blob: d326d74a982611c6a1fa8203d5fce7604c7fada8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
# Test powerdns-admin
{ system ? builtins.currentSystem
, config ? { }
, pkgs ? import ../.. { inherit system config; }
}:
with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
let
defaultConfig = ''
BIND_ADDRESS = '127.0.0.1'
PORT = 8000
CAPTCHA_ENABLE = False
'';
makeAppTest = name: configs: makeTest {
name = "powerdns-admin-${name}";
meta = with pkgs.lib.maintainers; {
maintainers = [ Flakebi zhaofengli ];
};
nodes.server = { pkgs, config, ... }: mkMerge ([
{
services.powerdns-admin = {
enable = true;
secretKeyFile = "/etc/powerdns-admin/secret";
saltFile = "/etc/powerdns-admin/salt";
};
# It's insecure to have secrets in the world-readable nix store, but this is just a test
environment.etc."powerdns-admin/secret".text = "secret key";
environment.etc."powerdns-admin/salt".text = "salt";
environment.systemPackages = [
(pkgs.writeShellScriptBin "run-test" config.system.build.testScript)
];
}
] ++ configs);
testScript = ''
server.wait_for_unit("powerdns-admin.service")
server.wait_until_succeeds("run-test", timeout=10)
'';
};
matrix = {
backend = {
mysql = {
services.powerdns-admin = {
config = ''
${defaultConfig}
SQLALCHEMY_DATABASE_URI = 'mysql://powerdnsadmin@/powerdnsadmin?unix_socket=/run/mysqld/mysqld.sock'
'';
};
systemd.services.powerdns-admin = {
after = [ "mysql.service" ];
serviceConfig.BindPaths = "/run/mysqld";
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
ensureDatabases = [ "powerdnsadmin" ];
ensureUsers = [
{
name = "powerdnsadmin";
ensurePermissions = {
"powerdnsadmin.*" = "ALL PRIVILEGES";
};
}
];
};
};
postgresql = {
services.powerdns-admin = {
config = ''
${defaultConfig}
SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql'
'';
};
systemd.services.powerdns-admin = {
after = [ "postgresql.service" ];
serviceConfig.BindPaths = "/run/postgresql";
};
services.postgresql = {
enable = true;
ensureDatabases = [ "powerdnsadmin" ];
ensureUsers = [
{
name = "powerdnsadmin";
ensureDBOwnership = true;
}
];
};
};
};
listen = {
tcp = {
services.powerdns-admin.extraArgs = [ "-b" "127.0.0.1:8000" ];
system.build.testScript = ''
set -euxo pipefail
curl -sSf http://127.0.0.1:8000/
# Create account to check that the database migrations ran
csrf_token="$(curl -sSfc session http://127.0.0.1:8000/register | grep _csrf_token | cut -d\" -f6)"
# Outputs 'Redirecting' if successful
curl -sSfb session http://127.0.0.1:8000/register \
-F "_csrf_token=$csrf_token" \
-F "firstname=first" \
-F "lastname=last" \
-F "email=a@example.com" \
-F "username=user" \
-F "password=password" \
-F "rpassword=password" | grep Redirecting
# Login
# Outputs 'Redirecting' if successful
curl -sSfb session http://127.0.0.1:8000/login \
-F "_csrf_token=$csrf_token" \
-F "username=user" \
-F "password=password" | grep Redirecting
# Check that we are logged in, this redirects to /admin/setting/pdns if we are
curl -sSfb session http://127.0.0.1:8000/dashboard/ | grep /admin/setting
'';
};
unix = {
services.powerdns-admin.extraArgs = [ "-b" "unix:/run/powerdns-admin/http.sock" ];
system.build.testScript = ''
curl -sSf --unix-socket /run/powerdns-admin/http.sock http://somehost/
'';
};
};
};
in
with matrix; {
postgresql = makeAppTest "postgresql" [ backend.postgresql listen.tcp ];
mysql = makeAppTest "mysql" [ backend.mysql listen.tcp ];
unix-listener = makeAppTest "unix-listener" [ backend.postgresql listen.unix ];
}
|