summary refs log tree commit diff
path: root/nixos/tests/pufferpanel.nix
blob: e7b09c13f90bdd3e8ce526266c6c5a120e5602d6 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

import ./make-test-python.nix ({ lib, ... }: {
  name = "pufferpanel";
  meta.maintainers = [ lib.maintainers.tie ];

  nodes.machine = { pkgs, ... }: {
    environment.systemPackages = [ pkgs.pufferpanel ];
    services.pufferpanel = {
      enable = true;
      extraPackages = [ pkgs.netcat ];
      environment = {
        PUFFER_PANEL_REGISTRATIONENABLED = "false";
        PUFFER_PANEL_SETTINGS_COMPANYNAME = "NixOS";
      };
    };
  };

  testScript = ''
    import shlex
    import json

    curl = "curl --fail-with-body --silent"
    baseURL = "http://localhost:8080"
    adminName = "admin"
    adminEmail = "admin@nixos.org"
    adminPass = "admin"
    adminCreds = json.dumps({
      "email": adminEmail,
      "password": adminPass,
    })
    stopCode = 9 # SIGKILL
    serverPort = 1337
    serverDefinition = json.dumps({
      "name": "netcat",
      "node": 0,
      "users": [
        adminName,
      ],
      "type": "netcat",
      "run": {
        "stopCode": stopCode,
        "command": f"nc -l {serverPort}",
      },
      "environment": {
        "type": "standard",
      },
    })

    start_all()

    machine.wait_for_unit("pufferpanel.service")
    machine.wait_for_open_port(5657) # SFTP
    machine.wait_for_open_port(8080) # HTTP

    # Note that PufferPanel does not initialize database unless necessary.
    # /api/config endpoint creates database file and triggers migrations.
    # On success, we run a command to create administrator user that we use to
    # interact with HTTP API.
    resp = json.loads(machine.succeed(f"{curl} {baseURL}/api/config"))
    assert resp["branding"]["name"] == "NixOS", "Invalid company name in configuration"
    assert resp["registrationEnabled"] == False, "Expected registration to be disabled"

    machine.succeed(f"pufferpanel --workDir /var/lib/pufferpanel user add --admin --name {adminName} --email {adminEmail} --password {adminPass}")

    resp = json.loads(machine.succeed(f"{curl} -d '{adminCreds}' {baseURL}/auth/login"))
    assert "servers.admin" in resp["scopes"], "User is not administrator"
    token = resp["session"]
    authHeader = shlex.quote(f"Authorization: Bearer {token}")

    resp = json.loads(machine.succeed(f"{curl} -H {authHeader} -H 'Content-Type: application/json' -d '{serverDefinition}' {baseURL}/api/servers"))
    serverID = resp["id"]
    machine.succeed(f"{curl} -X POST -H {authHeader} {baseURL}/proxy/daemon/server/{serverID}/start")
    machine.wait_for_open_port(serverPort)
  '';
})
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-30 13:53:03 +0000