diff options
Diffstat (limited to 'nixpkgs/nixos/tests/nextcloud')
5 files changed, 448 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/nextcloud/basic.nix b/nixpkgs/nixos/tests/nextcloud/basic.nix new file mode 100644 index 000000000000..428fe0aa10db --- /dev/null +++ b/nixpkgs/nixos/tests/nextcloud/basic.nix @@ -0,0 +1,120 @@ +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let + adminpass = "notproduction"; + adminuser = "root"; +in { + name = "nextcloud-basic"; + meta = with pkgs.lib.maintainers; { + maintainers = [ globin eqyiel ]; + }; + + nodes = rec { + # The only thing the client needs to do is download a file. + client = { ... }: { + services.davfs2.enable = true; + systemd.tmpfiles.settings.nextcloud = { + "/tmp/davfs2-secrets"."f+" = { + mode = "0600"; + argument = "http://nextcloud/remote.php/dav/files/${adminuser} ${adminuser} ${adminpass}"; + }; + }; + virtualisation.fileSystems = { + "/mnt/dav" = { + device = "http://nextcloud/remote.php/dav/files/${adminuser}"; + fsType = "davfs"; + options = let + davfs2Conf = (pkgs.writeText "davfs2.conf" "secrets /tmp/davfs2-secrets"); + in [ "conf=${davfs2Conf}" "x-systemd.automount" "noauto"]; + }; + }; + }; + + nextcloud = { config, pkgs, ... }: let + cfg = config; + in { + networking.firewall.allowedTCPPorts = [ 80 ]; + + systemd.tmpfiles.rules = [ + "d /var/lib/nextcloud-data 0750 nextcloud nginx - -" + ]; + + services.nextcloud = { + enable = true; + datadir = "/var/lib/nextcloud-data"; + hostName = "nextcloud"; + database.createLocally = true; + config = { + # Don't inherit adminuser since "root" is supposed to be the default + adminpassFile = "${pkgs.writeText "adminpass" adminpass}"; # Don't try this at home! + dbtableprefix = "nixos_"; + }; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; + autoUpdateApps = { + enable = true; + startAt = "20:00"; + }; + phpExtraExtensions = all: [ all.bz2 ]; + }; + + environment.systemPackages = [ cfg.services.nextcloud.occ ]; + }; + + nextcloudWithoutMagick = args@{ config, pkgs, lib, ... }: + lib.mkMerge + [ (nextcloud args) + { services.nextcloud.enableImagemagick = false; } ]; + }; + + testScript = { nodes, ... }: let + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.runtimeShell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/dav/files/${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + "''${@}" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.runtimeShell} + echo 'hi' | ${withRcloneEnv} ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.runtimeShell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + + findInClosure = what: drv: pkgs.runCommand "find-in-closure" { exportReferencesGraph = [ "graph" drv ]; inherit what; } '' + test -e graph + grep "$what" graph >$out || true + ''; + nextcloudUsesImagick = findInClosure "imagick" nodes.nextcloud.system.build.vm; + nextcloudWithoutDoesntUseIt = findInClosure "imagick" nodes.nextcloudWithoutMagick.system.build.vm; + in '' + assert open("${nextcloudUsesImagick}").read() != "" + assert open("${nextcloudWithoutDoesntUseIt}").read() == "" + + nextcloud.start() + client.start() + nextcloud.wait_for_unit("multi-user.target") + # This is just to ensure the nextcloud-occ program is working + nextcloud.succeed("nextcloud-occ status") + nextcloud.succeed("curl -sSf http://nextcloud/login") + # Ensure that no OpenSSL 1.1 is used. + nextcloud.succeed( + "${nodes.nextcloud.services.phpfpm.pools.nextcloud.phpPackage}/bin/php -i | grep 'OpenSSL Library Version' | awk -F'=>' '{ print $2 }' | awk '{ print $2 }' | grep -v 1.1" + ) + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + nextcloud.succeed("test -f /var/lib/nextcloud-data/data/root/files/test-shared-file") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) + assert "hi" in client.succeed("cat /mnt/dav/test-shared-file") + nextcloud.succeed("grep -vE '^HBEGIN:oc_encryption_module' /var/lib/nextcloud-data/data/root/files/test-shared-file") + ''; +})) args diff --git a/nixpkgs/nixos/tests/nextcloud/default.nix b/nixpkgs/nixos/tests/nextcloud/default.nix new file mode 100644 index 000000000000..84ac37153727 --- /dev/null +++ b/nixpkgs/nixos/tests/nextcloud/default.nix @@ -0,0 +1,25 @@ +{ system ? builtins.currentSystem +, config ? { } +, pkgs ? import ../../.. { inherit system config; } +}: + +with pkgs.lib; + +foldl + (matrix: ver: matrix // { + "basic${toString ver}" = import ./basic.nix { inherit system pkgs; nextcloudVersion = ver; }; + "with-postgresql-and-redis${toString ver}" = import ./with-postgresql-and-redis.nix { + inherit system pkgs; + nextcloudVersion = ver; + }; + "with-mysql-and-memcached${toString ver}" = import ./with-mysql-and-memcached.nix { + inherit system pkgs; + nextcloudVersion = ver; + }; + "with-declarative-redis-and-secrets${toString ver}" = import ./with-declarative-redis-and-secrets.nix { + inherit system pkgs; + nextcloudVersion = ver; + }; + }) +{ } + [ 26 27 28 ] diff --git a/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix b/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix new file mode 100644 index 000000000000..b09ee1276a13 --- /dev/null +++ b/nixpkgs/nixos/tests/nextcloud/with-declarative-redis-and-secrets.nix @@ -0,0 +1,126 @@ +args@{ nextcloudVersion ? 27, ... }: +(import ../make-test-python.nix ({ pkgs, ...}: let + adminuser = "custom_admin_username"; + # This will be used both for redis and postgresql + pass = "hunter2"; + # Don't do this at home, use a file outside of the nix store instead + passFile = toString (pkgs.writeText "pass-file" '' + ${pass} + ''); +in { + name = "nextcloud-with-declarative-redis"; + meta = with pkgs.lib.maintainers; { + maintainers = [ eqyiel ma27 ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + hostName = "nextcloud"; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; + caching = { + apcu = false; + redis = true; + memcached = false; + }; + # This test also validates that we can use an "external" database + database.createLocally = false; + config = { + dbtype = "pgsql"; + dbname = "nextcloud"; + dbuser = adminuser; + dbpassFile = passFile; + adminuser = adminuser; + adminpassFile = passFile; + }; + secretFile = "/etc/nextcloud-secrets.json"; + + settings = { + allow_local_remote_servers = true; + redis = { + dbindex = 0; + timeout = 1.5; + # password handled via secretfile below + }; + }; + configureRedis = true; + }; + + services.redis.servers."nextcloud" = { + enable = true; + port = 6379; + requirePass = "secret"; + }; + + systemd.services.nextcloud-setup= { + requires = ["postgresql.service"]; + after = [ "postgresql.service" ]; + }; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_14; + }; + systemd.services.postgresql.postStart = pkgs.lib.mkAfter '' + password=$(cat ${passFile}) + ${config.services.postgresql.package}/bin/psql <<EOF + CREATE ROLE ${adminuser} WITH LOGIN PASSWORD '$password' CREATEDB; + CREATE DATABASE nextcloud; + GRANT ALL PRIVILEGES ON DATABASE nextcloud TO ${adminuser}; + EOF + ''; + + # This file is meant to contain secret options which should + # not go into the nix store. Here it is just used to set the + # redis password. + environment.etc."nextcloud-secrets.json".text = '' + { + "redis": { + "password": "secret" + } + } + ''; + }; + }; + + testScript = let + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.runtimeShell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/dav/files/${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${pass})" + "''${@}" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.runtimeShell} + echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.runtimeShell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) + + # redis cache should not be empty + nextcloud.fail('test "[]" = "$(redis-cli --json KEYS "*")"') + ''; +})) args diff --git a/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix b/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix new file mode 100644 index 000000000000..035a7fdcb0c8 --- /dev/null +++ b/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix @@ -0,0 +1,79 @@ +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let + adminpass = "hunter2"; + adminuser = "root"; +in { + name = "nextcloud-with-mysql-and-memcached"; + meta = with pkgs.lib.maintainers; { + maintainers = [ eqyiel ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + hostName = "nextcloud"; + https = true; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; + caching = { + apcu = true; + redis = false; + memcached = true; + }; + database.createLocally = true; + config = { + dbtype = "mysql"; + # Don't inherit adminuser since "root" is supposed to be the default + adminpassFile = "${pkgs.writeText "adminpass" adminpass}"; # Don't try this at home! + }; + }; + + services.memcached.enable = true; + }; + }; + + testScript = let + configureMemcached = pkgs.writeScript "configure-memcached" '' + #!${pkgs.runtimeShell} + nextcloud-occ config:system:set memcached_servers 0 0 --value 127.0.0.1 --type string + nextcloud-occ config:system:set memcached_servers 0 1 --value 11211 --type integer + nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\APCu' --type string + nextcloud-occ config:system:set memcache.distributed --value '\OC\Memcache\Memcached' --type string + ''; + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.runtimeShell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/dav/files/${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.runtimeShell} + echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.runtimeShell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("${configureMemcached}") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) + ''; +})) args diff --git a/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix new file mode 100644 index 000000000000..06afc589403d --- /dev/null +++ b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix @@ -0,0 +1,98 @@ +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let + adminpass = "hunter2"; + adminuser = "custom-admin-username"; +in { + name = "nextcloud-with-postgresql-and-redis"; + meta = with pkgs.lib.maintainers; { + maintainers = [ eqyiel ]; + }; + + nodes = { + # The only thing the client needs to do is download a file. + client = { ... }: {}; + + nextcloud = { config, pkgs, lib, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nextcloud = { + enable = true; + hostName = "nextcloud"; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; + caching = { + apcu = false; + redis = true; + memcached = false; + }; + database.createLocally = true; + config = { + dbtype = "pgsql"; + inherit adminuser; + adminpassFile = toString (pkgs.writeText "admin-pass-file" '' + ${adminpass} + ''); + }; + notify_push = { + enable = true; + logLevel = "debug"; + }; + extraAppsEnable = true; + extraApps = { + inherit (pkgs."nextcloud${lib.versions.major config.services.nextcloud.package.version}Packages".apps) notify_push notes; + }; + settings.trusted_proxies = [ "::1" ]; + }; + + services.redis.servers."nextcloud".enable = true; + services.redis.servers."nextcloud".port = 6379; + }; + }; + + testScript = let + configureRedis = pkgs.writeScript "configure-redis" '' + #!${pkgs.runtimeShell} + nextcloud-occ config:system:set redis 'host' --value 'localhost' --type string + nextcloud-occ config:system:set redis 'port' --value 6379 --type integer + nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string + nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string + ''; + withRcloneEnv = pkgs.writeScript "with-rclone-env" '' + #!${pkgs.runtimeShell} + export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav + export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/dav/files/${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud" + export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}" + export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})" + "''${@}" + ''; + copySharedFile = pkgs.writeScript "copy-shared-file" '' + #!${pkgs.runtimeShell} + echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file + ''; + + diffSharedFile = pkgs.writeScript "diff-shared-file" '' + #!${pkgs.runtimeShell} + diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) + ''; + in '' + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("${configureRedis}") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.execute("${pkgs.lib.getExe pkgs.nextcloud-notify_push.passthru.test_client} http://nextcloud ${adminuser} ${adminpass} >&2 &") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) + nextcloud.wait_until_succeeds("journalctl -u nextcloud-notify_push | grep -q \"Sending ping to ${adminuser}\"") + + # redis cache should not be empty + nextcloud.fail('test "[]" = "$(redis-cli --json KEYS "*")"') + + nextcloud.fail("curl -f http://nextcloud/nix-apps/notes/lib/AppInfo/Application.php") + ''; +})) args |