# Test powerdns-admin { system ? builtins.currentSystem, config ? { }, pkgs ? import ../.. { inherit system config; }, }: with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let defaultConfig = '' BIND_ADDRESS = '127.0.0.1' PORT = 8000 CAPTCHA_ENABLE = False ''; makeAppTest = name: configs: makeTest { name = "powerdns-admin-${name}"; meta = with pkgs.lib.maintainers; { maintainers = [ Flakebi zhaofengli ]; }; nodes.server = { pkgs, config, ... }: mkMerge ( [ { services.powerdns-admin = { enable = true; secretKeyFile = "/etc/powerdns-admin/secret"; saltFile = "/etc/powerdns-admin/salt"; }; # It's insecure to have secrets in the world-readable nix store, but this is just a test environment.etc."powerdns-admin/secret".text = "secret key"; environment.etc."powerdns-admin/salt".text = "salt"; environment.systemPackages = [ (pkgs.writeShellScriptBin "run-test" config.system.build.testScript) ]; } ] ++ configs ); testScript = '' server.wait_for_unit("powerdns-admin.service") server.wait_until_succeeds("run-test", timeout=10) ''; }; matrix = { backend = { mysql = { services.powerdns-admin = { config = '' ${defaultConfig} SQLALCHEMY_DATABASE_URI = 'mysql://powerdnsadmin@/powerdnsadmin?unix_socket=/run/mysqld/mysqld.sock' ''; }; systemd.services.powerdns-admin = { after = [ "mysql.service" ]; serviceConfig.BindPaths = "/run/mysqld"; }; services.mysql = { enable = true; package = pkgs.mariadb; ensureDatabases = [ "powerdnsadmin" ]; ensureUsers = [ { name = "powerdnsadmin"; ensurePermissions = { "powerdnsadmin.*" = "ALL PRIVILEGES"; }; } ]; }; }; postgresql = { services.powerdns-admin = { config = '' ${defaultConfig} SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql' ''; }; systemd.services.powerdns-admin = { after = [ "postgresql.service" ]; serviceConfig.BindPaths = "/run/postgresql"; }; services.postgresql = { enable = true; ensureDatabases = [ "powerdnsadmin" ]; ensureUsers = [ { name = "powerdnsadmin"; ensureDBOwnership = true; } ]; }; }; }; listen = { tcp = { services.powerdns-admin.extraArgs = [ "-b" "127.0.0.1:8000" ]; system.build.testScript = '' set -euxo pipefail curl -sSf http://127.0.0.1:8000/ # Create account to check that the database migrations ran csrf_token="$(curl -sSfc session http://127.0.0.1:8000/register | grep _csrf_token | cut -d\" -f6)" # Outputs 'Redirecting' if successful curl -sSfb session http://127.0.0.1:8000/register \ -F "_csrf_token=$csrf_token" \ -F "firstname=first" \ -F "lastname=last" \ -F "email=a@example.com" \ -F "username=user" \ -F "password=password" \ -F "rpassword=password" | grep Redirecting # Login # Outputs 'Redirecting' if successful curl -sSfb session http://127.0.0.1:8000/login \ -F "_csrf_token=$csrf_token" \ -F "username=user" \ -F "password=password" | grep Redirecting # Check that we are logged in, this redirects to /admin/setting/pdns if we are curl -sSfb session http://127.0.0.1:8000/dashboard/ | grep /admin/setting ''; }; unix = { services.powerdns-admin.extraArgs = [ "-b" "unix:/run/powerdns-admin/http.sock" ]; system.build.testScript = '' curl -sSf --unix-socket /run/powerdns-admin/http.sock http://somehost/ ''; }; }; }; in with matrix; { postgresql = makeAppTest "postgresql" [ backend.postgresql listen.tcp ]; mysql = makeAppTest "mysql" [ backend.mysql listen.tcp ]; unix-listener = makeAppTest "unix-listener" [ backend.postgresql listen.unix ]; }