diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/by-name/sh/sharkey-cpu/test.nix | 7 | ||||
| -rw-r--r-- | tests/by-name/sh/sharkey/test.nix | 1 | ||||
| -rw-r--r-- | tests/by-name/ta/taskchampion-sync/test.nix | 88 |
3 files changed, 82 insertions, 14 deletions
diff --git a/tests/by-name/sh/sharkey-cpu/test.nix b/tests/by-name/sh/sharkey-cpu/test.nix index d4f9332..438cfb3 100644 --- a/tests/by-name/sh/sharkey-cpu/test.nix +++ b/tests/by-name/sh/sharkey-cpu/test.nix @@ -11,7 +11,7 @@ nixos-lib.runTest { hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs - name = "sharkey-images"; + name = "sharkey-cpu"; node = { specialArgs = {inherit pkgsUnstable extraModules vhackPackages nixpkgs-unstable nixLib;}; @@ -40,7 +40,7 @@ nixos-lib.runTest { # Avoid an error from this service. "acme-sharkey.server".serviceConfig.ExecStart = pkgs.lib.mkForce "${pkgs.lib.getExe' pkgs.coreutils "true"}"; - # Test, that sharkey's hardening still allows access to the CPUs. + # Test that sharkey's hardening still allows access to the CPUs. sharkey.serviceConfig.ExecStart = let nodejs = pkgs.lib.getExe pkgsUnstable.nodejs; script = pkgs.writeTextFile { @@ -66,9 +66,8 @@ nixos-lib.runTest { from time import sleep start_all() - server.wait_for_unit("sharkey.service") - # Give the service time to start. + # Give the service time to run. sleep(3) with subtest("All services running"): diff --git a/tests/by-name/sh/sharkey/test.nix b/tests/by-name/sh/sharkey/test.nix index 40efe17..b2ad461 100644 --- a/tests/by-name/sh/sharkey/test.nix +++ b/tests/by-name/sh/sharkey/test.nix @@ -97,7 +97,6 @@ nixos-lib.runTest { # Start the actual testing machines start_all() - with subtest("Add pebble ca key to all services"): for node in [name_server, server, client]: node.wait_for_unit("network-online.target") diff --git a/tests/by-name/ta/taskchampion-sync/test.nix b/tests/by-name/ta/taskchampion-sync/test.nix index 4dd273b..99134bc 100644 --- a/tests/by-name/ta/taskchampion-sync/test.nix +++ b/tests/by-name/ta/taskchampion-sync/test.nix @@ -19,35 +19,87 @@ nixos-lib.runTest { pkgs = null; }; - nodes = { + nodes = let + # The feature flag is only in version 3.2 and upwards. Stable is still on 3.1 + taskwarriorPackage = pkgsUnstable.taskwarrior3.overrideAttrs (final: prev: { + cmakeFlags = (prev.cmakeFlags or []) ++ ["-DENABLE_TLS_NATIVE_ROOTS=true"]; + }); + in { + acme = { + imports = [ + ../../../common/acme/server.nix + ../../../common/dns/client.nix + ]; + }; + name_server = {nodes, ...}: { + imports = + extraModules + ++ [ + ../../../common/acme/client.nix + ../../../common/dns/server.nix + ]; + + vhack.dns.zones = { + "taskchampion.server" = { + SOA = { + nameServer = "ns"; + adminEmail = "admin@server.com"; + serial = 2025012301; + }; + useOrigin = false; + + A = [ + nodes.server.networking.primaryIPAddress + ]; + AAAA = [ + nodes.server.networking.primaryIPv6Address + ]; + }; + }; + }; + server = {config, ...}: { imports = extraModules ++ [ ../../../../modules + ../../../common/acme/client.nix + ../../../common/dns/client.nix ]; vhack = { - taskchampion-sync.enable = true; + persist.enable = true; + nginx.enable = true; + taskchampion-sync = { + enable = true; + fqdn = "taskchampion.server"; + }; }; }; task_client1 = {config, ...}: { + imports = [ + ../../../common/acme/client.nix + ../../../common/dns/client.nix + ]; + environment.systemPackages = [ - pkgs.taskwarrior3 + taskwarriorPackage ]; }; task_client2 = {config, ...}: { + imports = [ + ../../../common/acme/client.nix + ../../../common/dns/client.nix + ]; + environment.systemPackages = [ - pkgs.taskwarrior3 + taskwarriorPackage ]; }; }; testScript = {nodes, ...}: let - cfg = nodes.server.services.taskchampion-sync-server; - port = builtins.toString cfg.port; - # Generated with uuidgen uuid = "bf01376e-04a4-435a-9263-608567531af3"; password = "nixos-test"; @@ -57,19 +109,33 @@ nixos-lib.runTest { set -xe mkdir --parents "$(dirname "${path}")" - echo 'sync.server.origin=http://server:${port}' >> "${path}" + echo 'sync.server.url=https://taskchampion.server' >> "${path}" echo 'sync.server.client_id=${uuid}' >> "${path}" echo 'sync.encryption_secret=${password}' >> "${path}" ''; + + acme_scripts = import ../../../common/acme/scripts.nix {inherit pkgs;}; in /* python */ '' + # Start dependencies for the other services + acme.start() + acme.wait_for_unit("pebble.service") + name_server.start() + name_server.wait_for_unit("nsd.service") + + # Start actual test start_all() + with subtest("Add pebble ca key to all services"): + for node in [name_server, server, task_client1, task_client2]: + node.wait_for_unit("network-online.target") + node.succeed("${acme_scripts.add_pebble_acme_ca}") + server.wait_for_unit("taskchampion-sync-server.service") - server.wait_for_open_port(${port}) + server.wait_for_open_port(443) with subtest("Setup task syncing"): for task in [task_client1, task_client2]: @@ -81,11 +147,15 @@ nixos-lib.runTest { task_client1.succeed("task add 'First task -- task_client1'") task_client2.succeed("task add 'First task -- task_client2'") + # Wait for the server to acquire the acme certificate + task_client1.wait_until_succeed("curl https://taskchampion.server") + with subtest("Can sync tasks"): for task in [task_client1, task_client2]: task.succeed("task sync") task_client1.succeed("task sync") + with subtest("Have correct tasks"): count1 = task_client1.succeed("task count") count2 = task_client2.succeed("task count") |