2014-11-30 00:56:22 +01:00
|
|
|
# This test runs gitlab and checks if it works
|
|
|
|
|
2019-03-10 23:03:15 +01:00
|
|
|
let
|
|
|
|
initialRootPassword = "notproduction";
|
|
|
|
in
|
2019-11-22 21:45:34 +01:00
|
|
|
import ./make-test-python.nix ({ pkgs, lib, ...} : with lib; {
|
2014-11-30 00:56:22 +01:00
|
|
|
name = "gitlab";
|
2021-01-10 20:08:30 +01:00
|
|
|
meta = with pkgs.lib.maintainers; {
|
2018-11-02 21:22:51 +01:00
|
|
|
maintainers = [ globin ];
|
2015-07-12 12:09:40 +02:00
|
|
|
};
|
2014-11-30 00:56:22 +01:00
|
|
|
|
|
|
|
nodes = {
|
2018-07-20 22:56:59 +02:00
|
|
|
gitlab = { ... }: {
|
2021-02-18 18:21:29 +01:00
|
|
|
imports = [ common/user-account.nix ];
|
|
|
|
|
2018-12-16 17:03:57 +01:00
|
|
|
virtualisation.memorySize = if pkgs.stdenv.is64bit then 4096 else 2047;
|
2018-11-02 21:22:51 +01:00
|
|
|
systemd.services.gitlab.serviceConfig.Restart = mkForce "no";
|
|
|
|
systemd.services.gitlab-workhorse.serviceConfig.Restart = mkForce "no";
|
|
|
|
systemd.services.gitaly.serviceConfig.Restart = mkForce "no";
|
|
|
|
systemd.services.gitlab-sidekiq.serviceConfig.Restart = mkForce "no";
|
2017-11-06 13:55:56 +01:00
|
|
|
|
|
|
|
services.nginx = {
|
|
|
|
enable = true;
|
2018-11-23 19:36:14 +01:00
|
|
|
recommendedProxySettings = true;
|
2017-11-06 13:55:56 +01:00
|
|
|
virtualHosts = {
|
2019-08-13 23:52:01 +02:00
|
|
|
localhost = {
|
2017-11-06 13:55:56 +01:00
|
|
|
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2021-02-18 18:21:29 +01:00
|
|
|
services.dovecot2 = {
|
|
|
|
enable = true;
|
|
|
|
enableImap = true;
|
|
|
|
};
|
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
systemd.services.gitlab-backup.environment.BACKUP = "dump";
|
|
|
|
|
2017-11-06 13:55:56 +01:00
|
|
|
services.gitlab = {
|
|
|
|
enable = true;
|
2019-07-31 18:09:27 +02:00
|
|
|
databasePasswordFile = pkgs.writeText "dbPassword" "xo0daiF4";
|
|
|
|
initialRootPasswordFile = pkgs.writeText "rootPassword" initialRootPassword;
|
2018-11-14 18:38:55 +01:00
|
|
|
smtp.enable = true;
|
2021-02-18 18:21:29 +01:00
|
|
|
extraConfig = {
|
|
|
|
incoming_email = {
|
|
|
|
enabled = true;
|
|
|
|
mailbox = "inbox";
|
|
|
|
address = "alice@localhost";
|
|
|
|
user = "alice";
|
|
|
|
password = "foobar";
|
|
|
|
host = "localhost";
|
|
|
|
port = 143;
|
|
|
|
};
|
2021-08-02 18:04:54 +02:00
|
|
|
# https://github.com/NixOS/nixpkgs/issues/132295
|
|
|
|
# pages = {
|
|
|
|
# enabled = true;
|
|
|
|
# host = "localhost";
|
|
|
|
# };
|
2021-02-18 18:21:29 +01:00
|
|
|
};
|
2017-11-06 13:55:56 +01:00
|
|
|
secrets = {
|
2021-04-27 18:04:23 +02:00
|
|
|
secretFile = pkgs.writeText "secret" "Aig5zaic";
|
|
|
|
otpFile = pkgs.writeText "otpsecret" "Riew9mue";
|
|
|
|
dbFile = pkgs.writeText "dbsecret" "we2quaeZ";
|
2019-07-31 18:09:27 +02:00
|
|
|
jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out";
|
2017-11-06 13:55:56 +01:00
|
|
|
};
|
|
|
|
};
|
2014-11-30 00:56:22 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
testScript = { nodes, ... }:
|
|
|
|
let
|
|
|
|
auth = pkgs.writeText "auth.json" (builtins.toJSON {
|
|
|
|
grant_type = "password";
|
|
|
|
username = "root";
|
|
|
|
password = initialRootPassword;
|
|
|
|
});
|
|
|
|
|
|
|
|
createProject = pkgs.writeText "create-project.json" (builtins.toJSON {
|
|
|
|
name = "test";
|
|
|
|
});
|
2019-03-10 23:03:15 +01:00
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
putFile = pkgs.writeText "put-file.json" (builtins.toJSON {
|
|
|
|
branch = "master";
|
|
|
|
author_email = "author@example.com";
|
|
|
|
author_name = "Firstname Lastname";
|
|
|
|
content = "some content";
|
|
|
|
commit_message = "create a new file";
|
|
|
|
});
|
2019-03-10 23:03:15 +01:00
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
# Wait for all GitLab services to be fully started.
|
|
|
|
waitForServices = ''
|
|
|
|
gitlab.wait_for_unit("gitaly.service")
|
|
|
|
gitlab.wait_for_unit("gitlab-workhorse.service")
|
2021-08-02 18:04:54 +02:00
|
|
|
# https://github.com/NixOS/nixpkgs/issues/132295
|
|
|
|
# gitlab.wait_for_unit("gitlab-pages.service")
|
2021-02-25 11:40:47 +01:00
|
|
|
gitlab.wait_for_unit("gitlab-mailroom.service")
|
|
|
|
gitlab.wait_for_unit("gitlab.service")
|
|
|
|
gitlab.wait_for_unit("gitlab-sidekiq.service")
|
|
|
|
gitlab.wait_for_file("${nodes.gitlab.config.services.gitlab.statePath}/tmp/sockets/gitlab.socket")
|
|
|
|
gitlab.wait_until_succeeds("curl -sSf http://gitlab/users/sign_in")
|
|
|
|
'';
|
2021-02-18 18:21:29 +01:00
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
# The actual test of GitLab. Only push data to GitLab if
|
|
|
|
# `doSetup` is is true.
|
|
|
|
test = doSetup: ''
|
|
|
|
gitlab.succeed(
|
2021-06-05 15:50:58 +02:00
|
|
|
"curl -isSf http://gitlab | grep -i location | grep http://gitlab/users/sign_in"
|
2021-02-25 11:40:47 +01:00
|
|
|
)
|
|
|
|
gitlab.succeed(
|
|
|
|
"${pkgs.sudo}/bin/sudo -u gitlab -H gitlab-rake gitlab:check 1>&2"
|
|
|
|
)
|
|
|
|
gitlab.succeed(
|
|
|
|
"echo \"Authorization: Bearer \$(curl -X POST -H 'Content-Type: application/json' -d @${auth} http://gitlab/oauth/token | ${pkgs.jq}/bin/jq -r '.access_token')\" >/tmp/headers"
|
|
|
|
)
|
|
|
|
'' + optionalString doSetup ''
|
|
|
|
gitlab.succeed(
|
|
|
|
"curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${createProject} http://gitlab/api/v4/projects"
|
|
|
|
)
|
|
|
|
gitlab.succeed(
|
|
|
|
"curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${putFile} http://gitlab/api/v4/projects/1/repository/files/some-file.txt"
|
|
|
|
)
|
|
|
|
'' + ''
|
|
|
|
gitlab.succeed(
|
|
|
|
"curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.gz > /tmp/archive.tar.gz"
|
|
|
|
)
|
|
|
|
gitlab.succeed(
|
|
|
|
"curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.bz2 > /tmp/archive.tar.bz2"
|
|
|
|
)
|
|
|
|
gitlab.succeed("test -s /tmp/archive.tar.gz")
|
|
|
|
gitlab.succeed("test -s /tmp/archive.tar.bz2")
|
|
|
|
'';
|
2021-02-18 18:21:29 +01:00
|
|
|
|
2021-02-25 11:40:47 +01:00
|
|
|
in ''
|
|
|
|
gitlab.start()
|
|
|
|
''
|
|
|
|
+ waitForServices
|
|
|
|
+ test true
|
|
|
|
+ ''
|
|
|
|
gitlab.systemctl("start gitlab-backup.service")
|
|
|
|
gitlab.wait_for_unit("gitlab-backup.service")
|
|
|
|
gitlab.wait_for_file("${nodes.gitlab.config.services.gitlab.statePath}/backup/dump_gitlab_backup.tar")
|
|
|
|
gitlab.systemctl("stop postgresql.service gitlab.target")
|
|
|
|
gitlab.succeed(
|
|
|
|
"find ${nodes.gitlab.config.services.gitlab.statePath} -mindepth 1 -maxdepth 1 -not -name backup -execdir rm -r {} +"
|
|
|
|
)
|
|
|
|
gitlab.succeed("systemd-tmpfiles --create")
|
|
|
|
gitlab.succeed("rm -rf ${nodes.gitlab.config.services.postgresql.dataDir}")
|
|
|
|
gitlab.systemctl("start gitlab-config.service gitlab-postgresql.service")
|
|
|
|
gitlab.succeed(
|
|
|
|
"sudo -u gitlab -H gitlab-rake gitlab:backup:restore RAILS_ENV=production BACKUP=dump force=yes"
|
|
|
|
)
|
|
|
|
gitlab.systemctl("start gitlab.target")
|
|
|
|
''
|
|
|
|
+ waitForServices
|
|
|
|
+ test false;
|
2015-07-12 12:09:40 +02:00
|
|
|
})
|