2020-06-03 21:12:06 +00:00
|
|
|
import ./make-test-python.nix ({ pkgs, ...}:
|
|
|
|
let
|
|
|
|
port = 8000;
|
|
|
|
baseUrl = "http://server:${toString port}";
|
|
|
|
in
|
|
|
|
{
|
|
|
|
name = "pinnwand";
|
2021-01-10 19:08:30 +00:00
|
|
|
meta = with pkgs.lib.maintainers; {
|
2020-06-03 21:12:06 +00:00
|
|
|
maintainers =[ hexa ];
|
|
|
|
};
|
|
|
|
|
|
|
|
nodes = {
|
|
|
|
server = { config, ... }:
|
|
|
|
{
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
port
|
|
|
|
];
|
|
|
|
|
|
|
|
services.pinnwand = {
|
|
|
|
enable = true;
|
|
|
|
port = port;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
client = { pkgs, ... }:
|
|
|
|
{
|
2022-11-27 12:25:36 +00:00
|
|
|
environment.systemPackages = [
|
|
|
|
pkgs.steck
|
|
|
|
|
|
|
|
(pkgs.writers.writePython3Bin "setup-steck.py" {
|
|
|
|
libraries = with pkgs.python3.pkgs; [ appdirs toml ];
|
|
|
|
flakeIgnore = [
|
|
|
|
"E501"
|
|
|
|
];
|
|
|
|
}
|
|
|
|
''
|
|
|
|
import appdirs
|
|
|
|
import toml
|
|
|
|
import os
|
|
|
|
|
|
|
|
CONFIG = {
|
|
|
|
"base": "${baseUrl}/",
|
|
|
|
"confirm": False,
|
|
|
|
"magic": True,
|
|
|
|
"ignore": True
|
|
|
|
}
|
|
|
|
|
|
|
|
os.makedirs(appdirs.user_config_dir('steck'))
|
|
|
|
with open(os.path.join(appdirs.user_config_dir('steck'), 'steck.toml'), "w") as fd:
|
|
|
|
toml.dump(CONFIG, fd)
|
|
|
|
'')
|
|
|
|
];
|
2020-06-03 21:12:06 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
testScript = ''
|
|
|
|
start_all()
|
|
|
|
|
|
|
|
server.wait_for_unit("pinnwand.service")
|
|
|
|
client.wait_for_unit("network.target")
|
|
|
|
|
|
|
|
# create steck.toml config file
|
2022-11-27 12:25:36 +00:00
|
|
|
client.succeed("setup-steck.py")
|
2020-06-03 21:12:06 +00:00
|
|
|
|
|
|
|
# wait until the server running pinnwand is reachable
|
|
|
|
client.wait_until_succeeds("ping -c1 server")
|
|
|
|
|
|
|
|
# make sure pinnwand is listening
|
2021-04-29 22:03:43 +00:00
|
|
|
server.wait_for_open_port(${toString port})
|
2020-06-03 21:12:06 +00:00
|
|
|
|
|
|
|
# send the contents of /etc/machine-id
|
|
|
|
response = client.succeed("steck paste /etc/machine-id")
|
|
|
|
|
|
|
|
# parse the steck response
|
|
|
|
raw_url = None
|
|
|
|
removal_link = None
|
|
|
|
for line in response.split("\n"):
|
|
|
|
if line.startswith("View link:"):
|
|
|
|
raw_url = f"${baseUrl}/raw/{line.split('/')[-1]}"
|
|
|
|
if line.startswith("Removal link:"):
|
|
|
|
removal_link = line.split(":", 1)[1]
|
|
|
|
|
|
|
|
# check whether paste matches what we sent
|
|
|
|
client.succeed(f"curl {raw_url} > /tmp/machine-id")
|
|
|
|
client.succeed("diff /tmp/machine-id /etc/machine-id")
|
|
|
|
|
|
|
|
# remove paste and check that it's not available any more
|
|
|
|
client.succeed(f"curl {removal_link}")
|
|
|
|
client.fail(f"curl --fail {raw_url}")
|
2021-04-29 21:12:20 +00:00
|
|
|
|
2022-11-27 12:25:36 +00:00
|
|
|
server.log(server.execute("systemd-analyze security pinnwand | grep '✗'")[1])
|
2020-06-03 21:12:06 +00:00
|
|
|
'';
|
|
|
|
})
|