diff options
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/dendrite.nix | 99 | ||||
| -rw-r--r-- | nixos/tests/prometheus-exporters.nix | 59 | ||||
| -rw-r--r-- | nixos/tests/signal-desktop.nix | 16 |
4 files changed, 169 insertions, 6 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 1173a177c3c..232d89052d4 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -90,6 +90,7 @@ in custom-ca = handleTest ./custom-ca.nix {}; croc = handleTest ./croc.nix {}; deluge = handleTest ./deluge.nix {}; + dendrite = handleTest ./dendrite.nix {}; dhparams = handleTest ./dhparams.nix {}; discourse = handleTest ./discourse.nix {}; dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {}; diff --git a/nixos/tests/dendrite.nix b/nixos/tests/dendrite.nix new file mode 100644 index 00000000000..a444c9b2001 --- /dev/null +++ b/nixos/tests/dendrite.nix @@ -0,0 +1,99 @@ +import ./make-test-python.nix ( + { pkgs, ... }: + let + homeserverUrl = "http://homeserver:8008"; + + private_key = pkgs.runCommand "matrix_key.pem" { + buildInputs = [ pkgs.dendrite ]; + } "generate-keys --private-key $out"; + in + { + name = "dendrite"; + meta = with pkgs.lib; { + maintainers = teams.matrix.members; + }; + + nodes = { + homeserver = { pkgs, ... }: { + services.dendrite = { + enable = true; + settings = { + global.server_name = "test-dendrite-server.com"; + global.private_key = private_key; + client_api.registration_disabled = false; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8008 ]; + }; + + client = { pkgs, ... }: { + environment.systemPackages = [ + ( + pkgs.writers.writePython3Bin "do_test" + { libraries = [ pkgs.python3Packages.matrix-nio ]; } '' + import asyncio + + from nio import AsyncClient + + + async def main() -> None: + # Connect to dendrite + client = AsyncClient("http://homeserver:8008", "alice") + + # Register as user alice + response = await client.register("alice", "my-secret-password") + + # Log in as user alice + response = await client.login("my-secret-password") + + # Create a new room + response = await client.room_create(federate=False) + room_id = response.room_id + + # Join the room + response = await client.join(room_id) + + # Send a message to the room + response = await client.room_send( + room_id=room_id, + message_type="m.room.message", + content={ + "msgtype": "m.text", + "body": "Hello world!" + } + ) + + # Sync responses + response = await client.sync(timeout=30000) + + # Check the message was received by dendrite + last_message = response.rooms.join[room_id].timeline.events[-1].body + assert last_message == "Hello world!" + + # Leave the room + response = await client.room_leave(room_id) + + # Close the client + await client.close() + + asyncio.get_event_loop().run_until_complete(main()) + '' + ) + ]; + }; + }; + + testScript = '' + start_all() + + with subtest("start the homeserver"): + homeserver.wait_for_unit("dendrite.service") + homeserver.wait_for_open_port(8008) + + with subtest("ensure messages can be exchanged"): + client.succeed("do_test") + ''; + + } +) diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index 2b17d0ff78f..e3bfff218ad 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -302,7 +302,7 @@ let url = "http://localhost"; configFile = pkgs.writeText "json-exporter-conf.json" (builtins.toJSON { metrics = [ - { name = "json_test_metric"; path = "$.test"; } + { name = "json_test_metric"; path = "{ .test }"; } ]; }); }; @@ -326,6 +326,57 @@ let ''; }; + kea = { + exporterConfig = { + enable = true; + controlSocketPaths = [ + "/run/kea/kea-dhcp6.sock" + ]; + }; + metricProvider = { + users.users.kea = { + isSystemUser = true; + }; + users.groups.kea = {}; + + systemd.services.prometheus-kea-exporter.after = [ "kea-dhcp6.service" ]; + + systemd.services.kea-dhcp6 = let + configFile = pkgs.writeText "kea-dhcp6.conf" (builtins.toJSON { + Dhcp6 = { + "control-socket" = { + "socket-type" = "unix"; + "socket-name" = "/run/kea/kea-dhcp6.sock"; + }; + }; + }); + in + { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + DynamicUser = false; + User = "kea"; + Group = "kea"; + ExecStart = "${pkgs.kea}/bin/kea-dhcp6 -c ${configFile}"; + StateDirectory = "kea"; + RuntimeDirectory = "kea"; + UMask = "0007"; + }; + }; + }; + exporterTest = '' + wait_for_unit("kea-dhcp6.service") + wait_for_file("/run/kea/kea-dhcp6.sock") + wait_for_unit("prometheus-kea-exporter.service") + wait_for_open_port(9547) + succeed( + "curl --fail localhost:9547/metrics | grep 'packets_received_total'" + ) + ''; + }; + knot = { exporterConfig = { enable = true; @@ -406,8 +457,8 @@ let }; metricProvider = { systemd.services.prometheus-lnd-exporter.serviceConfig.DynamicUser = false; - services.bitcoind.enable = true; - services.bitcoind.extraConfig = '' + services.bitcoind.main.enable = true; + services.bitcoind.main.extraConfig = '' rpcauth=bitcoinrpc:e8fe33f797e698ac258c16c8d7aadfbe$872bdb8f4d787367c26bcfd75e6c23c4f19d44a69f5d1ad329e5adf3f82710f7 bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332 bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333 @@ -1021,7 +1072,7 @@ let # Note: this does not connect the test environment to the Tor network. # Client, relay, bridge or exit connectivity are disabled by default. services.tor.enable = true; - services.tor.controlPort = 9051; + services.tor.settings.ControlPort = 9051; }; exporterTest = '' wait_for_unit("tor.service") diff --git a/nixos/tests/signal-desktop.nix b/nixos/tests/signal-desktop.nix index c424288e00a..deddb9d0834 100644 --- a/nixos/tests/signal-desktop.nix +++ b/nixos/tests/signal-desktop.nix @@ -3,7 +3,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { name = "signal-desktop"; meta = with pkgs.lib.maintainers; { - maintainers = [ flokli ]; + maintainers = [ flokli primeos ]; }; machine = { ... }: @@ -16,7 +16,7 @@ import ./make-test-python.nix ({ pkgs, ...} : services.xserver.enable = true; test-support.displayManager.auto.user = "alice"; - environment.systemPackages = [ pkgs.signal-desktop ]; + environment.systemPackages = with pkgs; [ signal-desktop file ]; virtualisation.memorySize = 1024; }; @@ -39,5 +39,17 @@ import ./make-test-python.nix ({ pkgs, ...} : machine.wait_for_text("Signal") machine.wait_for_text("File Edit View Window Help") machine.screenshot("signal_desktop") + + # Test if the database is encrypted to prevent these issues: + # - https://github.com/NixOS/nixpkgs/issues/108772 + # - https://github.com/NixOS/nixpkgs/pull/117555 + print(machine.succeed("su - alice -c 'file ~/.config/Signal/sql/db.sqlite'")) + # TODO: The DB should be encrypted and the following should be machine.fail + # instead of machine.succeed but the DB is currently unencrypted and we + # want to notice if this isn't the case anymore as the transition to a + # encrypted DB can cause data loss!: + machine.succeed( + "su - alice -c 'file ~/.config/Signal/sql/db.sqlite' | grep -i sqlite" + ) ''; }) |