nixpkgs/nixos/tests/radicale.nix

let
  user = "someuser";
  password = "some_password";
  port = builtins.toString 5232;

  common = { pkgs, ... }: {
    services.radicale = {
      enable = true;
      config = ''
        [auth]
        type = htpasswd
        htpasswd_filename = /etc/radicale/htpasswd
        htpasswd_encryption = bcrypt

        [storage]
        filesystem_folder = /tmp/collections

        [logging]
        debug = True
      '';
    };
    # WARNING: DON'T DO THIS IN PRODUCTION!
    # This puts unhashed secrets directly into the Nix store for ease of testing.
    environment.etc."radicale/htpasswd".source = pkgs.runCommand "htpasswd" {} ''
      ${pkgs.apacheHttpd}/bin/htpasswd -bcB "$out" ${user} ${password}
    '';
  };

in

  import ./make-test.nix ({ lib, ... }@args: {
    name = "radicale";
    meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];

    nodes = rec {
      radicale = radicale1; # Make the test script read more nicely
      radicale1 = lib.recursiveUpdate (common args) {
        nixpkgs.overlays = [
          (self: super: {
            radicale1 = super.radicale1.overrideAttrs (oldAttrs: {
              propagatedBuildInputs = with self.pythonPackages;
                (oldAttrs.propagatedBuildInputs or []) ++ [ passlib ];
            });
          })
        ];
        system.stateVersion = "17.03";
      };
      radicale1_export = lib.recursiveUpdate radicale1 {
        services.radicale.extraArgs = [
          "--export-storage" "/tmp/collections-new"
        ];
      };
      radicale2_verify = lib.recursiveUpdate radicale2 {
        services.radicale.extraArgs = [ "--verify-storage" ];
      };
      radicale2 = lib.recursiveUpdate (common args) {
        system.stateVersion = "17.09";
      };
    };

    # This tests whether the web interface is accessible to an authenticated user
    testScript = { nodes }: let
      switchToConfig = nodeName: let
        newSystem = nodes.${nodeName}.config.system.build.toplevel;
      in "${newSystem}/bin/switch-to-configuration test";
    in ''
      # Check Radicale 1 functionality
      $radicale->succeed('${switchToConfig "radicale1"} >&2');
      $radicale->waitForUnit('radicale.service');
      $radicale->waitForOpenPort(${port});
      $radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');

      # Export data in Radicale 2 format
      $radicale->succeed('systemctl stop radicale');
      $radicale->succeed('ls -al /tmp/collections');
      $radicale->fail('ls -al /tmp/collections-new');
      # Radicale exits immediately after exporting storage
      $radicale->succeed('${switchToConfig "radicale1_export"} >&2');
      $radicale->waitUntilFails('systemctl status radicale');
      $radicale->succeed('ls -al /tmp/collections');
      $radicale->succeed('ls -al /tmp/collections-new');

      # Verify data in Radicale 2 format
      $radicale->succeed('rm -r /tmp/collections/${user}');
      $radicale->succeed('mv /tmp/collections-new/collection-root /tmp/collections');
      $radicale->succeed('${switchToConfig "radicale2_verify"} >&2');
      $radicale->waitUntilFails('systemctl status radicale');
      my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 5');
      if ($retcode != 0 || index($logs, 'Verifying storage') == -1) {
        die "Radicale 2 didn't verify storage"
      }
      if (index($logs, 'failed') != -1 || index($logs, 'exception') != -1) {
        die "storage verification failed"
      }

      # Check Radicale 2 functionality
      $radicale->succeed('${switchToConfig "radicale2"} >&2');
      $radicale->waitForUnit('radicale.service');
      $radicale->waitForOpenPort(${port});
      my ($retcode, $output) = $radicale->execute('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');
      if ($retcode != 0 || index($output, 'VCALENDAR') == -1) {
        die "Could not read calendar from Radicale 2"
      }
      $radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/.web/');
    '';
})
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`let`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00			`user = "someuser";`
			`password = "some_password";`
			`port = builtins.toString 5232;`

radicale: Test migration functionality This also provides an example of how to migrate. 2017-09-18 08:46:07 +00:00			`common = { pkgs, ... }: {`
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`services.radicale = {`
			`enable = true;`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00			`config = ''`
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`[auth]`
			`type = htpasswd`
			`htpasswd_filename = /etc/radicale/htpasswd`
			`htpasswd_encryption = bcrypt`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`[storage]`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00			`filesystem_folder = /tmp/collections`

radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`[logging]`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00			`debug = True`
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`'';`
			`};`
			`# WARNING: DON'T DO THIS IN PRODUCTION!`
nixos/tests: correct comment in radicale.nix (#32574) The secrets are in fact also stored unhashed, as part of the .drv file which produces the htpasswd. 2017-12-11 22:09:23 +00:00			`# This puts unhashed secrets directly into the Nix store for ease of testing.`
radicale: 1.1.4 -> 2.1.2 This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which also includes the needed command for migrating to 2.x The module is adjusted to the version change, defaulting to radicale2 if stateVersion >= 17.09 and radicale1 otherwise. It also now uses ExecStart instead of the script service attribute. Some missing dots at the end of sentences were also added. I added a paragraph in the release notes on how to update to a newer version. 2017-07-25 07:01:08 +00:00			`environment.etc."radicale/htpasswd".source = pkgs.runCommand "htpasswd" {} ''`
			`${pkgs.apacheHttpd}/bin/htpasswd -bcB "$out" ${user} ${password}`
radicale: Add NixOS test with Python 2 Includes testing bcrypt authentication. 2017-02-02 22:59:39 +00:00			`'';`
			`};`
radicale: Test migration functionality This also provides an example of how to migrate. 2017-09-18 08:46:07 +00:00
			`in`

[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`import ./make-test.nix ({ lib, ... }@args: {`
radicale: Test migration functionality This also provides an example of how to migrate. 2017-09-18 08:46:07 +00:00			`name = "radicale";`
			`meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];`

			`nodes = rec {`
			`radicale = radicale1; # Make the test script read more nicely`
			`radicale1 = lib.recursiveUpdate (common args) {`
			`nixpkgs.overlays = [`
			`(self: super: {`
			`radicale1 = super.radicale1.overrideAttrs (oldAttrs: {`
			`propagatedBuildInputs = with self.pythonPackages;`
			`(oldAttrs.propagatedBuildInputs or []) ++ [ passlib ];`
			`});`
			`})`
			`];`
Revert "nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1" This reverts commit 095fe5b43def40279a243e663c662b02caac5318. Pointless renames considered harmful. All they do is force people to spend extra work updating their configs for no benefit, and hindering the ability to switch between unstable and stable versions of NixOS. Like, what was the value of having the "nixos." there? I mean, by definition anything in a NixOS module has something to do with NixOS... 2018-07-25 20:22:54 +00:00			`system.stateVersion = "17.03";`
radicale: Test migration functionality This also provides an example of how to migrate. 2017-09-18 08:46:07 +00:00			`};`
			`radicale1_export = lib.recursiveUpdate radicale1 {`
			`services.radicale.extraArgs = [`
			`"--export-storage" "/tmp/collections-new"`
			`];`
			`};`
			`radicale2_verify = lib.recursiveUpdate radicale2 {`
			`services.radicale.extraArgs = [ "--verify-storage" ];`
			`};`
			`radicale2 = lib.recursiveUpdate (common args) {`
Revert "nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1" This reverts commit 095fe5b43def40279a243e663c662b02caac5318. Pointless renames considered harmful. All they do is force people to spend extra work updating their configs for no benefit, and hindering the ability to switch between unstable and stable versions of NixOS. Like, what was the value of having the "nixos." there? I mean, by definition anything in a NixOS module has something to do with NixOS... 2018-07-25 20:22:54 +00:00			`system.stateVersion = "17.09";`
radicale: Test migration functionality This also provides an example of how to migrate. 2017-09-18 08:46:07 +00:00			`};`
			`};`

			`# This tests whether the web interface is accessible to an authenticated user`
			`testScript = { nodes }: let`
			`switchToConfig = nodeName: let`
			`newSystem = nodes.${nodeName}.config.system.build.toplevel;`
			`in "${newSystem}/bin/switch-to-configuration test";`
			`in ''`
			`# Check Radicale 1 functionality`
			`$radicale->succeed('${switchToConfig "radicale1"} >&2');`
			`$radicale->waitForUnit('radicale.service');`
			`$radicale->waitForOpenPort(${port});`
			`$radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');`

			`# Export data in Radicale 2 format`
			`$radicale->succeed('systemctl stop radicale');`
			`$radicale->succeed('ls -al /tmp/collections');`
			`$radicale->fail('ls -al /tmp/collections-new');`
			`# Radicale exits immediately after exporting storage`
			`$radicale->succeed('${switchToConfig "radicale1_export"} >&2');`
			`$radicale->waitUntilFails('systemctl status radicale');`
			`$radicale->succeed('ls -al /tmp/collections');`
			`$radicale->succeed('ls -al /tmp/collections-new');`

			`# Verify data in Radicale 2 format`
			`$radicale->succeed('rm -r /tmp/collections/${user}');`
			`$radicale->succeed('mv /tmp/collections-new/collection-root /tmp/collections');`
			`$radicale->succeed('${switchToConfig "radicale2_verify"} >&2');`
			`$radicale->waitUntilFails('systemctl status radicale');`
			`my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 5');`
			`if ($retcode != 0 \|\| index($logs, 'Verifying storage') == -1) {`
			`die "Radicale 2 didn't verify storage"`
			`}`
			`if (index($logs, 'failed') != -1 \|\| index($logs, 'exception') != -1) {`
			`die "storage verification failed"`
			`}`

			`# Check Radicale 2 functionality`
			`$radicale->succeed('${switchToConfig "radicale2"} >&2');`
			`$radicale->waitForUnit('radicale.service');`
			`$radicale->waitForOpenPort(${port});`
			`my ($retcode, $output) = $radicale->execute('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');`
			`if ($retcode != 0 \|\| index($output, 'VCALENDAR') == -1) {`
			`die "Could not read calendar from Radicale 2"`
			`}`
			`$radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/.web/');`
			`'';`
radicale: Add aneeshusa as maintainer 2017-03-20 16:13:27 +00:00			`})`