64 lines
1.9 KiB
Nix
64 lines
1.9 KiB
Nix
import ./make-test-python.nix ({ lib, pkgs, ... }:
|
|
let
|
|
gpgKeyring = (pkgs.runCommand "gpg-keyring" { buildInputs = [ pkgs.gnupg ]; } ''
|
|
mkdir -p $out
|
|
export GNUPGHOME=$out
|
|
cat > foo <<EOF
|
|
%echo Generating a basic OpenPGP key
|
|
%no-protection
|
|
Key-Type: DSA
|
|
Key-Length: 1024
|
|
Subkey-Type: ELG-E
|
|
Subkey-Length: 1024
|
|
Name-Real: Foo Example
|
|
Name-Email: foo@example.org
|
|
Expire-Date: 0
|
|
# Do a commit here, so that we can later print "done"
|
|
%commit
|
|
%echo done
|
|
EOF
|
|
gpg --batch --generate-key foo
|
|
rm $out/S.gpg-agent $out/S.gpg-agent.*
|
|
'');
|
|
in {
|
|
name = "hockeypuck";
|
|
meta.maintainers = with lib.maintainers; [ etu ];
|
|
|
|
nodes.machine = { ... }: {
|
|
# Used for test
|
|
environment.systemPackages = [ pkgs.gnupg ];
|
|
|
|
services.hockeypuck.enable = true;
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureDatabases = [ "hockeypuck" ];
|
|
ensureUsers = [{
|
|
name = "hockeypuck";
|
|
ensurePermissions."DATABASE hockeypuck" = "ALL PRIVILEGES";
|
|
}];
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
machine.wait_for_unit("hockeypuck.service")
|
|
machine.wait_for_open_port(11371)
|
|
|
|
response = machine.succeed("curl -vvv -s http://127.0.0.1:11371/")
|
|
|
|
assert "<title>OpenPGP Keyserver</title>" in response, "HTML title not found"
|
|
|
|
# Copy the keyring
|
|
machine.succeed("cp -R ${gpgKeyring} /tmp/GNUPGHOME")
|
|
|
|
# Extract our GPG key id
|
|
keyId = machine.succeed("GNUPGHOME=/tmp/GNUPGHOME gpg --list-keys | grep dsa1024 --after-context=1 | grep -v dsa1024").strip()
|
|
|
|
# Send the key to our local keyserver
|
|
machine.succeed("GNUPGHOME=/tmp/GNUPGHOME gpg --keyserver hkp://127.0.0.1:11371 --send-keys " + keyId)
|
|
|
|
# Receive the key from our local keyserver to a separate directory
|
|
machine.succeed("GNUPGHOME=$(mktemp -d) gpg --keyserver hkp://127.0.0.1:11371 --recv-keys " + keyId)
|
|
'';
|
|
})
|