blob: addc898bd7602244a92f16963940cbfbe5c65875 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
args@{ nextcloudVersion ? 27, ... }:
(import ../make-test-python.nix ({ pkgs, ...}: let
adminuser = "custom_admin_username";
# This will be used both for redis and postgresql
pass = "hunter2";
# Don't do this at home, use a file outside of the nix store instead
passFile = toString (pkgs.writeText "pass-file" ''
${pass}
'');
in {
name = "nextcloud-with-declarative-redis";
meta = with pkgs.lib.maintainers; {
maintainers = [ eqyiel ma27 ];
};
nodes = {
# The only thing the client needs to do is download a file.
client = { ... }: {};
nextcloud = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.nextcloud = {
enable = true;
hostName = "nextcloud";
package = pkgs.${"nextcloud" + (toString nextcloudVersion)};
caching = {
apcu = false;
redis = true;
memcached = false;
};
# This test also validates that we can use an "external" database
database.createLocally = false;
config = {
dbtype = "pgsql";
dbname = "nextcloud";
dbuser = adminuser;
dbpassFile = passFile;
adminuser = adminuser;
adminpassFile = passFile;
};
secretFile = "/etc/nextcloud-secrets.json";
extraOptions = {
allow_local_remote_servers = true;
redis = {
dbindex = 0;
timeout = 1.5;
# password handled via secretfile below
};
};
configureRedis = true;
};
services.redis.servers."nextcloud" = {
enable = true;
port = 6379;
requirePass = "secret";
};
systemd.services.nextcloud-setup= {
requires = ["postgresql.service"];
after = [ "postgresql.service" ];
};
services.postgresql = {
enable = true;
package = pkgs.postgresql_14;
};
systemd.services.postgresql.postStart = pkgs.lib.mkAfter ''
password=$(cat ${passFile})
${config.services.postgresql.package}/bin/psql <<EOF
CREATE ROLE ${adminuser} WITH LOGIN PASSWORD '$password' CREATEDB;
CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON DATABASE nextcloud TO ${adminuser};
EOF
'';
# This file is meant to contain secret options which should
# not go into the nix store. Here it is just used to set the
# redis password.
environment.etc."nextcloud-secrets.json".text = ''
{
"redis": {
"password": "secret"
}
}
'';
};
};
testScript = let
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
#!${pkgs.runtimeShell}
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/dav/files/${adminuser}"
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${pass})"
"''${@}"
'';
copySharedFile = pkgs.writeScript "copy-shared-file" ''
#!${pkgs.runtimeShell}
echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
'';
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
#!${pkgs.runtimeShell}
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
'';
in ''
start_all()
nextcloud.wait_for_unit("multi-user.target")
nextcloud.succeed("curl -sSf http://nextcloud/login")
nextcloud.succeed(
"${withRcloneEnv} ${copySharedFile}"
)
client.wait_for_unit("multi-user.target")
client.succeed(
"${withRcloneEnv} ${diffSharedFile}"
)
# redis cache should not be empty
nextcloud.fail('test "[]" = "$(redis-cli --json KEYS "*")"')
'';
})) args
|