nixosTests.redlib: mock OAuth endpoint
This commit is contained in:
Ryan Hendrickson
@@ -4,11 +4,8 @@
|
|||||||
pkgs ? import <nixpkgs> { },
|
pkgs ? import <nixpkgs> { },
|
||||||
minica ? pkgs.minica,
|
minica ? pkgs.minica,
|
||||||
mkDerivation ? pkgs.stdenv.mkDerivation,
|
mkDerivation ? pkgs.stdenv.mkDerivation,
|
||||||
|
domain ? (import ./snakeoil-certs.nix).domain,
|
||||||
}:
|
}:
|
||||||
let
|
|
||||||
conf = import ./snakeoil-certs.nix;
|
|
||||||
domain = conf.domain;
|
|
||||||
in
|
|
||||||
mkDerivation {
|
mkDerivation {
|
||||||
name = "test-certs";
|
name = "test-certs";
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|||||||
@@ -1,4 +1,8 @@
|
|||||||
{ lib, pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
certs = import redlib/snakeoil-certs.nix;
|
||||||
|
redditDomain = certs.domain;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
name = "redlib";
|
name = "redlib";
|
||||||
meta.maintainers = with lib.maintainers; [
|
meta.maintainers = with lib.maintainers; [
|
||||||
@@ -7,6 +11,24 @@
|
|||||||
];
|
];
|
||||||
|
|
||||||
nodes.machine = {
|
nodes.machine = {
|
||||||
|
# The test will hang if Redlib can't initialize its OAuth client, so we
|
||||||
|
# provide it with a mock endpoint.
|
||||||
|
networking.hosts."127.0.0.1" = [ redditDomain ];
|
||||||
|
security.pki.certificates = [
|
||||||
|
(builtins.readFile certs.ca.cert)
|
||||||
|
];
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.${redditDomain} = {
|
||||||
|
onlySSL = true;
|
||||||
|
sslCertificate = certs.${redditDomain}.cert;
|
||||||
|
sslCertificateKey = certs.${redditDomain}.key;
|
||||||
|
locations."/auth/v2/oauth/access-token/loid".extraConfig = ''
|
||||||
|
return 200 "{\"access_token\":\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\",\"expires_in\":0}";
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
services.redlib = {
|
services.redlib = {
|
||||||
package = pkgs.redlib;
|
package = pkgs.redlib;
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
13
nixos/tests/redlib/ca.cert.pem
Normal file
13
nixos/tests/redlib/ca.cert.pem
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB/TCCAYKgAwIBAgIIR+NCHSDJCIAwCgYIKoZIzj0EAwMwIDEeMBwGA1UEAxMV
|
||||||
|
bWluaWNhIHJvb3QgY2EgNDdlMzQyMCAXDTI1MTEwOTA2MjMwNFoYDzIxMjUxMTA5
|
||||||
|
MDYyMzA0WjAgMR4wHAYDVQQDExVtaW5pY2Egcm9vdCBjYSA0N2UzNDIwdjAQBgcq
|
||||||
|
hkjOPQIBBgUrgQQAIgNiAASo81ED5tomfR47qFXpan+0cBKP7eoAhAAkJeT9w/h2
|
||||||
|
axpVVQ/X+rDFu1QbKDqE7lJ2j3Ue7eb/6Q5Zrt9MSFPDcQz7eFr6kX0S2u5AHO9z
|
||||||
|
6E60gUNUwZBDBenr0P/uTQ6jgYYwgYMwDgYDVR0PAQH/BAQDAgKEMB0GA1UdJQQW
|
||||||
|
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
|
||||||
|
DgQWBBQuPLVPdRiEUCga2W3RKwL4diQVMDAfBgNVHSMEGDAWgBQuPLVPdRiEUCga
|
||||||
|
2W3RKwL4diQVMDAKBggqhkjOPQQDAwNpADBmAjEAqG8PIYJ0CQG3CfLsQFpwDLmj
|
||||||
|
DoEFgcRMkRQz4vtAQMpLhoo8VAPo7Vl+AAaZgRVPAjEA6XDte56Oou5qMj4Zkzi8
|
||||||
|
EYIucHtYrfTNJOarDSYYvTlNrmuQ73KTP4Hxfd26TA2q
|
||||||
|
-----END CERTIFICATE-----
|
||||||
6
nixos/tests/redlib/ca.key.pem
Normal file
6
nixos/tests/redlib/ca.key.pem
Normal file
@@ -0,0 +1,6 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBuuWbxl4uwwcIT0SvT
|
||||||
|
jcQHDekytbQrLw4imrpfrAJmTdvyHcfEGiWuwscs36mq50WhZANiAASo81ED5tom
|
||||||
|
fR47qFXpan+0cBKP7eoAhAAkJeT9w/h2axpVVQ/X+rDFu1QbKDqE7lJ2j3Ue7eb/
|
||||||
|
6Q5Zrt9MSFPDcQz7eFr6kX0S2u5AHO9z6E60gUNUwZBDBenr0P/uTQ4=
|
||||||
|
-----END PRIVATE KEY-----
|
||||||
17
nixos/tests/redlib/snakeoil-certs.nix
Normal file
17
nixos/tests/redlib/snakeoil-certs.nix
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
# To generate cert files:
|
||||||
|
# cp $(nix-build ../common/acme/server/generate-certs.nix --arg domain '(import ./snakeoil-certs.nix).domain' --no-out-link)/* .
|
||||||
|
|
||||||
|
let
|
||||||
|
domain = "www.reddit.com";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
inherit domain;
|
||||||
|
ca = {
|
||||||
|
cert = ./ca.cert.pem;
|
||||||
|
key = ./ca.key.pem;
|
||||||
|
};
|
||||||
|
${domain} = {
|
||||||
|
cert = ./${domain}.cert.pem;
|
||||||
|
key = ./${domain}.key.pem;
|
||||||
|
};
|
||||||
|
}
|
||||||
13
nixos/tests/redlib/www.reddit.com.cert.pem
Normal file
13
nixos/tests/redlib/www.reddit.com.cert.pem
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIB5jCCAW2gAwIBAgIIFaN6FT3RbaswCgYIKoZIzj0EAwMwIDEeMBwGA1UEAxMV
|
||||||
|
bWluaWNhIHJvb3QgY2EgNDdlMzQyMB4XDTI1MTEwOTA2MjMwNFoXDTQ1MTEwOTA2
|
||||||
|
MjMwNFowGTEXMBUGA1UEAxMOd3d3LnJlZGRpdC5jb20wdjAQBgcqhkjOPQIBBgUr
|
||||||
|
gQQAIgNiAAQpU1quYyW3g2ZjtwSFLNOhucqkjFhCN5rcSZOLpbnieelZ6axvoH6x
|
||||||
|
2Znfcu4YqYtK8G/zHDv2o9gQQpDBcWp7dobpUVbfrSRxsr5LEYlEXPUslbFkFWau
|
||||||
|
HzKTx5QTyu2jezB5MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
|
||||||
|
AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQuPLVPdRiEUCga
|
||||||
|
2W3RKwL4diQVMDAZBgNVHREEEjAQgg53d3cucmVkZGl0LmNvbTAKBggqhkjOPQQD
|
||||||
|
AwNnADBkAjAqU0nW3KRXEZMTP9qjnNqherjVYa8WPWMCtwYqiFDOWilByZFjEZUs
|
||||||
|
8it+unxaNe4CMA12fOFHgsM1tKRiSslIHXSx5V71RkXGrQxxqfRlD0w7LjsJWXRv
|
||||||
|
Z6DKyxfF6MJPEA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
6
nixos/tests/redlib/www.reddit.com.key.pem
Normal file
6
nixos/tests/redlib/www.reddit.com.key.pem
Normal file
@@ -0,0 +1,6 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1r7aQH0yOtCYquZXn
|
||||||
|
1jVqo9gD7kIZRa4TaeHNRRKcv9w9WswTfSJ/0QILIFP0K7WhZANiAAQpU1quYyW3
|
||||||
|
g2ZjtwSFLNOhucqkjFhCN5rcSZOLpbnieelZ6axvoH6x2Znfcu4YqYtK8G/zHDv2
|
||||||
|
o9gQQpDBcWp7dobpUVbfrSRxsr5LEYlEXPUslbFkFWauHzKTx5QTyu0=
|
||||||
|
-----END PRIVATE KEY-----
|
||||||
Reference in New Issue
Block a user