From 05195040c0006c0601075ee092031f2c2d2d04e0 Mon Sep 17 00:00:00 2001 From: Marek Mahut Date: Mon, 30 Mar 2020 13:29:30 +0200 Subject: [PATCH 1/2] nixos/magic-wormhole-mailbox-server: init --- nixos/modules/module-list.nix | 1 + .../mail/magic-wormhole-mailbox-server.nix | 28 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 nixos/modules/services/mail/magic-wormhole-mailbox-server.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index c2a96c72d16..dafece285b6 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -394,6 +394,7 @@ ./services/mail/mailcatcher.nix ./services/mail/mailhog.nix ./services/mail/mailman.nix + ./services/mail/magic-wormhole-mailbox-server.nix ./services/mail/mlmmj.nix ./services/mail/offlineimap.nix ./services/mail/opendkim.nix diff --git a/nixos/modules/services/mail/magic-wormhole-mailbox-server.nix b/nixos/modules/services/mail/magic-wormhole-mailbox-server.nix new file mode 100644 index 00000000000..09d357cd2b6 --- /dev/null +++ b/nixos/modules/services/mail/magic-wormhole-mailbox-server.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.magic-wormhole-mailbox-server; + dataDir = "/var/lib/magic-wormhole-mailbox-server;"; + python = pkgs.python3.withPackages (py: [ py.magic-wormhole-mailbox-server py.twisted ]); +in +{ + options.services.magic-wormhole-mailbox-server = { + enable = mkEnableOption "Enable Magic Wormhole Mailbox Server"; + }; + + config = mkIf cfg.enable { + systemd.services.magic-wormhole-mailbox-server = { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + ExecStart = "${python}/bin/twistd --nodaemon wormhole-mailbox"; + WorkingDirectory = dataDir; + StateDirectory = baseNameOf dataDir; + }; + }; + + }; +} From af75bb17b984feb51b5100ceff355a28debcf699 Mon Sep 17 00:00:00 2001 From: Marek Mahut Date: Mon, 30 Mar 2020 13:30:05 +0200 Subject: [PATCH 2/2] nixos/tests: add magic-wormhole-mailbox-server --- nixos/tests/all-tests.nix | 1 + nixos/tests/magic-wormhole-mailbox-server.nix | 38 +++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 nixos/tests/magic-wormhole-mailbox-server.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index a84f2c5d261..2bdced6a3cc 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -170,6 +170,7 @@ in #logstash = handleTest ./logstash.nix {}; lorri = handleTest ./lorri/default.nix {}; magnetico = handleTest ./magnetico.nix {}; + magic-wormhole-mailbox-server = handleTest ./magic-wormhole-mailbox-server.nix {}; mailcatcher = handleTest ./mailcatcher.nix {}; mathics = handleTest ./mathics.nix {}; matomo = handleTest ./matomo.nix {}; diff --git a/nixos/tests/magic-wormhole-mailbox-server.nix b/nixos/tests/magic-wormhole-mailbox-server.nix new file mode 100644 index 00000000000..144a07e1349 --- /dev/null +++ b/nixos/tests/magic-wormhole-mailbox-server.nix @@ -0,0 +1,38 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "magic-wormhole-mailbox-server"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ mmahut ]; + }; + + nodes = { + server = { ... }: { + networking.firewall.allowedTCPPorts = [ 4000 ]; + services.magic-wormhole-mailbox-server.enable = true; + }; + + client_alice = { ... }: { + networking.firewall.enable = false; + environment.systemPackages = [ pkgs.magic-wormhole ]; + }; + + client_bob = { ... }: { + environment.systemPackages = [ pkgs.magic-wormhole ]; + }; + }; + + testScript = '' + start_all() + + # Start the wormhole relay server + server.wait_for_unit("magic-wormhole-mailbox-server.service") + server.wait_for_open_port(4000) + + # Create a secret file and send it to Bob + client_alice.succeed("echo mysecret > secretfile") + client_alice.succeed("wormhole --relay-url=ws://server:4000/v1 send -0 secretfile &") + + # Retrieve a secret file from Alice and check its content + client_bob.succeed("wormhole --relay-url=ws://server:4000/v1 receive -0 --accept-file") + client_bob.succeed("grep mysecret secretfile") + ''; +})