8aea528872
Setting up a XMPP chat server is a pretty deep rabbit whole to jump in when you're not familiar with this whole universe. Your experience with this environment will greatly depends on whether or not your server implements the right set of XEPs. To tackle this problem, the XMPP community came with the idea of creating a meta-XEP in charge of listing the desirable XEPs to comply with. This meta-XMP is issued every year under an new XEP number. The 2020 one being XEP-0423[1]. This prosody nixos module refactoring makes complying with XEP-0423 easier. All the necessary extensions are enabled by default. For some extensions (MUC and HTTP_UPLOAD), we need some input from the user and cannot provide a sensible default nixpkgs-wide. For those, we guide the user using a couple of assertions explaining the remaining manual steps to perform. We took advantage of this substential refactoring to refresh the associated nixos test. Changelog: - Update the prosody package to provide the necessary community modules in order to comply with XEP-0423. This is a tradeoff, as depending on their configuration, the user might end up not using them and wasting some disk space. That being said, adding those will allow the XEP-0423 users, which I expect to be the majority of users, to leverage a bit more the binary cache. - Add a muc submodule populated with the prosody muc defaults. - Add a http_upload submodule in charge of setting up a basic http server handling the user uploads. This submodule is in is spinning up an HTTP(s) server in charge of receiving and serving the user's attachments. - Advertise both the MUCs and the http_upload endpoints using mod disco. - Use the slixmpp library in place of the now defunct sleekxmpp for the prosody NixOS test. - Update the nixos test to setup and test the MUC and http upload features. - Add a couple of assertions triggered if the setup is not xep-0423 compliant. [1] https://xmpp.org/extensions/xep-0423.html
92 lines
3.1 KiB
Nix
92 lines
3.1 KiB
Nix
let
|
|
cert = pkgs: pkgs.runCommandNoCC "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
|
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=example.com/CN=uploads.example.com/CN=conference.example.com'
|
|
mkdir -p $out
|
|
cp key.pem cert.pem $out
|
|
'';
|
|
createUsers = pkgs: pkgs.writeScriptBin "create-prosody-users" ''
|
|
#!${pkgs.bash}/bin/bash
|
|
set -e
|
|
|
|
# Creates and set password for the 2 xmpp test users.
|
|
#
|
|
# Doing that in a bash script instead of doing that in the test
|
|
# script allow us to easily provision the users when running that
|
|
# test interactively.
|
|
|
|
prosodyctl register cthon98 example.com nothunter2
|
|
prosodyctl register azurediamond example.com hunter2
|
|
'';
|
|
delUsers = pkgs: pkgs.writeScriptBin "delete-prosody-users" ''
|
|
#!${pkgs.bash}/bin/bash
|
|
set -e
|
|
|
|
# Deletes the test users.
|
|
#
|
|
# Doing that in a bash script instead of doing that in the test
|
|
# script allow us to easily provision the users when running that
|
|
# test interactively.
|
|
|
|
prosodyctl deluser cthon98@example.com
|
|
prosodyctl deluser azurediamond@example.com
|
|
'';
|
|
in import ../make-test-python.nix {
|
|
name = "prosody";
|
|
nodes = {
|
|
client = { nodes, pkgs, config, ... }: {
|
|
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
|
|
console.keyMap = "fr-bepo";
|
|
networking.extraHosts = ''
|
|
${nodes.server.config.networking.primaryIPAddress} example.com
|
|
${nodes.server.config.networking.primaryIPAddress} conference.example.com
|
|
${nodes.server.config.networking.primaryIPAddress} uploads.example.com
|
|
'';
|
|
environment.systemPackages = [
|
|
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
|
|
];
|
|
};
|
|
server = { config, pkgs, ... }: {
|
|
security.pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
|
|
console.keyMap = "fr-bepo";
|
|
networking.extraHosts = ''
|
|
${config.networking.primaryIPAddress} example.com
|
|
${config.networking.primaryIPAddress} conference.example.com
|
|
${config.networking.primaryIPAddress} uploads.example.com
|
|
'';
|
|
networking.firewall.enable = false;
|
|
environment.systemPackages = [
|
|
(createUsers pkgs)
|
|
(delUsers pkgs)
|
|
];
|
|
services.prosody = {
|
|
enable = true;
|
|
ssl.cert = "${cert pkgs}/cert.pem";
|
|
ssl.key = "${cert pkgs}/key.pem";
|
|
virtualHosts.example = {
|
|
domain = "example.com";
|
|
enabled = true;
|
|
ssl.cert = "${cert pkgs}/cert.pem";
|
|
ssl.key = "${cert pkgs}/key.pem";
|
|
};
|
|
muc = [
|
|
{
|
|
domain = "conference.example.com";
|
|
}
|
|
];
|
|
uploadHttp = {
|
|
domain = "uploads.example.com";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = { nodes, ... }: ''
|
|
server.wait_for_unit("prosody.service")
|
|
server.succeed('prosodyctl status | grep "Prosody is running"')
|
|
|
|
server.succeed("create-prosody-users")
|
|
client.succeed('send-message 2>&1 | grep "XMPP SCRIPT TEST SUCCESS"')
|
|
server.succeed("delete-prosody-users")
|
|
'';
|
|
}
|