attempt to access garage storage correctly
nginx was trying to access the files on disk, rather than via s3 storage
This commit is contained in:
parent
5d504d0879
commit
dc06c54c31
|
@ -2,7 +2,6 @@
|
|||
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
services.pixelfed = {
|
||||
enable = true;
|
||||
domain = "pixelfed.localhost";
|
||||
# TODO: secrets management!
|
||||
secretFile = pkgs.writeText "secrets.env" ''
|
||||
|
@ -14,7 +13,9 @@
|
|||
};
|
||||
# I feel like this should have an `enable` option and be configured via `services.nginx` rather than mirroring those options in services.pixelfed.nginx
|
||||
# TODO: If that indeed makes sense, upstream it.
|
||||
nginx = {};
|
||||
nginx = {
|
||||
locations."/storage/".proxyPass = "http://pixelfed.web.garage.localhost:3902/public/";
|
||||
};
|
||||
};
|
||||
virtualisation.memorySize = 2048;
|
||||
virtualisation.forwardPorts = [
|
||||
|
|
|
@ -32,6 +32,8 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
services.pixelfed.enable = true;
|
||||
|
||||
# TODO: factor these out so we're only defining e.g. s3.garage.localhost and port 3900 in one place
|
||||
services.pixelfed.settings = {
|
||||
FILESYSTEM_CLOUD = "s3";
|
||||
|
|
|
@ -12,11 +12,13 @@ let
|
|||
from selenium.webdriver.support.wait import WebDriverWait
|
||||
from selenium.webdriver.chrome.options import Options
|
||||
|
||||
print("starting selenium script")
|
||||
|
||||
email = sys.argv[1]
|
||||
password = sys.argv[2]
|
||||
|
||||
green_path = "${./green.png}"
|
||||
screenshot_path = "/screenshot.png"
|
||||
screenshot_path = "/home/seleniumUser/screenshot.png"
|
||||
|
||||
# Create and configure driver. It is important to set the window size such that
|
||||
# the “Create New Post” button is visible.
|
||||
|
@ -62,10 +64,12 @@ let
|
|||
)
|
||||
)
|
||||
print("Take screenshot...")
|
||||
driver.save_screenshot(screenshot_path)
|
||||
if not driver.save_screenshot(screenshot_path):
|
||||
raise Exception("selenium could not save screenshot")
|
||||
|
||||
# All done ^-^
|
||||
print("Quitting...")
|
||||
driver.quit()
|
||||
print("All done!")
|
||||
'';
|
||||
in
|
||||
pkgs.nixosTest {
|
||||
|
@ -77,11 +81,16 @@ pkgs.nixosTest {
|
|||
memorySize = lib.mkVMOverride 8192;
|
||||
cores = 8;
|
||||
};
|
||||
imports = with self.nixosModules; [ garage pixelfed pixelfed-vm ];
|
||||
imports = with self.nixosModules; [
|
||||
garage
|
||||
pixelfed
|
||||
pixelfed-vm
|
||||
];
|
||||
# TODO: pair down
|
||||
environment.systemPackages = with pkgs; [
|
||||
python3
|
||||
chromium
|
||||
chromedriver
|
||||
xh
|
||||
seleniumScript
|
||||
helix
|
||||
|
@ -89,8 +98,12 @@ pkgs.nixosTest {
|
|||
];
|
||||
environment.variables = {
|
||||
POST_MEDIA = ./green.png;
|
||||
AWS_ACCESS_KEY_ID = config.services.garage.ensureKeys.pixelfed.id;
|
||||
AWS_SECRET_ACCESS_KEY = config.services.garage.ensureKeys.pixelfed.secret;
|
||||
# AWS_ACCESS_KEY_ID = config.services.garage.ensureKeys.pixelfed.id;
|
||||
# AWS_SECRET_ACCESS_KEY = config.services.garage.ensureKeys.pixelfed.secret;
|
||||
};
|
||||
# chrome does not like being run as root
|
||||
users.users.seleniumUser = {
|
||||
isNormalUser = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -137,14 +150,14 @@ pkgs.nixosTest {
|
|||
# server.succeed("toot post --media $POST_MEDIA")
|
||||
|
||||
# with subtest("access garage"):
|
||||
# server.succeed("mc alias set garage http://s3.garage.localhost:3900 --api s3v4 --path off $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY")
|
||||
# server.succeed("mc ls garage/mastodon")
|
||||
# server.succeed("mc alias set pixelfed http://s3.garage.localhost:3900 --api s3v4 --path off $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY")
|
||||
# server.succeed("mc ls garage/pixelfed")
|
||||
|
||||
# with subtest("access image in garage"):
|
||||
# image = server.succeed("mc find garage --regex original")
|
||||
# image = image.rstrip()
|
||||
# if image == "":
|
||||
# raise Exception("image posted to mastodon did not get stored in garage")
|
||||
# raise Exception("image posted to pixelfed did not get stored in garage")
|
||||
# server.succeed(f"mc cat {image} >/garage-image.webp")
|
||||
# garage_image_hash = server.succeed("identify -quiet -format '%#' /garage-image.webp")
|
||||
# image_hash = server.succeed("identify -quiet -format '%#' $POST_MEDIA")
|
||||
|
@ -152,7 +165,7 @@ pkgs.nixosTest {
|
|||
# raise Exception("image stored in garage did not match image uploaded")
|
||||
|
||||
# with subtest("Content security policy allows garage images"):
|
||||
# headers = server.succeed("xh -h http://masstodon.localhost:55001/public/local")
|
||||
# headers = server.succeed("xh -h http://mastodon.localhost:55001/public/local")
|
||||
# csp_match = None
|
||||
# # I can't figure out re.MULTILINE
|
||||
# for header in headers.split("\n"):
|
||||
|
@ -160,21 +173,21 @@ pkgs.nixosTest {
|
|||
# if csp_match is not None:
|
||||
# break
|
||||
# if csp_match is None:
|
||||
# raise Exception("mastodon did not send a content security policy header")
|
||||
# raise Exception("pixelfed did not send a content security policy header")
|
||||
# csp = csp_match.group(1)
|
||||
# # the img-src content security policy should include the garage server
|
||||
# garage_csp = re.match(".*; img-src[^;]*web\.garage\.localhost:3902.*", csp)
|
||||
# if garage_csp is None:
|
||||
# raise Exception("Mastodon's content security policy does not include garage server. image will not be displayed properly on mastodon.")
|
||||
# raise Exception("Pixelfed's content security policy does not include garage server. image will not be displayed properly on pixelfed.")
|
||||
|
||||
# NOTE: This could in theory give a false positive if pixelfed changes it's
|
||||
# colorscheme to include pure green. (see same problem in mastodon-garage.nix).
|
||||
# colorscheme to include pure green. (see same problem in pixelfed-garage.nix).
|
||||
# TODO: For instance: post a red image and check that the green pixel IS NOT
|
||||
# there, then post a green image and check that the green pixel IS there.
|
||||
|
||||
with subtest("image displays"):
|
||||
server.succeed(f"selenium-script test@test.com {password}")
|
||||
server.copy_from_vm("/screenshot.png", "")
|
||||
server.succeed(f"su - seleniumUser -c 'selenium-script test@test.com {password}'")
|
||||
server.copy_from_vm("/home/seleniumUser/screenshot.png", "")
|
||||
displayed_colors = server.succeed("convert /screenshot.png -define histogram:unique-colors=true -format %c histogram:info:")
|
||||
# check that the green image displayed somewhere
|
||||
green_check = re.match(".*#00FF00.*", displayed_colors, re.S)
|
||||
|
|
Reference in a new issue