vuls: init at 0.27.0
[NixPkgs.git] / nixos / tests / molly-brown.nix
blobbfc036e81ba040477fec04c4a0ebe910f0e8bbc3
1 import ./make-test-python.nix ({ pkgs, ... }:
3   let testString = "NixOS Gemini test successful";
4   in {
6     name = "molly-brown";
7     meta = with pkgs.lib.maintainers; { maintainers = [ ehmry ]; };
9     nodes = {
11       geminiServer = { config, pkgs, ... }:
12         let
13           inherit (config.networking) hostName;
14           cfg = config.services.molly-brown;
15         in {
17           environment.systemPackages = [
18             (pkgs.writeScriptBin "test-gemini" ''
19               #!${pkgs.python3}/bin/python
21               import socket
22               import ssl
23               import tempfile
24               import textwrap
25               import urllib.parse
27               url = "gemini://geminiServer/init.gmi"
28               parsed_url = urllib.parse.urlparse(url)
30               s = socket.create_connection((parsed_url.netloc, 1965))
31               context = ssl.SSLContext()
32               context.check_hostname = False
33               context.verify_mode = ssl.CERT_NONE
34               s = context.wrap_socket(s, server_hostname=parsed_url.netloc)
35               s.sendall((url + "\r\n").encode("UTF-8"))
36               fp = s.makefile("rb")
37               print(fp.readline().strip())
38               print(fp.readline().strip())
39               print(fp.readline().strip())
40             '')
41           ];
43           networking.firewall.allowedTCPPorts = [ cfg.settings.Port ];
45           services.molly-brown = {
46             enable = true;
47             docBase = "/tmp/docs";
48             certPath = "/tmp/cert.pem";
49             keyPath = "/tmp/key.pem";
50           };
52           systemd.services.molly-brown.preStart = ''
53             ${pkgs.openssl}/bin/openssl genrsa -out "/tmp/key.pem"
54             ${pkgs.openssl}/bin/openssl req -new \
55               -subj "/CN=${config.networking.hostName}" \
56               -key "/tmp/key.pem" -out /tmp/request.pem
57             ${pkgs.openssl}/bin/openssl x509 -req -days 3650 \
58               -in /tmp/request.pem -signkey "/tmp/key.pem" -out "/tmp/cert.pem"
60             mkdir -p "${cfg.settings.DocBase}"
61             echo "${testString}" > "${cfg.settings.DocBase}/test.gmi"
62           '';
63         };
64     };
65     testScript = ''
66       geminiServer.wait_for_unit("molly-brown")
67       geminiServer.wait_for_open_port(1965)
68       geminiServer.succeed("test-gemini")
69     '';
71   })