This repository has been archived by the owner on Aug 12, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathintegration-test.nix
110 lines (88 loc) · 3.55 KB
/
integration-test.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
{ nixpkgs, weblateModule }:
{ pkgs, ... }:
let
certs = import "${nixpkgs}/nixos/tests/common/acme/server/snakeoil-certs.nix";
serverDomain = certs.domain;
admin = {
username = "admin";
password = "snakeoilpass";
};
# An API token that we manually insert into the db as a valid one.
apiToken = "OVJh65sXaAfQMZ4NTcIGbFZIyBZbEZqWTi7azdDf";
in
{
name = "weblate";
meta.maintainers = with pkgs.lib.maintainers; [ erictapen ];
nodes.server = { config, pkgs, lib, ... }: {
virtualisation.memorySize = 2048;
services.postgresql.package = pkgs.postgresql_14;
imports = [ weblateModule ];
services.weblate = {
enable = true;
localDomain = "${serverDomain}";
djangoSecretKeyFile = pkgs.writeText "weblate-django-secret" "thisissnakeoilsecret";
smtp = {
createLocally = true;
user = "weblate@${serverDomain}";
passwordFile = pkgs.writeText "weblate-smtp-pass" "thisissnakeoilpassword";
};
};
services.nginx.virtualHosts."${serverDomain}" = {
enableACME = lib.mkForce false;
sslCertificate = certs."${serverDomain}".cert;
sslCertificateKey = certs."${serverDomain}".key;
};
services.postfix = {
enableSubmission = true;
enableSubmissions = true;
submissionsOptions = {
smtpd_sasl_auth_enable = "yes";
smtpd_client_restrictions = "permit";
};
# sslKey = certs."${serverDomain}".key;
# sslCert = certs."${serverDomain}".cert;
};
security.pki.certificateFiles = [ certs.ca.cert ];
networking.hosts."::1" = [ "${serverDomain}" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
# We need weblate-env available to the root user.
environment.systemPackages = config.users.users.weblate.packages;
users.users.weblate.shell = pkgs.bashInteractive;
};
nodes.client = { pkgs, nodes, ... }: {
environment.systemPackages = [ pkgs.wlc ];
environment.etc."xdg/weblate".text = ''
[weblate]
url = https://${serverDomain}/api/
key = ${apiToken}
'';
networking.hosts."${nodes.server.networking.primaryIPAddress}" = [ "${serverDomain}" ];
security.pki.certificateFiles = [ certs.ca.cert ];
};
testScript = ''
import json
start_all()
server.wait_for_unit("weblate.socket")
server.wait_until_succeeds("curl -f https://${serverDomain}/")
server.succeed("sudo -iu weblate -- weblate-env weblate createadmin --username ${admin.username} --password ${admin.password} --email [email protected]")
# It's easier to replace the generated API token with a predefined one than
# to extract it at runtime.
server.succeed("sudo -iu weblate -- psql -d weblate -c \"UPDATE authtoken_token SET key = '${apiToken}' WHERE user_id = (SELECT id FROM weblate_auth_user WHERE username = 'admin');\"")
client.wait_for_unit("multi-user.target")
# Test the official Weblate client wlc.
# client.wait_until_succeeds("wlc --debug list-projects")
def call_wl_api(arg):
(rv, result) = client.execute("curl -H \"Content-Type: application/json\" -H \"Authorization: Token ${apiToken}\" https://${serverDomain}/api/{}".format(arg))
assert rv == 0
print(result)
call_wl_api("users/ --data '{}'".format(
json.dumps(
{"username": "test1",
"full_name": "test1",
"email": "[email protected]"
})))
# server.wait_for_unit("postfix.service")
# The goal is for this to succeed, but there are still some checks failing.
# server.succeed("sudo -iu weblate -- weblate-env weblate check --deploy")
'';
}