chore: Initial commit

Based on the version that was previously in `vhack.eu/nixos-server/pkgs/by-name/ba/back`.

1 files changed, 216 insertions, 0 deletions

diff --git a/tests/base.nix b/tests/base.nix
new file mode 100644
index 0000000..5aebe6a
--- /dev/null
+++ b/tests/base.nix
@@ -0,0 +1,216 @@
+# Back - An extremely simple git bug visualization system. Inspired by TVL's
+# panettone.
+#
+# Copyright (C) 2025 Benedikt Peetz <benedikt.peetz@b-peetz.de>
+# SPDX-License-Identifier: AGPL-3.0-or-later
+#
+# This file is part of Back.
+#
+# You should have received a copy of the License along with this program.
+# If not, see <https://www.gnu.org/licenses/agpl.txt>.
+{
+  nixos-lib,
+  pkgsUnstable,
+  nixpkgs-unstable,
+  vhackPackages,
+  pkgs,
+  extraModules,
+  nixLib,
+  ...
+}: let
+  domain = "server";
+
+  sshKeys =
+    import ../../gi/git-server/ssh_keys.nix {inherit pkgs;};
+
+  gitoliteAdminConfSnippet = pkgs.writeText "gitolite-admin-conf-snippet" ''
+    repo CREATOR/[a-zA-Z0-9].*
+      C     = @all
+      RW+   = CREATOR
+      RW    = WRITERS
+      R     = READERS
+      option user-configs = cgit\.owner cgit\.desc cgit\.section cgit\.homepage
+  '';
+in
+  nixos-lib.runTest {
+    hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs
+
+    name = "back";
+
+    node = {
+      specialArgs = {inherit pkgsUnstable vhackPackages nixpkgs-unstable nixLib;};
+
+      # Use the nixpkgs as constructed by the `nixpkgs.*` options
+      pkgs = null;
+    };
+
+    nodes = {
+      server = {config, ...}: {
+        environment.systemPackages = [pkgs.git];
+
+        imports =
+          extraModules
+          ++ [
+            ../../../../modules
+          ];
+
+        vhack = {
+          persist.enable = true;
+          openssh.enable = true;
+          nginx = {
+            enable = true;
+            selfsign = true;
+          };
+          git-server = {
+            enable = true;
+            domain = "git.${domain}";
+            gitolite.adminPubkey = sshKeys.admin.pub;
+          };
+          back = {
+            enable = true;
+            domain = "issues.${domain}";
+
+            settings = {
+              scan_path = "${config.services.gitolite.dataDir}/repositories";
+              project_list = "${config.services.gitolite.dataDir}/projects.list";
+            };
+          };
+        };
+      };
+
+      client = {nodes, ...}: {
+        environment.systemPackages = [pkgs.git pkgs.curl pkgs.git-bug pkgs.gawk];
+        programs.ssh.extraConfig = ''
+          Host *
+            UserKnownHostsFile /dev/null
+            StrictHostKeyChecking no
+            # there's nobody around that can input password
+            PreferredAuthentications publickey
+        '';
+        users.users.alice = {isNormalUser = true;};
+        networking.hosts = {
+          "${nodes.server.networking.primaryIPAddress}" = [
+            "git.${domain}"
+            "issues.${domain}"
+            "${domain}"
+          ];
+        };
+      };
+    };
+
+    testScript = {nodes, ...}:
+    /*
+    python
+    */
+    ''
+      start_all()
+
+      with subtest("can setup ssh keys on client"):
+        client.succeed(
+            "mkdir -p ~root/.ssh",
+            "cp ${sshKeys.admin.priv} ~root/.ssh/id_ed25519",
+            "chmod 600 ~root/.ssh/id_ed25519",
+        )
+        client.succeed(
+            "sudo -u alice mkdir -p ~alice/.ssh",
+            "sudo -u alice cp ${sshKeys.alice.priv} ~alice/.ssh/id_ed25519",
+            "sudo -u alice chmod 600 ~alice/.ssh/id_ed25519",
+        )
+
+      with subtest("gitolite server starts"):
+        server.wait_for_unit("gitolite-init.service")
+        server.wait_for_unit("sshd.service")
+        client.succeed("ssh -n git@git.${domain} info")
+
+
+      with subtest("admin can clone and configure gitolite-admin.git"):
+        client.succeed("${pkgs.writeShellScript "setup-gitolite-admin.git" ''
+        set -xe
+
+        git clone git@git.${domain}:gitolite-admin.git
+        git config --global user.name 'System Administrator'
+        git config --global user.email root\@domain.example
+
+        cp ${sshKeys.alice.pub} gitolite-admin/keydir/alice.pub
+
+        (cd gitolite-admin && git switch -c master && git branch -D main)
+
+        (cd gitolite-admin && git add . && git commit -m 'Add keys for alice' && git push -u origin master)
+        cat ${gitoliteAdminConfSnippet} >> gitolite-admin/conf/gitolite.conf
+        (cd gitolite-admin && git add . && git commit -m 'Add support for wild repos' && git push)
+        (cd gitolite-admin && git push -d origin main)
+      ''}")
+
+      with subtest("alice can create a repo"):
+        client.succeed("sudo -u alice ${pkgs.writeShellScript "alice-create-repo" ''
+        set -xe
+
+        mkdir --parents ./alice/repo1 && cd alice/repo1;
+
+        git init --initial-branch main
+        echo "# Alice's Repo" > README.md
+        git add README.md
+        git -c user.name=Alice -c user.email=alice@domain.example commit -m 'Add readme'
+
+        git remote add origin git@git.${domain}:alice/repo1.git
+        git push --set-upstream origin main
+      ''}")
+
+      with subtest("can setup git-bug issues in alice/repo1"):
+        client.succeed("sudo -u alice ${pkgs.writeShellScript "setup-git-repo" ''
+        set -ex
+
+        cd alice/repo1
+
+        git bug user create --avatar "" --email "alice@server.org" --name "alice" --non-interactive
+
+        git bug add \
+        --title "Some bug title" \
+        --message "A long description of the bug. Probably has some code segments, maybe even *markdown* mark_up_ or other things" \
+        --non-interactive
+
+        git bug add \
+        --title "Second bug title" \
+        --message "" \
+        --non-interactive
+
+        git bug add \
+        --title "Third bug title" \
+        --message "" \
+        --non-interactive
+
+        git bug select "$(git bug ls --format plain | awk '{print $1}' | head -n 1)"
+
+        git bug comment add --message "Some comment message" --non-interactive
+        git bug comment add --message "Second comment message" --non-interactive
+        git bug label add "Test"
+
+        # TODO: This should use `git bug push`, but their ssh implementation is just
+        # too special to work in a VM test <2025-03-08>
+        git push origin +refs/bugs/*
+        git push origin +refs/identities/*
+
+        ssh git@${domain} -- config alice/repo1 --add cgit.owner Alice
+        ssh git@${domain} -- perms alice/repo1 + READERS @all
+      ''}")
+
+      with subtest("back server starts"):
+        server.wait_for_unit("back.service")
+
+      with subtest("client can access the server"):
+        client.succeed("${pkgs.writeShellScript "curl-back" ''
+        set -xe
+
+        curl --insecure --fail --show-error "https://issues.${domain}/alice/repo1.git/issues/open" --output /root/issues.html
+        grep -- 'Second bug title' /root/issues.html
+
+        curl --insecure --fail --show-error "https://issues.${domain}/" --output /root/repos.html
+        grep -- 'repo' /root/repos.html
+        grep -- "&#60;No description&#62;" /root/repos.html
+        grep -- '<span class="user-name">Alice</span>' /root/repos.html
+      ''} >&2")
+
+      client.copy_from_vm("/root/issues.html", "");
+      client.copy_from_vm("/root/repos.html", "");
+    '';
+  }