52 lines
1.4 KiB
Nix
52 lines
1.4 KiB
Nix
{ lib, pkgs, ... }:
|
|
let
|
|
certs = import redlib/snakeoil-certs.nix;
|
|
redditDomain = certs.domain;
|
|
in
|
|
{
|
|
name = "redlib";
|
|
meta.maintainers = with lib.maintainers; [
|
|
bpeetz
|
|
Guanran928
|
|
];
|
|
|
|
nodes.machine = {
|
|
# The test will hang if Redlib can't initialize its OAuth client, so we
|
|
# provide it with a mock endpoint.
|
|
networking.hosts."127.0.0.1" = [ redditDomain ];
|
|
security.pki.certificates = [
|
|
(builtins.readFile certs.ca.cert)
|
|
];
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts.${redditDomain} = {
|
|
onlySSL = true;
|
|
sslCertificate = certs.${redditDomain}.cert;
|
|
sslCertificateKey = certs.${redditDomain}.key;
|
|
locations."/auth/v2/oauth/access-token/loid".extraConfig = ''
|
|
return 200 "{\"access_token\":\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\",\"expires_in\":0}";
|
|
'';
|
|
};
|
|
};
|
|
|
|
services.redlib = {
|
|
package = pkgs.redlib;
|
|
enable = true;
|
|
# Test CAP_NET_BIND_SERVICE
|
|
port = 80;
|
|
|
|
settings = {
|
|
REDLIB_DEFAULT_USE_HLS = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
machine.wait_for_unit("redlib.service")
|
|
machine.wait_for_open_port(80)
|
|
# Query a page that does not require Internet access
|
|
machine.succeed("curl --fail http://localhost:80/settings")
|
|
machine.succeed("curl --fail http://localhost:80/info | grep '<tr><td>Use HLS</td><td>on</td></tr>'")
|
|
'';
|
|
}
|