blob: b5d649e6517aa530684df6c875b75c847f0bc78a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
import ../make-test-python.nix (
{ pkgs, ... }:
let
pantalaimonInstanceName = "testing";
# Set up SSL certs for Synapse to be happy.
runWithOpenSSL = file: cmd: pkgs.runCommand file
{
buildInputs = [ pkgs.openssl ];
}
cmd;
ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048";
ca_pem = runWithOpenSSL "ca.pem" ''
openssl req \
-x509 -new -nodes -key ${ca_key} \
-days 10000 -out $out -subj "/CN=snakeoil-ca"
'';
key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048";
csr = runWithOpenSSL "matrix.csr" ''
openssl req \
-new -key ${key} \
-out $out -subj "/CN=localhost" \
'';
cert = runWithOpenSSL "matrix_cert.pem" ''
openssl x509 \
-req -in ${csr} \
-CA ${ca_pem} -CAkey ${ca_key} \
-CAcreateserial -out $out \
-days 365
'';
in
{
name = "pantalaimon";
meta = with pkgs.lib; {
maintainers = teams.matrix.members;
};
nodes.machine = { pkgs, ... }: {
services.pantalaimon-headless.instances.${pantalaimonInstanceName} = {
homeserver = "https://localhost:8448";
listenAddress = "0.0.0.0";
listenPort = 8888;
logLevel = "debug";
ssl = false;
};
services.matrix-synapse = {
enable = true;
settings = {
listeners = [ {
port = 8448;
bind_addresses = [
"127.0.0.1"
"::1"
];
type = "http";
tls = true;
x_forwarded = false;
resources = [ {
names = [
"client"
];
compress = true;
} {
names = [
"federation"
];
compress = false;
} ];
} ];
database.name = "sqlite3";
tls_certificate_path = "${cert}";
tls_private_key_path = "${key}";
};
};
};
testScript = ''
start_all()
machine.wait_for_unit("pantalaimon-${pantalaimonInstanceName}.service")
machine.wait_for_unit("matrix-synapse.service")
machine.wait_until_succeeds(
"curl --fail -L http://localhost:8888/"
)
'';
}
)
|