diff options
| author | Michael Raskin <7c6f434c@mail.ru> | 2017-04-30 18:51:46 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-30 18:51:46 +0200 |
| commit | 929ae39dbe3bc179fd73f6d2474d9de3b24d0f10 (patch) | |
| tree | 30973da50ad78526bd956c9f4641bea1922e46c5 /nixos | |
| parent | ebc9e7a2017ea9dc89faa39594a580d50fa81bdc (diff) | |
| parent | 8f4d778509271c8cd1e1b8ab1f01c2de038cc7ba (diff) | |
| download | nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar.gz nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar.bz2 nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar.lz nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar.xz nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.tar.zst nixlib-929ae39dbe3bc179fd73f6d2474d9de3b24d0f10.zip | |
Merge pull request #22683 from aneeshusa/add-nixos-test-for-radicale
Add nixos test for radicale
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/radicale.nix | 2 | ||||
| -rw-r--r-- | nixos/tests/radicale.nix | 80 |
2 files changed, 82 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/radicale.nix b/nixos/modules/services/networking/radicale.nix index f9300fdabc57..ef860e7e5df4 100644 --- a/nixos/modules/services/networking/radicale.nix +++ b/nixos/modules/services/networking/radicale.nix @@ -57,4 +57,6 @@ in serviceConfig.Group = "radicale"; }; }; + + meta.maintainers = with lib.maintainers; [ aneeshusa ]; } diff --git a/nixos/tests/radicale.nix b/nixos/tests/radicale.nix new file mode 100644 index 000000000000..4c2ed8456ddd --- /dev/null +++ b/nixos/tests/radicale.nix @@ -0,0 +1,80 @@ +let + port = 5232; + radicaleOverlay = self: super: { + radicale = super.radicale.overrideAttrs (oldAttrs: { + propagatedBuildInputs = with self.pythonPackages; + (oldAttrs.propagatedBuildInputs or []) ++ [ + passlib + ]; + }); + }; + common = { config, pkgs, ...}: { + services.radicale = { + enable = true; + config = let home = config.users.extraUsers.radicale.home; in '' + [server] + hosts = 127.0.0.1:${builtins.toString port} + daemon = False + [encoding] + [well-known] + [auth] + type = htpasswd + htpasswd_filename = /etc/radicale/htpasswd + htpasswd_encryption = bcrypt + [git] + [rights] + [storage] + type = filesystem + filesystem_folder = ${home}/collections + [logging] + [headers] + ''; + }; + # WARNING: DON'T DO THIS IN PRODUCTION! + # This puts secrets (albeit hashed) directly into the Nix store for ease of testing. + environment.etc."radicale/htpasswd".source = with pkgs; let + py = python.withPackages(ps: with ps; [ passlib ]); + in runCommand "htpasswd" {} '' + ${py}/bin/python -c " +from passlib.apache import HtpasswdFile +ht = HtpasswdFile( + '$out', + new=True, + default_scheme='bcrypt' +) +ht.set_password('someuser', 'really_secret_password') +ht.save() +" + ''; + }; + +in import ./make-test.nix ({ lib, ... }: { + name = "radicale"; + meta.maintainers = with lib.maintainers; [ aneeshusa ]; + + # Test radicale with bcrypt-based htpasswd authentication + nodes = { + py2 = { config, pkgs, ... }@args: (common args) // { + nixpkgs.overlays = [ + radicaleOverlay + ]; + }; + py3 = { config, pkgs, ... }@args: (common args) // { + nixpkgs.overlays = [ + (self: super: { + python = self.python3; + pythonPackages = self.python3.pkgs; + }) + radicaleOverlay + ]; + }; + }; + + testScript = '' + for my $machine ($py2, $py3) { + $machine->waitForUnit('radicale.service'); + $machine->waitForOpenPort(${builtins.toString port}); + $machine->succeed('curl -s http://someuser:really_secret_password@127.0.0.1:${builtins.toString port}/someuser/calendar.ics/'); + } + ''; +}) |