4743ad7392
With the systemd update to v242 five lines are not longer sufficient to verify that the storage was verified. In order to reduce future test failures increasing it to 10 lines sounds like a sane amount.
106 lines
4 KiB
Nix
106 lines
4 KiB
Nix
let
|
|
user = "someuser";
|
|
password = "some_password";
|
|
port = builtins.toString 5232;
|
|
|
|
common = { pkgs, ... }: {
|
|
services.radicale = {
|
|
enable = true;
|
|
config = ''
|
|
[auth]
|
|
type = htpasswd
|
|
htpasswd_filename = /etc/radicale/htpasswd
|
|
htpasswd_encryption = bcrypt
|
|
|
|
[storage]
|
|
filesystem_folder = /tmp/collections
|
|
|
|
[logging]
|
|
debug = True
|
|
'';
|
|
};
|
|
# WARNING: DON'T DO THIS IN PRODUCTION!
|
|
# This puts unhashed secrets directly into the Nix store for ease of testing.
|
|
environment.etc."radicale/htpasswd".source = pkgs.runCommand "htpasswd" {} ''
|
|
${pkgs.apacheHttpd}/bin/htpasswd -bcB "$out" ${user} ${password}
|
|
'';
|
|
};
|
|
|
|
in
|
|
|
|
import ./make-test.nix ({ lib, ... }@args: {
|
|
name = "radicale";
|
|
meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];
|
|
|
|
nodes = rec {
|
|
radicale = radicale1; # Make the test script read more nicely
|
|
radicale1 = lib.recursiveUpdate (common args) {
|
|
nixpkgs.overlays = [
|
|
(self: super: {
|
|
radicale1 = super.radicale1.overrideAttrs (oldAttrs: {
|
|
propagatedBuildInputs = with self.pythonPackages;
|
|
(oldAttrs.propagatedBuildInputs or []) ++ [ passlib ];
|
|
});
|
|
})
|
|
];
|
|
system.stateVersion = "17.03";
|
|
};
|
|
radicale1_export = lib.recursiveUpdate radicale1 {
|
|
services.radicale.extraArgs = [
|
|
"--export-storage" "/tmp/collections-new"
|
|
];
|
|
};
|
|
radicale2_verify = lib.recursiveUpdate radicale2 {
|
|
services.radicale.extraArgs = [ "--verify-storage" ];
|
|
};
|
|
radicale2 = lib.recursiveUpdate (common args) {
|
|
system.stateVersion = "17.09";
|
|
};
|
|
};
|
|
|
|
# This tests whether the web interface is accessible to an authenticated user
|
|
testScript = { nodes }: let
|
|
switchToConfig = nodeName: let
|
|
newSystem = nodes.${nodeName}.config.system.build.toplevel;
|
|
in "${newSystem}/bin/switch-to-configuration test";
|
|
in ''
|
|
# Check Radicale 1 functionality
|
|
$radicale->succeed('${switchToConfig "radicale1"} >&2');
|
|
$radicale->waitForUnit('radicale.service');
|
|
$radicale->waitForOpenPort(${port});
|
|
$radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');
|
|
|
|
# Export data in Radicale 2 format
|
|
$radicale->succeed('systemctl stop radicale');
|
|
$radicale->succeed('ls -al /tmp/collections');
|
|
$radicale->fail('ls -al /tmp/collections-new');
|
|
# Radicale exits immediately after exporting storage
|
|
$radicale->succeed('${switchToConfig "radicale1_export"} >&2');
|
|
$radicale->waitUntilFails('systemctl status radicale');
|
|
$radicale->succeed('ls -al /tmp/collections');
|
|
$radicale->succeed('ls -al /tmp/collections-new');
|
|
|
|
# Verify data in Radicale 2 format
|
|
$radicale->succeed('rm -r /tmp/collections/${user}');
|
|
$radicale->succeed('mv /tmp/collections-new/collection-root /tmp/collections');
|
|
$radicale->succeed('${switchToConfig "radicale2_verify"} >&2');
|
|
$radicale->waitUntilFails('systemctl status radicale');
|
|
my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 10');
|
|
if ($retcode != 0 || index($logs, 'Verifying storage') == -1) {
|
|
die "Radicale 2 didn't verify storage"
|
|
}
|
|
if (index($logs, 'failed') != -1 || index($logs, 'exception') != -1) {
|
|
die "storage verification failed"
|
|
}
|
|
|
|
# Check Radicale 2 functionality
|
|
$radicale->succeed('${switchToConfig "radicale2"} >&2');
|
|
$radicale->waitForUnit('radicale.service');
|
|
$radicale->waitForOpenPort(${port});
|
|
my ($retcode, $output) = $radicale->execute('curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/');
|
|
if ($retcode != 0 || index($output, 'VCALENDAR') == -1) {
|
|
die "Could not read calendar from Radicale 2"
|
|
}
|
|
$radicale->succeed('curl --fail http://${user}:${password}@localhost:${port}/.web/');
|
|
'';
|
|
})
|