mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-01 01:51:24 +00:00
130 lines
4.1 KiB
Nix
130 lines
4.1 KiB
Nix
import ../make-test.nix ({ pkgs, ...}: let
|
|
adminpass = "hunter2";
|
|
adminuser = "custom-admin-username";
|
|
in {
|
|
name = "nextcloud-with-postgresql-and-redis";
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
maintainers = [ eqyiel ];
|
|
};
|
|
|
|
nodes = {
|
|
# The only thing the client needs to do is download a file.
|
|
client = { ... }: {};
|
|
|
|
nextcloud = { config, pkgs, ... }: {
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
|
|
services.nextcloud = {
|
|
enable = true;
|
|
hostName = "nextcloud";
|
|
nginx.enable = true;
|
|
caching = {
|
|
apcu = false;
|
|
redis = true;
|
|
memcached = false;
|
|
};
|
|
config = {
|
|
dbtype = "pgsql";
|
|
dbname = "nextcloud";
|
|
dbuser = "nextcloud";
|
|
dbhost = "/run/postgresql";
|
|
inherit adminuser;
|
|
adminpassFile = toString (pkgs.writeText "admin-pass-file" ''
|
|
${adminpass}
|
|
'');
|
|
};
|
|
};
|
|
|
|
services.redis = {
|
|
unixSocket = "/var/run/redis/redis.sock";
|
|
enable = true;
|
|
extraConfig = ''
|
|
unixsocketperm 770
|
|
'';
|
|
};
|
|
|
|
systemd.services.redis = {
|
|
preStart = ''
|
|
mkdir -p /var/run/redis
|
|
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis
|
|
'';
|
|
serviceConfig.PermissionsStartOnly = true;
|
|
};
|
|
|
|
systemd.services.nextcloud-setup= {
|
|
requires = ["postgresql.service"];
|
|
after = [
|
|
"postgresql.service"
|
|
"chown-redis-socket.service"
|
|
];
|
|
};
|
|
|
|
# At the time of writing, redis creates its socket with the "nobody"
|
|
# group. I figure this is slightly less bad than making the socket world
|
|
# readable.
|
|
systemd.services.chown-redis-socket = {
|
|
enable = true;
|
|
script = ''
|
|
until ${pkgs.redis}/bin/redis-cli ping; do
|
|
echo "waiting for redis..."
|
|
sleep 1
|
|
done
|
|
chown ${config.services.redis.user}:${config.services.nginx.group} /var/run/redis/redis.sock
|
|
'';
|
|
after = [ "redis.service" ];
|
|
requires = [ "redis.service" ];
|
|
wantedBy = [ "redis.service" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
};
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureDatabases = [ "nextcloud" ];
|
|
ensureUsers = [
|
|
{ name = "nextcloud";
|
|
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = let
|
|
configureRedis = pkgs.writeScript "configure-redis" ''
|
|
#!${pkgs.stdenv.shell}
|
|
nextcloud-occ config:system:set redis 'host' --value '/var/run/redis/redis.sock' --type string
|
|
nextcloud-occ config:system:set redis 'port' --value 0 --type integer
|
|
nextcloud-occ config:system:set memcache.local --value '\OC\Memcache\Redis' --type string
|
|
nextcloud-occ config:system:set memcache.locking --value '\OC\Memcache\Redis' --type string
|
|
'';
|
|
withRcloneEnv = pkgs.writeScript "with-rclone-env" ''
|
|
#!${pkgs.stdenv.shell}
|
|
export RCLONE_CONFIG_NEXTCLOUD_TYPE=webdav
|
|
export RCLONE_CONFIG_NEXTCLOUD_URL="http://nextcloud/remote.php/webdav/"
|
|
export RCLONE_CONFIG_NEXTCLOUD_VENDOR="nextcloud"
|
|
export RCLONE_CONFIG_NEXTCLOUD_USER="${adminuser}"
|
|
export RCLONE_CONFIG_NEXTCLOUD_PASS="$(${pkgs.rclone}/bin/rclone obscure ${adminpass})"
|
|
"''${@}"
|
|
'';
|
|
copySharedFile = pkgs.writeScript "copy-shared-file" ''
|
|
#!${pkgs.stdenv.shell}
|
|
echo 'hi' | ${pkgs.rclone}/bin/rclone rcat nextcloud:test-shared-file
|
|
'';
|
|
|
|
diffSharedFile = pkgs.writeScript "diff-shared-file" ''
|
|
#!${pkgs.stdenv.shell}
|
|
diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file)
|
|
'';
|
|
in ''
|
|
startAll();
|
|
$nextcloud->waitForUnit("multi-user.target");
|
|
$nextcloud->succeed("${configureRedis}");
|
|
$nextcloud->succeed("curl -sSf http://nextcloud/login");
|
|
$nextcloud->succeed("${withRcloneEnv} ${copySharedFile}");
|
|
$client->waitForUnit("multi-user.target");
|
|
$client->succeed("${withRcloneEnv} ${diffSharedFile}");
|
|
'';
|
|
})
|