Synapse to be happy.
5
+
runWithOpenSSL = file: cmd: pkgs.runCommand file
7
+
buildInputs = [ pkgs.openssl ];
11
+
ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048";
12
+
ca_pem = runWithOpenSSL "ca.pem" ''
14
+
-x509 -new -nodes -key ${ca_key} \
15
+
-days 10000 -out $out -subj "/CN=snakeoil-ca"
17
+
key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048";
18
+
csr = runWithOpenSSL "matrix.csr" ''
21
+
-out $out -subj "/CN=localhost" \
23
+
cert = runWithOpenSSL "matrix_cert.pem" ''
26
+
-CA ${ca_pem} -CAkey ${ca_key} \
27
+
-CAcreateserial -out $out \
33
+
meta = with pkgs.lib; {
34
+
maintainers = teams.matrix.members;
38
+
homeserver = { pkgs, ... }: {
39
+
services.matrix-synapse = {
41
+
database_type = "sqlite3";
42
+
tls_certificate_path = "${cert}";
43
+
tls_private_key_path = "${key}";
44
+
enable_registration = true;
45
+
registration_shared_secret = "supersecret-registration";
48
+
# The default but tls=false
50
+
"bind_address" = "";
53
+
{ "compress" = true; "names" = [ "client" "webclient" ]; }
54
+
{ "compress" = false; "names" = [ "federation" ]; }
58
+
"x_forwarded" = false;
63
+
networking.firewall.allowedTCPPorts = [ 8448 ];
65
+
environment.systemPackages = [
66
+
(pkgs.writeShellScriptBin "register_mjolnir_user" ''
67
+
exec ${pkgs.matrix-synapse}/bin/register_new_matrix_user \
69
+
-p mjolnir-password \
71
+
--shared-secret supersecret-registration \
72
+
http://localhost:8448
75
+
(pkgs.writeShellScriptBin "register_moderator_user" ''
76
+
exec ${pkgs.matrix-synapse}/bin/register_new_matrix_user \
78
+
-p moderator-password \
80
+
--shared-secret supersecret-registration \
81
+
http://localhost:8448
87
+
mjolnir = { pkgs, ... }: {
88
+
services.mjolnir = {
90
+
homeserverUrl = "http://homeserver:8448";
93
+
username = "mjolnir";
94
+
passwordFile = pkgs.writeText "password.txt" "mjolnir-password";
96
+
managementRoom = "#moderators:homeserver";
100
+
client = { pkgs, ... }: {
101
+
environment.systemPackages = [
102
+
(pkgs.writers.writePython3Bin "create_management_room_and_invite_mjolnir"
103
+
{ libraries = [ pkgs.python3Packages.matrix-nio ]; } ''
108
+
EnableEncryptionBuilder
112
+
async def main() -> None:
113
+
client = AsyncClient("http://homeserver:8448", "moderator")
115
+
await client.login("moderator-password")
117
+
room = await client.room_create(
119
+
alias="moderators",
120
+
initial_state=[EnableEncryptionBuilder().as_dict()],
123
+
await client.join(room.room_id)
124
+
await client.room_invite(room.room_id, "@mjolnir:homeserver")
126
+
asyncio.run(main())
134
+
with subtest("start homeserver"):
137
+
homeserver.wait_for_unit("matrix-synapse.service")
138
+
homeserver.wait_until_succeeds("curl --fail -L http://localhost:8448/")
140
+
with subtest("register users"):
141
+
# register mjolnir user
142
+
homeserver.succeed("register_mjolnir_user")
143
+
# register moderator user
144
+
homeserver.succeed("register_moderator_user")
146
+
with subtest("start mjolnir"):
149
+
# wait for pantalaimon to be ready
150
+
mjolnir.wait_for_unit("pantalaimon-mjolnir.service")
151
+
mjolnir.wait_for_unit("mjolnir.service")
153
+
mjolnir.wait_until_succeeds("curl --fail -L http://localhost:8009/")
155
+
with subtest("ensure mjolnir can be invited to the management room"):
158
+
client.wait_until_succeeds("curl --fail -L http://homeserver:8448/")
160
+
client.succeed("create_management_room_and_invite_mjolnir")
162
+
mjolnir.wait_for_console_text("Startup complete. Now monitoring rooms")
pyrox.dev