diff options
author | talyz <kim.lindberger@gmail.com> | 2021-05-14 14:39:03 +0200 |
---|---|---|
committer | talyz <kim.lindberger@gmail.com> | 2021-05-21 13:09:43 +0200 |
commit | 2d8a87081305f0bcfb401f32aff2822797264b3d (patch) | |
tree | 20379a34090c8e75ffaa3284ea44890c268e8f19 /nixos/tests/keycloak.nix | |
parent | ba00b0946ea624860032d836d1a3105e365cd84e (diff) | |
download | nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar.gz nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar.bz2 nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar.lz nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar.xz nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.tar.zst nixpkgs-2d8a87081305f0bcfb401f32aff2822797264b3d.zip |
keycloak.tests: Test HTTPS support
Diffstat (limited to 'nixos/tests/keycloak.nix')
-rw-r--r-- | nixos/tests/keycloak.nix | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/nixos/tests/keycloak.nix b/nixos/tests/keycloak.nix index ae8f4c5f7e6..fc321b8902f 100644 --- a/nixos/tests/keycloak.nix +++ b/nixos/tests/keycloak.nix @@ -3,7 +3,8 @@ # client using their Keycloak login. let - frontendUrl = "http://keycloak/auth"; + certs = import ./common/acme/server/snakeoil-certs.nix; + frontendUrl = "https://${certs.domain}/auth"; initialAdminPassword = "h4IhoJFnt2iQIR9"; keycloakTest = import ./make-test-python.nix ( @@ -17,15 +18,27 @@ let nodes = { keycloak = { ... }: { virtualisation.memorySize = 1024; + + security.pki.certificateFiles = [ + certs.ca.cert + ]; + + networking.extraHosts = '' + 127.0.0.1 ${certs.domain} + ''; + services.keycloak = { enable = true; inherit frontendUrl initialAdminPassword; + sslCertificate = certs.${certs.domain}.cert; + sslCertificateKey = certs.${certs.domain}.key; database = { type = databaseType; username = "bogus"; passwordFile = pkgs.writeText "dbPassword" "wzf6vOCbPp6cqTH"; }; }; + environment.systemPackages = with pkgs; [ xmlstarlet libtidy |