diff options
author | Matt Leon <ml@mattleon.com> | 2023-10-28 23:16:44 -0400 |
---|---|---|
committer | Matt Leon <ml@mattleon.com> | 2024-02-13 19:17:53 -0500 |
commit | c0846f900a71e9bde3bf292882506cbb7cc97528 (patch) | |
tree | 9ef9f2fe169f01ca4dc14c4bb4e569b43e7f1f11 /nixos/tests/matter-server.nix | |
parent | 6d6935549997ea39cf5fa534c75456409c175482 (diff) |
matter-server: add nixos service module
New module to run the python-matter-server executable as a sandboxed system service.
Diffstat (limited to 'nixos/tests/matter-server.nix')
-rw-r--r-- | nixos/tests/matter-server.nix | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/nixos/tests/matter-server.nix b/nixos/tests/matter-server.nix new file mode 100644 index 0000000000000..c646e9840d194 --- /dev/null +++ b/nixos/tests/matter-server.nix @@ -0,0 +1,45 @@ +import ./make-test-python.nix ({ pkgs, lib, ...} : + +let + chipVersion = pkgs.python311Packages.home-assistant-chip-core.version; +in + +{ + name = "matter-server"; + meta.maintainers = with lib.maintainers; [ leonm1 ]; + + nodes = { + machine = { config, ... }: { + services.matter-server = { + enable = true; + port = 1234; + }; + }; + }; + + testScript = /* python */ '' + start_all() + + machine.wait_for_unit("matter-server.service") + machine.wait_for_open_port(1234) + + with subtest("Check websocket server initialized"): + output = machine.succeed("echo \"\" | ${pkgs.websocat}/bin/websocat ws://localhost:1234/ws") + machine.log(output) + + assert '"sdk_version": "${chipVersion}"' in output, ( + 'CHIP version \"${chipVersion}\" not present in websocket message' + ) + + assert '"fabric_id": 1' in output, ( + "fabric_id not propagated to server" + ) + + with subtest("Check storage directory is created"): + machine.succeed("ls /var/lib/matter-server/chip.json") + + with subtest("Check systemd hardening"): + _, output = machine.execute("systemd-analyze security matter-server.service | grep -v '✓'") + machine.log(output) + ''; +}) |