commit e611d663f4cbfc2bc577e833ca9db2a0422756be · pyrox.dev/nixpkgs

+14

nixos/doc/manual/release-notes/rl-2105.xml

···

       715
       715
        
            The <package>yadm</package> dotfile manager has been updated from 2.x to 3.x, which has new (XDG) default locations for some data/state files. Most yadm commands will fail and print a legacy path warning (which describes how to upgrade/migrate your repository). If you have scripts, daemons, scheduled jobs, shell profiles, etc. that invoke yadm, expect them to fail or misbehave until you perform this migration and prepare accordingly.

     

       716
       716
        
           </para>

     

       717
       717
        
          </listitem>

     

       718
       718
       +
          <listitem>

     

       719
       719
       +
           <para>

     

       720
       720
       +
            Instead of determining <option>services.radicale.package</option>

     

       721
       721
       +
            automatically based on <option>system.stateVersion</option>, the latest

     

       722
       722
       +
            version is always used because old versions are not officially supported.

     

       723
       723
       +
           </para>

     

       724
       724
       +
           <para>

     

       725
       725
       +
            Furthermore, Radicale's systemd unit was hardened which might break some

     

       726
       726
       +
            deployments.  In particular, a non-default

     

       727
       727
       +
            <literal>filesystem_folder</literal> has to be added to

     

       728
       728
       +
            <option>systemd.services.radicale.serviceConfig.ReadWritePaths</option> if

     

       729
       729
       +
            the deprecated <option>services.radicale.config</option> is used.

     

       730
       730
       +
           </para>

     

       731
       731
       +
          </listitem>

     

       718
       732
        
         </itemizedlist>

     

       719
       733
        
        </section>

     

       720
       734

+152 -44

nixos/modules/services/networking/radicale.nix

···

       3
       3
        
       with lib;

     

       4
       4
        
       

     

       5
       5
        
       let

     

       6
       6
       +
         cfg = config.services.radicale;

     

       6
       7
        
       

     

       7
       7
       -
         cfg = config.services.radicale;

     

       8
       8
       +
         format = pkgs.formats.ini {

     

       9
       9
       +
           listToValue = concatMapStringsSep ", " (generators.mkValueStringDefault { });

     

       10
       10
       +
         };

     

       11
       11
       +
       

     

       12
       12
       +
         pkg = if isNull cfg.package then

     

       13
       13
       +
           pkgs.radicale

     

       14
       14
       +
         else

     

       15
       15
       +
           cfg.package;

     

       16
       16
       +
       

     

       17
       17
       +
         confFile = if cfg.settings == { } then

     

       18
       18
       +
           pkgs.writeText "radicale.conf" cfg.config

     

       19
       19
       +
         else

     

       20
       20
       +
           format.generate "radicale.conf" cfg.settings;

     

       8
       21
        
       

     

       9
       9
       -
         confFile = pkgs.writeText "radicale.conf" cfg.config;

     

       22
       22
       +
         rightsFile = format.generate "radicale.rights" cfg.rights;

     

       10
       23
        
       

     

       11
       11
       -
         defaultPackage = if versionAtLeast config.system.stateVersion "20.09" then {

     

       12
       12
       -
           pkg = pkgs.radicale3;

     

       13
       13
       -
           text = "pkgs.radicale3";

     

       14
       14
       -
         } else if versionAtLeast config.system.stateVersion "17.09" then {

     

       15
       15
       -
           pkg = pkgs.radicale2;

     

       16
       16
       -
           text = "pkgs.radicale2";

     

       17
       17
       -
         } else {

     

       18
       18
       -
           pkg = pkgs.radicale1;

     

       19
       19
       -
           text = "pkgs.radicale1";

     

       20
       20
       -
         };

     

       21
       21
       -
       in

     

       24
       24
       +
         bindLocalhost = cfg.settings != { } && !hasAttrByPath [ "server" "hosts" ] cfg.settings;

     

       25
       25
       +
       

     

       26
       26
       +
       in {

     

       27
       27
       +
         options.services.radicale = {

     

       28
       28
       +
           enable = mkEnableOption "Radicale CalDAV and CardDAV server";

     

       22
       29
        
       

     

       23
       23
       -
       {

     

       30
       30
       +
           package = mkOption {

     

       31
       31
       +
             description = "Radicale package to use.";

     

       32
       32
       +
             # Default cannot be pkgs.radicale because non-null values suppress

     

       33
       33
       +
             # warnings about incompatible configuration and storage formats.

     

       34
       34
       +
             type = with types; nullOr package // { inherit (package) description; };

     

       35
       35
       +
             default = null;

     

       36
       36
       +
             defaultText = "pkgs.radicale";

     

       37
       37
       +
           };

     

       24
       38
        
       

     

       25
       25
       -
         options = {

     

       26
       26
       -
           services.radicale.enable = mkOption {

     

       27
       27
       -
             type = types.bool;

     

       28
       28
       -
             default = false;

     

       39
       39
       +
           config = mkOption {

     

       40
       40
       +
             type = types.str;

     

       41
       41
       +
             default = "";

     

       29
       42
        
             description = ''

     

       30
       30
       -
                 Enable Radicale CalDAV and CardDAV server.

     

       43
       43
       +
               Radicale configuration, this will set the service

     

       44
       44
       +
               configuration file.

     

       45
       45
       +
               This option is mutually exclusive with <option>settings</option>.

     

       46
       46
       +
               This option is deprecated.  Use <option>settings</option> instead.

     

       31
       47
        
             '';

     

       32
       48
        
           };

     

       33
       49
        
       

     

       34
       34
       -
           services.radicale.package = mkOption {

     

       35
       35
       -
             type = types.package;

     

       36
       36
       -
             default = defaultPackage.pkg;

     

       37
       37
       -
             defaultText = defaultPackage.text;

     

       50
       50
       +
           settings = mkOption {

     

       51
       51
       +
             type = format.type;

     

       52
       52
       +
             default = { };

     

       38
       53
        
             description = ''

     

       39
       39
       -
               Radicale package to use. This defaults to version 1.x if

     

       40
       40
       -
               <literal>system.stateVersion &lt; 17.09</literal>, version 2.x if

     

       41
       41
       -
               <literal>17.09 ≤ system.stateVersion &lt; 20.09</literal>, and

     

       42
       42
       -
               version 3.x otherwise.

     

       54
       54
       +
               Configuration for Radicale. See

     

       55
       55
       +
               <link xlink:href="https://radicale.org/3.0.html#documentation/configuration" />.

     

       56
       56
       +
               This option is mutually exclusive with <option>config</option>.

     

       57
       57
       +
             '';

     

       58
       58
       +
             example = literalExample ''

     

       59
       59
       +
               server = {

     

       60
       60
       +
                 hosts = [ "0.0.0.0:5232" "[::]:5232" ];

     

       61
       61
       +
               };

     

       62
       62
       +
               auth = {

     

       63
       63
       +
                 type = "htpasswd";

     

       64
       64
       +
                 htpasswd_filename = "/etc/radicale/users";

     

       65
       65
       +
                 htpasswd_encryption = "bcrypt";

     

       66
       66
       +
               };

     

       67
       67
       +
               storage = {

     

       68
       68
       +
                 filesystem_folder = "/var/lib/radicale/collections";

     

       69
       69
       +
               };

     

       43
       70
        
             '';

     

       44
       71
        
           };

     

       45
       72
        
       

     

       46
       46
       -
           services.radicale.config = mkOption {

     

       47
       47
       -
             type = types.str;

     

       48
       48
       -
             default = "";

     

       73
       73
       +
           rights = mkOption {

     

       74
       74
       +
             type = format.type;

     

       49
       75
        
             description = ''

     

       50
       50
       -
               Radicale configuration, this will set the service

     

       51
       51
       -
               configuration file.

     

       76
       76
       +
               Configuration for Radicale's rights file. See

     

       77
       77
       +
               <link xlink:href="https://radicale.org/3.0.html#documentation/authentication-and-rights" />.

     

       78
       78
       +
               This option only works in conjunction with <option>settings</option>.

     

       79
       79
       +
               Setting this will also set <option>settings.rights.type</option> and

     

       80
       80
       +
               <option>settings.rights.file</option> to approriate values.

     

       81
       81
       +
             '';

     

       82
       82
       +
             default = { };

     

       83
       83
       +
             example = literalExample ''

     

       84
       84
       +
               root = {

     

       85
       85
       +
                 user = ".+";

     

       86
       86
       +
                 collection = "";

     

       87
       87
       +
                 permissions = "R";

     

       88
       88
       +
               };

     

       89
       89
       +
               principal = {

     

       90
       90
       +
                 user = ".+";

     

       91
       91
       +
                 collection = "{user}";

     

       92
       92
       +
                 permissions = "RW";

     

       93
       93
       +
               };

     

       94
       94
       +
               calendars = {

     

       95
       95
       +
                 user = ".+";

     

       96
       96
       +
                 collection = "{user}/[^/]+";

     

       97
       97
       +
                 permissions = "rw";

     

       98
       98
       +
               };

     

       52
       99
        
             '';

     

       53
       100
        
           };

     

       54
       101
        
       

     

       55
       55
       -
           services.radicale.extraArgs = mkOption {

     

       102
       102
       +
           extraArgs = mkOption {

     

       56
       103
        
             type = types.listOf types.str;

     

       57
       104
        
             default = [];

     

       58
       105
        
             description = "Extra arguments passed to the Radicale daemon.";

     
···

       60
       107
        
         };

     

       61
       108
        
       

     

       62
       109
        
         config = mkIf cfg.enable {

     

       63
       63
       -
           environment.systemPackages = [ cfg.package ];

     

       110
       110
       +
           assertions = [

     

       111
       111
       +
             {

     

       112
       112
       +
               assertion = cfg.settings == { } || cfg.config == "";

     

       113
       113
       +
               message = ''

     

       114
       114
       +
                 The options services.radicale.config and services.radicale.settings

     

       115
       115
       +
                 are mutually exclusive.

     

       116
       116
       +
               '';

     

       117
       117
       +
             }

     

       118
       118
       +
           ];

     

       64
       119
        
       

     

       65
       65
       -
           users.users.radicale =

     

       66
       66
       -
             { uid = config.ids.uids.radicale;

     

       67
       67
       -
               description = "radicale user";

     

       68
       68
       -
               home = "/var/lib/radicale";

     

       69
       69
       -
               createHome = true;

     

       70
       70
       -
             };

     

       120
       120
       +
           warnings = optional (isNull cfg.package && versionOlder config.system.stateVersion "17.09") ''

     

       121
       121
       +
             The configuration and storage formats of your existing Radicale

     

       122
       122
       +
             installation might be incompatible with the newest version.

     

       123
       123
       +
             For upgrade instructions see

     

       124
       124
       +
             https://radicale.org/2.1.html#documentation/migration-from-1xx-to-2xx.

     

       125
       125
       +
             Set services.radicale.package to suppress this warning.

     

       126
       126
       +
           '' ++ optional (isNull cfg.package && versionOlder config.system.stateVersion "20.09") ''

     

       127
       127
       +
             The configuration format of your existing Radicale installation might be

     

       128
       128
       +
             incompatible with the newest version.  For upgrade instructions see

     

       129
       129
       +
             https://github.com/Kozea/Radicale/blob/3.0.6/NEWS.md#upgrade-checklist.

     

       130
       130
       +
             Set services.radicale.package to suppress this warning.

     

       131
       131
       +
           '' ++ optional (cfg.config != "") ''

     

       132
       132
       +
             The option services.radicale.config is deprecated.

     

       133
       133
       +
             Use services.radicale.settings instead.

     

       134
       134
       +
           '';

     

       71
       135
        
       

     

       72
       72
       -
           users.groups.radicale =

     

       73
       73
       -
             { gid = config.ids.gids.radicale; };

     

       136
       136
       +
           services.radicale.settings.rights = mkIf (cfg.rights != { }) {

     

       137
       137
       +
             type = "from_file";

     

       138
       138
       +
             file = toString rightsFile;

     

       139
       139
       +
           };

     

       140
       140
       +
       

     

       141
       141
       +
           environment.systemPackages = [ pkg ];

     

       142
       142
       +
       

     

       143
       143
       +
           users.users.radicale.uid = config.ids.uids.radicale;

     

       144
       144
       +
       

     

       145
       145
       +
           users.groups.radicale.gid = config.ids.gids.radicale;

     

       74
       146
        
       

     

       75
       147
        
           systemd.services.radicale = {

     

       76
       148
        
             description = "A Simple Calendar and Contact Server";

     

       77
       149
        
             after = [ "network.target" ];

     

       150
       150
       +
             requires = [ "network.target" ];

     

       78
       151
        
             wantedBy = [ "multi-user.target" ];

     

       79
       152
        
             serviceConfig = {

     

       80
       153
        
               ExecStart = concatStringsSep " " ([

     

       81
       81
       -
                 "${cfg.package}/bin/radicale" "-C" confFile

     

       154
       154
       +
                 "${pkg}/bin/radicale" "-C" confFile

     

       82
       155
        
               ] ++ (

     

       83
       156
        
                 map escapeShellArg cfg.extraArgs

     

       84
       157
        
               ));

     

       85
       158
        
               User = "radicale";

     

       86
       159
        
               Group = "radicale";

     

       160
       160
       +
               StateDirectory = "radicale/collections";

     

       161
       161
       +
               StateDirectoryMode = "0750";

     

       162
       162
       +
               # Hardening

     

       163
       163
       +
               CapabilityBoundingSet = [ "" ];

     

       164
       164
       +
               DeviceAllow = [ "/dev/stdin" ];

     

       165
       165
       +
               DevicePolicy = "strict";

     

       166
       166
       +
               IPAddressAllow = mkIf bindLocalhost "localhost";

     

       167
       167
       +
               IPAddressDeny = mkIf bindLocalhost "any";

     

       168
       168
       +
               LockPersonality = true;

     

       169
       169
       +
               MemoryDenyWriteExecute = true;

     

       170
       170
       +
               NoNewPrivileges = true;

     

       171
       171
       +
               PrivateDevices = true;

     

       172
       172
       +
               PrivateTmp = true;

     

       173
       173
       +
               PrivateUsers = true;

     

       174
       174
       +
               ProcSubset = "pid";

     

       175
       175
       +
               ProtectClock = true;

     

       176
       176
       +
               ProtectControlGroups = true;

     

       177
       177
       +
               ProtectHome = true;

     

       178
       178
       +
               ProtectHostname = true;

     

       179
       179
       +
               ProtectKernelLogs = true;

     

       180
       180
       +
               ProtectKernelModules = true;

     

       181
       181
       +
               ProtectKernelTunables = true;

     

       182
       182
       +
               ProtectProc = "invisible";

     

       183
       183
       +
               ProtectSystem = "strict";

     

       184
       184
       +
               ReadWritePaths = lib.optional

     

       185
       185
       +
                 (hasAttrByPath [ "storage" "filesystem_folder" ] cfg.settings)

     

       186
       186
       +
                 cfg.settings.storage.filesystem_folder;

     

       187
       187
       +
               RemoveIPC = true;

     

       188
       188
       +
               RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];

     

       189
       189
       +
               RestrictNamespaces = true;

     

       190
       190
       +
               RestrictRealtime = true;

     

       191
       191
       +
               RestrictSUIDSGID = true;

     

       192
       192
       +
               SystemCallArchitectures = "native";

     

       193
       193
       +
               SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];

     

       194
       194
       +
               UMask = "0027";

     

       87
       195
        
             };

     

       88
       196
        
           };

     

       89
       197
        
         };

     

       90
       198
        
       

     

       91
       91
       -
         meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];

     

       199
       199
       +
         meta.maintainers = with lib.maintainers; [ aneeshusa infinisil dotlambda ];

     

       92
       200
        
       }

+77 -122

nixos/tests/radicale.nix

···

       1
       1
       +
       import ./make-test-python.nix ({ lib, pkgs, ... }:

     

       2
       2
       +
       

     

       1
       3
        
       let

     

       2
       4
        
         user = "someuser";

     

       3
       5
        
         password = "some_password";

     

       4
       4
       -
         port = builtins.toString 5232;

     

       6
       6
       +
         port = "5232";

     

       7
       7
       +
         filesystem_folder = "/data/radicale";

     

       8
       8
       +
       

     

       9
       9
       +
         cli = "${pkgs.calendar-cli}/bin/calendar-cli --caldav-user ${user} --caldav-pass ${password}";

     

       10
       10
       +
       in {

     

       11
       11
       +
         name = "radicale3";

     

       12
       12
       +
         meta.maintainers = with lib.maintainers; [ dotlambda ];

     

       5
       13
        
       

     

       6
       6
       -
         common = { pkgs, ... }: {

     

       14
       14
       +
         machine = { pkgs, ... }: {

     

       7
       15
        
           services.radicale = {

     

       8
       16
        
             enable = true;

     

       9
       9
       -
             config = ''

     

       10
       10
       -
               [auth]

     

       11
       11
       -
               type = htpasswd

     

       12
       12
       -
               htpasswd_filename = /etc/radicale/htpasswd

     

       13
       13
       -
               htpasswd_encryption = bcrypt

     

       14
       14
       -
       

     

       15
       15
       -
               [storage]

     

       16
       16
       -
               filesystem_folder = /tmp/collections

     

       17
       17
       -
             '';

     

       17
       17
       +
             settings = {

     

       18
       18
       +
               auth = {

     

       19
       19
       +
                 type = "htpasswd";

     

       20
       20
       +
                 htpasswd_filename = "/etc/radicale/users";

     

       21
       21
       +
                 htpasswd_encryption = "bcrypt";

     

       22
       22
       +
               };

     

       23
       23
       +
               storage = {

     

       24
       24
       +
                 inherit filesystem_folder;

     

       25
       25
       +
                 hook = "git add -A && (git diff --cached --quiet || git commit -m 'Changes by '%(user)s)";

     

       26
       26
       +
               };

     

       27
       27
       +
               logging.level = "info";

     

       28
       28
       +
             };

     

       29
       29
       +
             rights = {

     

       30
       30
       +
               principal = {

     

       31
       31
       +
                 user = ".+";

     

       32
       32
       +
                 collection = "{user}";

     

       33
       33
       +
                 permissions = "RW";

     

       34
       34
       +
               };

     

       35
       35
       +
               calendars = {

     

       36
       36
       +
                 user = ".+";

     

       37
       37
       +
                 collection = "{user}/[^/]+";

     

       38
       38
       +
                 permissions = "rw";

     

       39
       39
       +
               };

     

       40
       40
       +
             };

     

       18
       41
        
           };

     

       42
       42
       +
           systemd.services.radicale.path = [ pkgs.git ];

     

       43
       43
       +
           environment.systemPackages = [ pkgs.git ];

     

       44
       44
       +
           systemd.tmpfiles.rules = [ "d ${filesystem_folder} 0750 radicale radicale -" ];

     

       19
       45
        
           # WARNING: DON'T DO THIS IN PRODUCTION!

     

       20
       46
        
           # This puts unhashed secrets directly into the Nix store for ease of testing.

     

       21
       21
       -
           environment.etc."radicale/htpasswd".source = pkgs.runCommand "htpasswd" {} ''

     

       47
       47
       +
           environment.etc."radicale/users".source = pkgs.runCommand "htpasswd" {} ''

     

       22
       48
        
             ${pkgs.apacheHttpd}/bin/htpasswd -bcB "$out" ${user} ${password}

     

       23
       49
        
           '';

     

       24
       50
        
         };

     

       51
       51
       +
         testScript = ''

     

       52
       52
       +
           machine.wait_for_unit("radicale.service")

     

       53
       53
       +
           machine.wait_for_open_port(${port})

     

       25
       54
        
       

     

       26
       26
       -
       in

     

       55
       55
       +
           machine.succeed("sudo -u radicale git -C ${filesystem_folder} init")

     

       56
       56
       +
           machine.succeed(

     

       57
       57
       +
               "sudo -u radicale git -C ${filesystem_folder} config --local user.email radicale@example.com"

     

       58
       58
       +
           )

     

       59
       59
       +
           machine.succeed(

     

       60
       60
       +
               "sudo -u radicale git -C ${filesystem_folder} config --local user.name radicale"

     

       61
       61
       +
           )

     

       27
       62
        
       

     

       28
       28
       -
         import ./make-test-python.nix ({ lib, ... }@args: {

     

       29
       29
       -
           name = "radicale";

     

       30
       30
       -
           meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];

     

       63
       63
       +
           with subtest("Test calendar and event creation"):

     

       64
       64
       +
               machine.succeed(

     

       65
       65
       +
                   "${cli} --caldav-url http://localhost:${port}/${user} calendar create cal"

     

       66
       66
       +
               )

     

       67
       67
       +
               machine.succeed("test -d ${filesystem_folder}/collection-root/${user}/cal")

     

       68
       68
       +
               machine.succeed('test -z "$(ls ${filesystem_folder}/collection-root/${user}/cal)"')

     

       69
       69
       +
               machine.succeed(

     

       70
       70
       +
                   "${cli} --caldav-url http://localhost:${port}/${user}/cal calendar add 2021-04-23 testevent"

     

       71
       71
       +
               )

     

       72
       72
       +
               machine.succeed('test -n "$(ls ${filesystem_folder}/collection-root/${user}/cal)"')

     

       73
       73
       +
               (status, stdout) = machine.execute(

     

       74
       74
       +
                   "sudo -u radicale git -C ${filesystem_folder} log --format=oneline | wc -l"

     

       75
       75
       +
               )

     

       76
       76
       +
               assert status == 0, "git log failed"

     

       77
       77
       +
               assert stdout == "3\n", "there should be exactly 3 commits"

     

       31
       78
        
       

     

       32
       32
       -
           nodes = rec {

     

       33
       33
       -
             radicale = radicale1; # Make the test script read more nicely

     

       34
       34
       -
             radicale1 = lib.recursiveUpdate (common args) {

     

       35
       35
       -
               nixpkgs.overlays = [

     

       36
       36
       -
                 (self: super: {

     

       37
       37
       -
                   radicale1 = super.radicale1.overrideAttrs (oldAttrs: {

     

       38
       38
       -
                     propagatedBuildInputs = with self.pythonPackages;

     

       39
       39
       -
                       (oldAttrs.propagatedBuildInputs or []) ++ [ passlib ];

     

       40
       40
       -
                   });

     

       41
       41
       -
                 })

     

       42
       42
       -
               ];

     

       43
       43
       -
               system.stateVersion = "17.03";

     

       44
       44
       -
             };

     

       45
       45
       -
             radicale1_export = lib.recursiveUpdate radicale1 {

     

       46
       46
       -
               services.radicale.extraArgs = [

     

       47
       47
       -
                 "--export-storage" "/tmp/collections-new"

     

       48
       48
       -
               ];

     

       49
       49
       -
               system.stateVersion = "17.03";

     

       50
       50
       -
             };

     

       51
       51
       -
             radicale2_verify = lib.recursiveUpdate radicale2 {

     

       52
       52
       -
               services.radicale.extraArgs = [ "--debug" "--verify-storage" ];

     

       53
       53
       -
               system.stateVersion = "17.09";

     

       54
       54
       -
             };

     

       55
       55
       -
             radicale2 = lib.recursiveUpdate (common args) {

     

       56
       56
       -
               system.stateVersion = "17.09";

     

       57
       57
       -
             };

     

       58
       58
       -
             radicale3 = lib.recursiveUpdate (common args) {

     

       59
       59
       -
               system.stateVersion = "20.09";

     

       60
       60
       -
             };

     

       61
       61
       -
           };

     

       79
       79
       +
           with subtest("Test rights file"):

     

       80
       80
       +
               machine.fail(

     

       81
       81
       +
                   "${cli} --caldav-url http://localhost:${port}/${user} calendar create sub/cal"

     

       82
       82
       +
               )

     

       83
       83
       +
               machine.fail(

     

       84
       84
       +
                   "${cli} --caldav-url http://localhost:${port}/otheruser calendar create cal"

     

       85
       85
       +
               )

     

       62
       86
        
       

     

       63
       63
       -
           # This tests whether the web interface is accessible to an authenticated user

     

       64
       64
       -
           testScript = { nodes }: let

     

       65
       65
       -
             switchToConfig = nodeName: let

     

       66
       66
       -
               newSystem = nodes.${nodeName}.config.system.build.toplevel;

     

       67
       67
       -
             in "${newSystem}/bin/switch-to-configuration test";

     

       68
       68
       -
           in ''

     

       69
       69
       -
             with subtest("Check Radicale 1 functionality"):

     

       70
       70
       -
                 radicale.succeed(

     

       71
       71
       -
                     "${switchToConfig "radicale1"} >&2"

     

       72
       72
       -
                 )

     

       73
       73
       -
                 radicale.wait_for_unit("radicale.service")

     

       74
       74
       -
                 radicale.wait_for_open_port(${port})

     

       75
       75
       -
                 radicale.succeed(

     

       76
       76
       -
                     "curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"

     

       77
       77
       -
                 )

     

       87
       87
       +
           with subtest("Test web interface"):

     

       88
       88
       +
               machine.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")

     

       78
       89
        
       

     

       79
       79
       -
             with subtest("Export data in Radicale 2 format"):

     

       80
       80
       -
                 radicale.succeed("systemctl stop radicale")

     

       81
       81
       -
                 radicale.succeed("ls -al /tmp/collections")

     

       82
       82
       -
                 radicale.fail("ls -al /tmp/collections-new")

     

       83
       83
       -
       

     

       84
       84
       -
             with subtest("Radicale exits immediately after exporting storage"):

     

       85
       85
       -
                 radicale.succeed(

     

       86
       86
       -
                     "${switchToConfig "radicale1_export"} >&2"

     

       87
       87
       -
                 )

     

       88
       88
       -
                 radicale.wait_until_fails("systemctl status radicale")

     

       89
       89
       -
                 radicale.succeed("ls -al /tmp/collections")

     

       90
       90
       -
                 radicale.succeed("ls -al /tmp/collections-new")

     

       91
       91
       -
       

     

       92
       92
       -
             with subtest("Verify data in Radicale 2 format"):

     

       93
       93
       -
                 radicale.succeed("rm -r /tmp/collections/${user}")

     

       94
       94
       -
                 radicale.succeed("mv /tmp/collections-new/collection-root /tmp/collections")

     

       95
       95
       -
                 radicale.succeed(

     

       96
       96
       -
                     "${switchToConfig "radicale2_verify"} >&2"

     

       97
       97
       -
                 )

     

       98
       98
       -
                 radicale.wait_until_fails("systemctl status radicale")

     

       99
       99
       -
       

     

       100
       100
       -
                 (retcode, logs) = radicale.execute("journalctl -u radicale -n 10")

     

       101
       101
       -
                 assert (

     

       102
       102
       -
                     retcode == 0 and "Verifying storage" in logs

     

       103
       103
       -
                 ), "Radicale 2 didn't verify storage"

     

       104
       104
       -
                 assert (

     

       105
       105
       -
                     "failed" not in logs and "exception" not in logs

     

       106
       106
       -
                 ), "storage verification failed"

     

       107
       107
       -
       

     

       108
       108
       -
             with subtest("Check Radicale 2 functionality"):

     

       109
       109
       -
                 radicale.succeed(

     

       110
       110
       -
                     "${switchToConfig "radicale2"} >&2"

     

       111
       111
       -
                 )

     

       112
       112
       -
                 radicale.wait_for_unit("radicale.service")

     

       113
       113
       -
                 radicale.wait_for_open_port(${port})

     

       114
       114
       -
       

     

       115
       115
       -
                 (retcode, output) = radicale.execute(

     

       116
       116
       -
                     "curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"

     

       117
       117
       -
                 )

     

       118
       118
       -
                 assert (

     

       119
       119
       -
                     retcode == 0 and "VCALENDAR" in output

     

       120
       120
       -
                 ), "Could not read calendar from Radicale 2"

     

       121
       121
       -
       

     

       122
       122
       -
                 radicale.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")

     

       123
       123
       -
       

     

       124
       124
       -
             with subtest("Check Radicale 3 functionality"):

     

       125
       125
       -
                 radicale.succeed(

     

       126
       126
       -
                     "${switchToConfig "radicale3"} >&2"

     

       127
       127
       -
                 )

     

       128
       128
       -
                 radicale.wait_for_unit("radicale.service")

     

       129
       129
       -
                 radicale.wait_for_open_port(${port})

     

       130
       130
       -
       

     

       131
       131
       -
                 (retcode, output) = radicale.execute(

     

       132
       132
       -
                     "curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"

     

       133
       133
       -
                 )

     

       134
       134
       -
                 assert (

     

       135
       135
       -
                     retcode == 0 and "VCALENDAR" in output

     

       136
       136
       -
                 ), "Could not read calendar from Radicale 3"

     

       137
       137
       -
       

     

       138
       138
       -
                 radicale.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")

     

       139
       139
       -
           '';

     

       90
       90
       +
           with subtest("Test security"):

     

       91
       91
       +
               output = machine.succeed("systemd-analyze security radicale.service")

     

       92
       92
       +
               machine.log(output)

     

       93
       93
       +
               assert output[-9:-1] == "SAFE :-}"

     

       94
       94
       +
         '';

     

       140
       95
        
       })

+34

pkgs/tools/networking/calendar-cli/default.nix

···

       1
       1
       +
       { lib

     

       2
       2
       +
       , python3

     

       3
       3
       +
       , fetchFromGitHub

     

       4
       4
       +
       }:

     

       5
       5
       +
       

     

       6
       6
       +
       python3.pkgs.buildPythonApplication rec {

     

       7
       7
       +
         pname = "calendar-cli";

     

       8
       8
       +
         version = "0.12.0";

     

       9
       9
       +
       

     

       10
       10
       +
         src = fetchFromGitHub {

     

       11
       11
       +
           owner = "tobixen";

     

       12
       12
       +
           repo = "calendar-cli";

     

       13
       13
       +
           rev = "v${version}";

     

       14
       14
       +
           sha256 = "0qjld2m7hl3dx90491pqbjcja82c1f5gwx274kss4lkb8aw0kmlv";

     

       15
       15
       +
         };

     

       16
       16
       +
       

     

       17
       17
       +
         propagatedBuildInputs = with python3.pkgs; [

     

       18
       18
       +
           icalendar

     

       19
       19
       +
           caldav

     

       20
       20
       +
           pytz

     

       21
       21
       +
           tzlocal

     

       22
       22
       +
           six

     

       23
       23
       +
         ];

     

       24
       24
       +
       

     

       25
       25
       +
         # tests require networking

     

       26
       26
       +
         doCheck = false;

     

       27
       27
       +
       

     

       28
       28
       +
         meta = with lib; {

     

       29
       29
       +
           description = "Simple command-line CalDav client";

     

       30
       30
       +
           homepage = "https://github.com/tobixen/calendar-cli";

     

       31
       31
       +
           license = licenses.gpl3Plus;

     

       32
       32
       +
           maintainers = with maintainers; [ dotlambda ];

     

       33
       33
       +
         };

     

       34
       34
       +
       }

pkgs/top-level/all-packages.nix

···

       2012
       2012
        
           boost = pkgs.boost.override { python = python3; };

     

       2013
       2013
        
         };

     

       2014
       2014
        
       

     

       2015
       2015
       +
         calendar-cli = callPackage ../tools/networking/calendar-cli { };

     

       2016
       2016
       +
       

     

       2015
       2017
        
         candle = libsForQt5.callPackage ../applications/misc/candle { };

     

       2016
       2018
        
       

     

       2017
       2019
        
         capstone = callPackage ../development/libraries/capstone { };