nixpkgs/nixos/tests/sourcehut/sourcehut.nix

import ../make-test-python.nix ({ pkgs, lib, ... }:
let
  domain = "sourcehut.localdomain";

  # Note that wildcard certificates just under the TLD (eg. *.com)
  # would be rejected by clients like curl.
  tls-cert = pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
    openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -days 36500 \
      -subj '/CN=${domain}' -extensions v3_req \
      -addext 'subjectAltName = DNS:*.${domain}'
    install -D -t $out key.pem cert.pem
  '';
in
{
  name = "sourcehut";

  meta.maintainers = [ pkgs.lib.maintainers.tomberek ];

  nodes.machine = { config, pkgs, nodes, ... }: {
    # buildsrht needs space
    virtualisation.diskSize = 4 * 1024;
    virtualisation.memorySize = 2 * 1024;
    networking.domain = domain;
    networking.enableIPv6 = false;
    networking.extraHosts = ''
      ${config.networking.primaryIPAddress} builds.${domain}
      ${config.networking.primaryIPAddress} git.${domain}
      ${config.networking.primaryIPAddress} meta.${domain}
    '';

    services.sourcehut = {
      enable = true;
      nginx.enable = true;
      nginx.virtualHost = {
        forceSSL = true;
        sslCertificate = "${tls-cert}/cert.pem";
        sslCertificateKey = "${tls-cert}/key.pem";
      };
      postgresql.enable = true;
      redis.enable = true;

      meta.enable = true;
      builds = {
        enable = true;
        # FIXME: see why it does not seem to activate fully.
        #enableWorker = true;
        images = { };
      };
      git.enable = true;

      settings."sr.ht" = {
        environment = "production";
        global-domain = config.networking.domain;
        service-key = pkgs.writeText "service-key" "8b327279b77e32a3620e2fc9aabce491cc46e7d821fd6713b2a2e650ce114d01";
        network-key = pkgs.writeText "network-key" "cEEmc30BRBGkgQZcHFksiG7hjc6_dK1XR2Oo5Jb9_nQ=";
      };
      settings."builds.sr.ht" = {
        oauth-client-secret = pkgs.writeText "buildsrht-oauth-client-secret" "2260e9c4d9b8dcedcef642860e0504bc";
        oauth-client-id = "299db9f9c2013170";
      };
      settings."git.sr.ht" = {
        oauth-client-secret = pkgs.writeText "gitsrht-oauth-client-secret" "3597288dc2c716e567db5384f493b09d";
        oauth-client-id = "d07cb713d920702e";
      };
      settings.webhooks.private-key = pkgs.writeText "webhook-key" "Ra3IjxgFiwG9jxgp4WALQIZw/BMYt30xWiOsqD0J7EA=";
      settings.mail = {
        smtp-from = "root+hut@${domain}";
        # WARNING: take care to keep pgp-privkey outside the Nix store in production,
        # or use LoadCredentialEncrypted=
        pgp-privkey = toString (pkgs.writeText "sourcehut.pgp-privkey" ''
          -----BEGIN PGP PRIVATE KEY BLOCK-----

          lFgEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd
          Gk7hYQoAAP9X4oPmxxrHN8LewBpWITdBomNqlHoiP7mI0nz/BOPJHxEktDZuaXhv
          cy90ZXN0cy9zb3VyY2VodXQgPHJvb3QraHV0QHNvdXJjZWh1dC5sb2NhbGRvbWFp
          bj6IlwQTFgoAPxYhBPqjgjnL8RHN4JnADNicgXaYm0jJBQJioNE5AhsDBQkDwmcA
          BgsJCAcDCgUVCgkICwUWAwIBAAIeBQIXgAAKCRDYnIF2mJtIySVCAP9e2nHsVHSi
          2B1YGZpVG7Xf36vxljmMkbroQy+0gBPwRwEAq+jaiQqlbGhQ7R/HMFcAxBIVsq8h
          Aw1rngsUd0o3dAicXQRioNE5EgorBgEEAZdVAQUBAQdAXZV2Sd5ZNBVTBbTGavMv
          D6ORrUh8z7TI/3CsxCE7+yADAQgHAAD/c1RU9xH+V/uI1fE7HIn/zL0LUPpsuce2
          cH++g4u3kBgTOYh+BBgWCgAmFiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg0TkC
          GwwFCQPCZwAACgkQ2JyBdpibSMlKagD/cTre6p1m8QuJ7kwmCFRSz5tBzIuYMMgN
          xtT7dmS91csA/35fWsOykSiFRojQ7ccCSUTHL7ApF2EbL968tP/D2hIG
          =Hjoc
          -----END PGP PRIVATE KEY BLOCK-----
        '');
        pgp-pubkey = pkgs.writeText "sourcehut.pgp-pubkey" ''
          -----BEGIN PGP PUBLIC KEY BLOCK-----

          mDMEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd
          Gk7hYQq0Nm5peG9zL3Rlc3RzL3NvdXJjZWh1dCA8cm9vdCtodXRAc291cmNlaHV0
          LmxvY2FsZG9tYWluPoiXBBMWCgA/FiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg
          0TkCGwMFCQPCZwAGCwkIBwMKBRUKCQgLBRYDAgEAAh4FAheAAAoJENicgXaYm0jJ
          JUIA/17acexUdKLYHVgZmlUbtd/fq/GWOYyRuuhDL7SAE/BHAQCr6NqJCqVsaFDt
          H8cwVwDEEhWyryEDDWueCxR3Sjd0CLg4BGKg0TkSCisGAQQBl1UBBQEBB0BdlXZJ
          3lk0FVMFtMZq8y8Po5GtSHzPtMj/cKzEITv7IAMBCAeIfgQYFgoAJhYhBPqjgjnL
          8RHN4JnADNicgXaYm0jJBQJioNE5AhsMBQkDwmcAAAoJENicgXaYm0jJSmoA/3E6
          3uqdZvELie5MJghUUs+bQcyLmDDIDcbU+3ZkvdXLAP9+X1rDspEohUaI0O3HAklE
          xy+wKRdhGy/evLT/w9oSBg==
          =pJD7
          -----END PGP PUBLIC KEY BLOCK-----
        '';
        pgp-key-id = "0xFAA38239CBF111CDE099C00CD89C8176989B48C9";
      };
    };

    networking.firewall.allowedTCPPorts = [ 80 443 ];
    security.pki.certificateFiles = [ "${tls-cert}/cert.pem" ];
    services.nginx = {
      enable = true;
      recommendedGzipSettings = true;
      recommendedOptimisation = true;
      recommendedTlsSettings = true;
      recommendedProxySettings = true;
    };

    services.postgresql = {
      enable = true;
      enableTCPIP = false;
      settings.unix_socket_permissions = "0770";
    };

    environment.systemPackages = with pkgs; [
      (callPackage ./srht-gen-oauth-tok.nix { }) # To automatically generate OAuth tokens
    ];
  };

  testScript =
    let
      userName = "nixos-test";
      userPass = "AutoNixosTestPwd";
    in
    ''
      start_all()
      machine.wait_for_unit("multi-user.target")

      # Testing metasrht
      machine.wait_for_unit("metasrht-api.service")
      machine.wait_for_unit("metasrht.service")
      machine.wait_for_unit("metasrht-webhooks.service")
      machine.wait_for_open_port(5000)
      machine.succeed("curl -sL http://localhost:5000 | grep meta.${domain}")
      machine.succeed("curl -sL http://meta.${domain} | grep meta.${domain}")

      ## Create a test user for subsequent tests
      machine.succeed("echo ${userPass} | metasrht-manageuser -ps -e ${userName}@${domain}\
                       -t active_free ${userName}");

      ## Obtain a OAuth token to be used for querying APIs directly
      (_, token) = machine.execute("srht-gen-oauth-tok -i ${domain} -q ${userName} ${userPass}")
      print(token)

      # Testing buildsrht
      machine.wait_for_unit("buildsrht.service")
      machine.wait_for_open_port(5002)
      machine.succeed("curl -sL http://localhost:5002 | grep builds.${domain}")
      #machine.wait_for_unit("buildsrht-worker.service")

      # Testing gitsrht
      machine.wait_for_unit("gitsrht-api.service")
      machine.wait_for_unit("gitsrht.service")
      machine.wait_for_unit("gitsrht-webhooks.service")
      machine.succeed("curl -sL http://git.${domain} | grep git.${domain}")
    '';
})
nixosTests.sourcehut: test user creation and OAuth token generation 2023-11-30 15:03:01 +00:00			`import ../make-test-python.nix ({ pkgs, lib, ... }:`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`let`
			`domain = "sourcehut.localdomain";`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`# Note that wildcard certificates just under the TLD (eg. *.com)`
			`# would be rejected by clients like curl.`
			`tls-cert = pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''`
			`openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -days 36500 \`
			`-subj '/CN=${domain}' -extensions v3_req \`
			`-addext 'subjectAltName = DNS:*.${domain}'`
			`install -D -t $out key.pem cert.pem`
			`'';`
			`in`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00			`{`
			`name = "sourcehut";`

			`meta.maintainers = [ pkgs.lib.maintainers.tomberek ];`

treewide: machine -> nodes.machine 2022-03-20 23:15:30 +00:00			`nodes.machine = { config, pkgs, nodes, ... }: {`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`# buildsrht needs space`
			`virtualisation.diskSize = 4 * 1024;`
			`virtualisation.memorySize = 2 * 1024;`
			`networking.domain = domain;`
sourcehut: disable IPv6 completely for tests Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2023-08-07 22:43:26 +00:00			`networking.enableIPv6 = false;`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`networking.extraHosts = ''`
			`${config.networking.primaryIPAddress} builds.${domain}`
nixos/sourcehut: test gitsrht 2022-02-12 00:26:41 +00:00			`${config.networking.primaryIPAddress} git.${domain}`
			`${config.networking.primaryIPAddress} meta.${domain}`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`'';`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00
			`services.sourcehut = {`
			`enable = true;`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`nginx.enable = true;`
			`nginx.virtualHost = {`
			`forceSSL = true;`
			`sslCertificate = "${tls-cert}/cert.pem";`
			`sslCertificateKey = "${tls-cert}/key.pem";`
			`};`
nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`postgresql.enable = true;`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`redis.enable = true;`

nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`meta.enable = true;`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`builds = {`
			`enable = true;`
			`# FIXME: see why it does not seem to activate fully.`
			`#enableWorker = true;`
nixosTests.sourcehut: remove unused VM image specifications At the time of this commit, sourcehut.builds is broken and its test infrastructure is partial at best. The specified image only inflated the closure size without any added benefit. 2023-11-26 11:53:02 +00:00			`images = { };`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`};`
nixos/sourcehut: test gitsrht 2022-02-12 00:26:41 +00:00			`git.enable = true;`

nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`settings."sr.ht" = {`
nixosTests.sourcehut: run tests within a production environment 2023-11-30 15:11:21 +00:00			`environment = "production";`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`global-domain = config.networking.domain;`
nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`service-key = pkgs.writeText "service-key" "8b327279b77e32a3620e2fc9aabce491cc46e7d821fd6713b2a2e650ce114d01";`
			`network-key = pkgs.writeText "network-key" "cEEmc30BRBGkgQZcHFksiG7hjc6_dK1XR2Oo5Jb9_nQ=";`
			`};`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`settings."builds.sr.ht" = {`
			`oauth-client-secret = pkgs.writeText "buildsrht-oauth-client-secret" "2260e9c4d9b8dcedcef642860e0504bc";`
			`oauth-client-id = "299db9f9c2013170";`
			`};`
nixos/sourcehut: test gitsrht 2022-02-12 00:26:41 +00:00			`settings."git.sr.ht" = {`
			`oauth-client-secret = pkgs.writeText "gitsrht-oauth-client-secret" "3597288dc2c716e567db5384f493b09d";`
			`oauth-client-id = "d07cb713d920702e";`
			`};`
nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`settings.webhooks.private-key = pkgs.writeText "webhook-key" "Ra3IjxgFiwG9jxgp4WALQIZw/BMYt30xWiOsqD0J7EA=";`
nixos/sourcehut: some settings became mandatory upstream 2022-06-08 19:25:15 +00:00			`settings.mail = {`
			`smtp-from = "root+hut@${domain}";`
			`# WARNING: take care to keep pgp-privkey outside the Nix store in production,`
			`# or use LoadCredentialEncrypted=`
			`pgp-privkey = toString (pkgs.writeText "sourcehut.pgp-privkey" ''`
			`-----BEGIN PGP PRIVATE KEY BLOCK-----`

			`lFgEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd`
			`Gk7hYQoAAP9X4oPmxxrHN8LewBpWITdBomNqlHoiP7mI0nz/BOPJHxEktDZuaXhv`
			`cy90ZXN0cy9zb3VyY2VodXQgPHJvb3QraHV0QHNvdXJjZWh1dC5sb2NhbGRvbWFp`
			`bj6IlwQTFgoAPxYhBPqjgjnL8RHN4JnADNicgXaYm0jJBQJioNE5AhsDBQkDwmcA`
			`BgsJCAcDCgUVCgkICwUWAwIBAAIeBQIXgAAKCRDYnIF2mJtIySVCAP9e2nHsVHSi`
			`2B1YGZpVG7Xf36vxljmMkbroQy+0gBPwRwEAq+jaiQqlbGhQ7R/HMFcAxBIVsq8h`
			`Aw1rngsUd0o3dAicXQRioNE5EgorBgEEAZdVAQUBAQdAXZV2Sd5ZNBVTBbTGavMv`
			`D6ORrUh8z7TI/3CsxCE7+yADAQgHAAD/c1RU9xH+V/uI1fE7HIn/zL0LUPpsuce2`
			`cH++g4u3kBgTOYh+BBgWCgAmFiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg0TkC`
			`GwwFCQPCZwAACgkQ2JyBdpibSMlKagD/cTre6p1m8QuJ7kwmCFRSz5tBzIuYMMgN`
			`xtT7dmS91csA/35fWsOykSiFRojQ7ccCSUTHL7ApF2EbL968tP/D2hIG`
			`=Hjoc`
			`-----END PGP PRIVATE KEY BLOCK-----`
			`'');`
			`pgp-pubkey = pkgs.writeText "sourcehut.pgp-pubkey" ''`
			`-----BEGIN PGP PUBLIC KEY BLOCK-----`

			`mDMEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd`
			`Gk7hYQq0Nm5peG9zL3Rlc3RzL3NvdXJjZWh1dCA8cm9vdCtodXRAc291cmNlaHV0`
			`LmxvY2FsZG9tYWluPoiXBBMWCgA/FiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg`
			`0TkCGwMFCQPCZwAGCwkIBwMKBRUKCQgLBRYDAgEAAh4FAheAAAoJENicgXaYm0jJ`
			`JUIA/17acexUdKLYHVgZmlUbtd/fq/GWOYyRuuhDL7SAE/BHAQCr6NqJCqVsaFDt`
			`H8cwVwDEEhWyryEDDWueCxR3Sjd0CLg4BGKg0TkSCisGAQQBl1UBBQEBB0BdlXZJ`
			`3lk0FVMFtMZq8y8Po5GtSHzPtMj/cKzEITv7IAMBCAeIfgQYFgoAJhYhBPqjgjnL`
			`8RHN4JnADNicgXaYm0jJBQJioNE5AhsMBQkDwmcAAAoJENicgXaYm0jJSmoA/3E6`
			`3uqdZvELie5MJghUUs+bQcyLmDDIDcbU+3ZkvdXLAP9+X1rDspEohUaI0O3HAklE`
			`xy+wKRdhGy/evLT/w9oSBg==`
			`=pJD7`
			`-----END PGP PUBLIC KEY BLOCK-----`
			`'';`
			`pgp-key-id = "0xFAA38239CBF111CDE099C00CD89C8176989B48C9";`
			`};`
nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`};`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00
nixosTests.sourcehut: listen on port 80, as well 2023-11-30 15:05:00 +00:00			`networking.firewall.allowedTCPPorts = [ 80 443 ];`
nixos/sourcehut: add more tests 2021-12-01 07:08:56 +00:00			`security.pki.certificateFiles = [ "${tls-cert}/cert.pem" ];`
			`services.nginx = {`
			`enable = true;`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedTlsSettings = true;`
			`recommendedProxySettings = true;`
			`};`

nixos/sourcehut: update test 2021-08-28 17:46:05 +00:00			`services.postgresql = {`
			`enable = true;`
			`enableTCPIP = false;`
			`settings.unix_socket_permissions = "0770";`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00			`};`
nixosTests.sourcehut: test user creation and OAuth token generation 2023-11-30 15:03:01 +00:00
			`environment.systemPackages = with pkgs; [`
			`(callPackage ./srht-gen-oauth-tok.nix { }) # To automatically generate OAuth tokens`
			`];`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00			`};`

nixosTests.sourcehut: test user creation and OAuth token generation 2023-11-30 15:03:01 +00:00			`testScript =`
			`let`
			`userName = "nixos-test";`
			`userPass = "AutoNixosTestPwd";`
			`in`
			`''`
			`start_all()`
			`machine.wait_for_unit("multi-user.target")`

			`# Testing metasrht`
			`machine.wait_for_unit("metasrht-api.service")`
			`machine.wait_for_unit("metasrht.service")`
			`machine.wait_for_unit("metasrht-webhooks.service")`
			`machine.wait_for_open_port(5000)`
			`machine.succeed("curl -sL http://localhost:5000 \| grep meta.${domain}")`
			`machine.succeed("curl -sL http://meta.${domain} \| grep meta.${domain}")`

			`## Create a test user for subsequent tests`
			`machine.succeed("echo ${userPass} \| metasrht-manageuser -ps -e ${userName}@${domain}\`
			`-t active_free ${userName}");`

			`## Obtain a OAuth token to be used for querying APIs directly`
			`(_, token) = machine.execute("srht-gen-oauth-tok -i ${domain} -q ${userName} ${userPass}")`
			`print(token)`

			`# Testing buildsrht`
			`machine.wait_for_unit("buildsrht.service")`
			`machine.wait_for_open_port(5002)`
			`machine.succeed("curl -sL http://localhost:5002 \| grep builds.${domain}")`
			`#machine.wait_for_unit("buildsrht-worker.service")`

			`# Testing gitsrht`
			`machine.wait_for_unit("gitsrht-api.service")`
			`machine.wait_for_unit("gitsrht.service")`
			`machine.wait_for_unit("gitsrht-webhooks.service")`
			`machine.succeed("curl -sL http://git.${domain} \| grep git.${domain}")`
			`'';`
nixos/sourcehut: init (#113244) * nixos/sourcehut: init * sourcehut: default nginx setup * sourcehut: documentation * sourcehut: re-structure settings * sourcehut: tests * nixos/sourcehut: adopt StateDirectory * Apply suggestions from code review Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> * nixos/sourcehut: PR suggestions * nixos/sourcehut: malte-v patch * nixos/sourcehut: add base virtualhost * nixos/sourcehut: remove superfluous key * nixos/sourcehut: use default from cfg * nixos/sourcehut: use originBase for logs * nixos/sourcehut: use toPythonApplication in systemPackages * nixos/sourcehut: directly use ExecStart * nixos/sourcehut: update docs Co-authored-by: Aaron Andersen <aaron@fosslib.net> Co-authored-by: Thibaut Marty <github@thibautmarty.fr> Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com> 2021-06-05 18:42:51 +00:00			`})`