ebd38185c8
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de> Co-authored-by: Robin Gloster <mail@glob.in> Co-authored-by: Janne Heß <janne@hess.ooo> Co-authored-by: Florian Klink <flokli@flokli.de>
131 lines
4.2 KiB
Nix
131 lines
4.2 KiB
Nix
import ../make-test.nix ({ pkgs, ...}: let
|
|
adminpass = "hunter2";
|
|
adminuser = "custom-admin-username";
|
|
in {
|
|
name = "nextcloud-with-postgresql-and-redis";
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
maintainers = [ eqyiel ];
|
|
};
|
|
|
|
nodes = {
|
|
# The only thing the client needs to do is download a file.
|
|
client = { ... }: {};
|
|
|
|
nextcloud = { config, pkgs, ... }: {
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
|
|
services.nextcloud = {
|
|
enable = true;
|
|
hostName = "nextcloud";
|
|
nginx.enable = true;
|
|
caching = {
|
|
apcu = false;
|
|
redis = true;
|
|
memcached = false;
|
|
};
|
|
config = {
|
|
dbtype = "pgsql";
|
|
dbname = "nextcloud";
|
|
dbuser = "nextcloud";
|
|
dbhost = "localhost";
|
|
dbpassFile = toString (pkgs.writeText "db-pass-file" ''
|
|
hunter2
|
|
'');
|
|
inherit adminuser;
|
|
adminpassFile = toString (pkgs.writeText "admin-pass-file" ''
|
|
${adminpass}
|
|
'');
|
|
};
|
|
};
|
|
|
|
services.redis = {
|
|
unixSocket = "/var/run/redis/redis.sock";
|
|
enable = true;
|
|
extraConfig = ''
|
|
unixsocketperm 770
|
|
'';
|
|
};
|
|
|
|
systemd.services.redis = {
|
|
preStart = ''
|
|
mkdir -p /var/run/redis
|
|
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis
|
|
'';
|
|
serviceConfig.PermissionsStartOnly = true;
|
|
};
|
|
|
|
systemd.services."nextcloud-setup"= {
|
|
requires = ["postgresql.service"];
|
|
after = [
|
|
"postgresql.service"
|
|
"chown-redis-socket.service"
|
|
];
|
|
};
|
|
|
|
# At the time of writing, redis creates its socket with the "nobody"
|
|
# group. I figure this is slightly less bad than making the socket world
|
|
# readable.
|
|
systemd.services."chown-redis-socket" = {
|
|
enable = true;
|
|
script = ''
|
|
until ${pkgs.redis}/bin/redis-cli ping; do
|
|
echo "waiting for redis..."
|
|
sleep 1
|
|
done
|
|
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis/redis.sock
|
|
'';
|
|
after = [ "redis.service" ];
|
|
requires = [ "redis.service" ];
|
|
wantedBy = [ "redis.service" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
};
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
initialScript = pkgs.writeText "psql-init" ''
|
|
create role nextcloud with login password 'hunter2';
|
|
create database nextcloud with owner nextcloud;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = let
|
|
configureRedis = pkgs.writeScript "configure-redis" ''
|
|
#!${pkgs.stdenv.shell}
|
|
nextcloud-occ config:system:set redis 'host' --value '/var/run/redis/redis.sock' --type string
|
|
nextcloud-occ config:system:set redis 'port' --value 0 --type integer
|
|
nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string
|
|
nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string
|
|
'';
|
|
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
|
|
#!${pkgs.stdenv.shell}
|
|
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
|
|
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/"
|
|
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
|
|
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
|
|
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})"
|
|
"''${@}"
|
|
'';
|
|
copySharedFile = pkgs.writeScript "copy-shared-file" ''
|
|
#!${pkgs.stdenv.shell}
|
|
echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
|
|
'';
|
|
|
|
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
|
|
#!${pkgs.stdenv.shell}
|
|
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
|
|
'';
|
|
in ''
|
|
startAll();
|
|
$nextcloud->waitForUnit("multi-user.target");
|
|
$nextcloud->succeed("${configureRedis}");
|
|
$nextcloud->succeed("curl -sSf http://nextcloud/login");
|
|
$nextcloud->succeed("${withRcloneEnv} ${copySharedFile}");
|
|
$client->waitForUnit("multi-user.target");
|
|
$client->succeed("${withRcloneEnv} ${diffSharedFile}");
|
|
'';
|
|
})
|