| 
									
										
										
										
											2019-11-05 14:35:54 +01:00
										 |  |  | import ./make-test-python.nix ({ pkgs, ... } : let | 
					
						
							| 
									
										
										
										
											2019-02-06 15:46:00 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   runWithOpenSSL = file: cmd: pkgs.runCommand file { | 
					
						
							|  |  |  |     buildInputs = [ pkgs.openssl ]; | 
					
						
							|  |  |  |   } cmd; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048"; | 
					
						
							|  |  |  |   ca_pem = runWithOpenSSL "ca.pem" ''
 | 
					
						
							|  |  |  |     openssl req \ | 
					
						
							|  |  |  |       -x509 -new -nodes -key ${ca_key} \ | 
					
						
							|  |  |  |       -days 10000 -out $out -subj "/CN=snakeoil-ca" | 
					
						
							|  |  |  |   '';
 | 
					
						
							|  |  |  |   key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048"; | 
					
						
							|  |  |  |   csr = runWithOpenSSL "matrix.csr" ''
 | 
					
						
							|  |  |  |     openssl req \ | 
					
						
							|  |  |  |        -new -key ${key} \ | 
					
						
							|  |  |  |        -out $out -subj "/CN=localhost" \ | 
					
						
							|  |  |  |   '';
 | 
					
						
							|  |  |  |   cert = runWithOpenSSL "matrix_cert.pem" ''
 | 
					
						
							|  |  |  |     openssl x509 \ | 
					
						
							|  |  |  |       -req -in ${csr} \ | 
					
						
							|  |  |  |       -CA ${ca_pem} -CAkey ${ca_key} \ | 
					
						
							|  |  |  |       -CAcreateserial -out $out \ | 
					
						
							|  |  |  |       -days 365 | 
					
						
							|  |  |  |   '';
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | in { | 
					
						
							| 
									
										
										
										
											2017-11-04 15:21:55 -03:00
										 |  |  | 
 | 
					
						
							|  |  |  |   name = "matrix-synapse"; | 
					
						
							| 
									
										
										
										
											2021-01-10 20:08:30 +01:00
										 |  |  |   meta = with pkgs.lib; { | 
					
						
							| 
									
										
										
										
											2020-06-12 03:05:26 +02:00
										 |  |  |     maintainers = teams.matrix.members; | 
					
						
							| 
									
										
										
										
											2017-11-04 15:21:55 -03:00
										 |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   nodes = { | 
					
						
							| 
									
										
										
										
											2018-08-26 10:38:52 +02:00
										 |  |  |     # Since 0.33.0, matrix-synapse doesn't allow underscores in server names | 
					
						
							| 
									
										
										
										
											2020-02-18 14:50:19 +01:00
										 |  |  |     serverpostgres = { pkgs, ... }: { | 
					
						
							| 
									
										
										
										
											2019-02-06 15:46:00 +01:00
										 |  |  |       services.matrix-synapse = { | 
					
						
							|  |  |  |         enable = true; | 
					
						
							|  |  |  |         database_type = "psycopg2"; | 
					
						
							|  |  |  |         tls_certificate_path = "${cert}"; | 
					
						
							|  |  |  |         tls_private_key_path = "${key}"; | 
					
						
							| 
									
										
										
										
											2020-02-18 14:50:19 +01:00
										 |  |  |         database_args = { | 
					
						
							|  |  |  |           password = "synapse"; | 
					
						
							|  |  |  |         }; | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  |       services.postgresql = { | 
					
						
							|  |  |  |         enable = true; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         # The database name and user are configured by the following options: | 
					
						
							|  |  |  |         #   - services.matrix-synapse.database_name | 
					
						
							|  |  |  |         #   - services.matrix-synapse.database_user | 
					
						
							|  |  |  |         # | 
					
						
							|  |  |  |         # The values used here represent the default values of the module. | 
					
						
							|  |  |  |         initialScript = pkgs.writeText "synapse-init.sql" ''
 | 
					
						
							|  |  |  |           CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; | 
					
						
							|  |  |  |           CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" | 
					
						
							|  |  |  |             TEMPLATE template0 | 
					
						
							|  |  |  |             LC_COLLATE = "C" | 
					
						
							|  |  |  |             LC_CTYPE = "C"; | 
					
						
							|  |  |  |         '';
 | 
					
						
							| 
									
										
										
										
											2019-02-06 15:46:00 +01:00
										 |  |  |       }; | 
					
						
							| 
									
										
										
										
											2017-11-04 15:21:55 -03:00
										 |  |  |     }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-26 10:38:52 +02:00
										 |  |  |     serversqlite = args: { | 
					
						
							| 
									
										
										
										
											2019-02-06 15:46:00 +01:00
										 |  |  |       services.matrix-synapse = { | 
					
						
							|  |  |  |         enable = true; | 
					
						
							|  |  |  |         database_type = "sqlite3"; | 
					
						
							|  |  |  |         tls_certificate_path = "${cert}"; | 
					
						
							|  |  |  |         tls_private_key_path = "${key}"; | 
					
						
							|  |  |  |       }; | 
					
						
							| 
									
										
										
										
											2017-11-04 15:21:55 -03:00
										 |  |  |     }; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   testScript = ''
 | 
					
						
							| 
									
										
										
										
											2019-11-05 14:35:54 +01:00
										 |  |  |     start_all() | 
					
						
							|  |  |  |     serverpostgres.wait_for_unit("matrix-synapse.service") | 
					
						
							|  |  |  |     serverpostgres.wait_until_succeeds( | 
					
						
							| 
									
										
										
										
											2020-09-15 15:28:08 -07:00
										 |  |  |         "curl --fail -L --cacert ${ca_pem} https://localhost:8448/" | 
					
						
							| 
									
										
										
										
											2019-11-05 14:35:54 +01:00
										 |  |  |     ) | 
					
						
							|  |  |  |     serverpostgres.require_unit_state("postgresql.service") | 
					
						
							|  |  |  |     serversqlite.wait_for_unit("matrix-synapse.service") | 
					
						
							|  |  |  |     serversqlite.wait_until_succeeds( | 
					
						
							| 
									
										
										
										
											2020-09-15 15:28:08 -07:00
										 |  |  |         "curl --fail -L --cacert ${ca_pem} https://localhost:8448/" | 
					
						
							| 
									
										
										
										
											2019-11-05 14:35:54 +01:00
										 |  |  |     ) | 
					
						
							|  |  |  |     serversqlite.succeed("[ -e /var/lib/matrix-synapse/homeserver.db ]") | 
					
						
							| 
									
										
										
										
											2017-11-04 15:21:55 -03:00
										 |  |  |   '';
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | }) |