mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-09-29 15:43:00 +00:00
nixos/tests/miniflux: add test for external database
This commit is contained in:
parent
1f8385d6d1
commit
cb5f2a8e87
@ -140,6 +140,7 @@ in
|
||||
include "${pkgs.apparmorRulesFromClosure { name = "miniflux"; } cfg.package}"
|
||||
r ${cfg.package}/bin/miniflux,
|
||||
r @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size,
|
||||
rw /run/miniflux/**,
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
@ -15,6 +15,10 @@ let
|
||||
ADMIN_USERNAME=${username}
|
||||
ADMIN_PASSWORD=${password}
|
||||
'';
|
||||
postgresPassword = "correcthorsebatterystaple";
|
||||
postgresPasswordFile = pkgs.writeText "pgpass" ''
|
||||
*:*:*:*:${postgresPassword}
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
@ -56,6 +60,40 @@ in
|
||||
adminCredentialsFile = customAdminCredentialsFile;
|
||||
};
|
||||
};
|
||||
|
||||
postgresTcp = { config, pkgs, lib, ... }: {
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
initialScript = pkgs.writeText "init-postgres" ''
|
||||
CREATE USER miniflux WITH PASSWORD '${postgresPassword}';
|
||||
CREATE DATABASE miniflux WITH OWNER miniflux;
|
||||
'';
|
||||
enableTCPIP = true;
|
||||
authentication = ''
|
||||
host sameuser miniflux samenet scram-sha-256
|
||||
'';
|
||||
};
|
||||
systemd.services.postgresql.postStart = lib.mkAfter ''
|
||||
$PSQL -tAd miniflux -c 'CREATE EXTENSION hstore;'
|
||||
'';
|
||||
networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
|
||||
};
|
||||
externalDb = { ... }: {
|
||||
security.apparmor.enable = true;
|
||||
services.miniflux = {
|
||||
enable = true;
|
||||
createDatabaseLocally = false;
|
||||
inherit adminCredentialsFile;
|
||||
config = {
|
||||
DATABASE_URL = "user=miniflux host=postgresTcp dbname=miniflux sslmode=disable";
|
||||
PGPASSFILE = "/run/miniflux/pgpass";
|
||||
};
|
||||
};
|
||||
systemd.services.miniflux.preStart = ''
|
||||
cp ${postgresPasswordFile} /run/miniflux/pgpass
|
||||
chmod 600 /run/miniflux/pgpass
|
||||
'';
|
||||
};
|
||||
};
|
||||
testScript = ''
|
||||
def runTest(machine, port, user):
|
||||
@ -67,10 +105,17 @@ in
|
||||
)
|
||||
machine.fail('journalctl -b --no-pager --grep "^audit: .*apparmor=\\"DENIED\\""')
|
||||
|
||||
start_all()
|
||||
default.start()
|
||||
withoutSudo.start()
|
||||
customized.start()
|
||||
postgresTcp.start()
|
||||
|
||||
runTest(default, ${toString defaultPort}, "${defaultUsername}:${defaultPassword}")
|
||||
runTest(withoutSudo, ${toString defaultPort}, "${defaultUsername}:${defaultPassword}")
|
||||
runTest(customized, ${toString port}, "${username}:${password}")
|
||||
|
||||
postgresTcp.wait_for_unit("postgresql.service")
|
||||
externalDb.start()
|
||||
runTest(externalDb, ${toString defaultPort}, "${defaultUsername}:${defaultPassword}")
|
||||
'';
|
||||
})
|
||||
|
Loading…
Reference in New Issue
Block a user