diff --git a/modules/services/home-assistant.nix b/modules/services/home-assistant.nix index fa12881..c9b7949 100644 --- a/modules/services/home-assistant.nix +++ b/modules/services/home-assistant.nix @@ -315,6 +315,7 @@ in "f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass" "f ${config.services.home-assistant.configDir}/scenes.yaml 0755 hass hass" "f ${config.services.home-assistant.configDir}/scripts.yaml 0755 hass hass" + "d /var/lib/hass/backups 0750 hass hass" ]; }; } diff --git a/test/common.nix b/test/common.nix index c89d2a3..f74c8fe 100644 --- a/test/common.nix +++ b/test/common.nix @@ -4,9 +4,8 @@ let (pkgs.path + "/nixos/modules/profiles/headless.nix") (pkgs.path + "/nixos/modules/profiles/qemu-guest.nix") ]; -in -{ - accessScript = { + + accessScript = lib.makeOverridable ({ subdomain , domain , hasSSL @@ -95,9 +94,23 @@ in lib.optionalString (script != "") '' with subtest("extraScript"): ${indent 4 script} - ''); + '')); + + backupScript = args: (accessScript args).override { + extraScript = { proto_fqdn, ... }: '' + with subtest("backup"): + server.succeed("systemctl start restic-backups-testinstance_opt_repos_A") + ''; + }; +in +{ + inherit baseImports accessScript; - inherit baseImports; + mkScripts = args: + { + access = accessScript args; + backup = backupScript args; + }; base = pkgs: additionalModules: { imports = @@ -115,6 +128,30 @@ in networking.firewall.allowedTCPPorts = [ 80 443 ]; }; + backup = backupOption: { config, ... }: { + imports = [ + ../modules/blocks/restic.nix + ]; + shb.restic.instances."testinstance" = { + request = backupOption.request; + settings = { + enable = true; + passphrase.result = config.shb.hardcodedsecret.backupPassphrase.result; + repository = { + path = "/opt/repos/A"; + timerConfig = { + OnCalendar = "00:00:00"; + RandomizedDelaySec = "5h"; + }; + }; + }; + }; + shb.hardcodedsecret.backupPassphrase = { + request = config.shb.restic.instances."testinstance".settings.passphrase.request; + settings.content = "PassPhrase"; + }; + }; + certs = domain: { config, ... }: { imports = [ ../modules/blocks/ssl.nix diff --git a/test/services/forgejo.nix b/test/services/forgejo.nix index df26b3a..fdd725c 100644 --- a/test/services/forgejo.nix +++ b/test/services/forgejo.nix @@ -9,7 +9,7 @@ let adminPassword = "AdminPassword"; - commonTestScript = testLib.accessScript { + commonTestScript = testLib.mkScripts { inherit subdomain domain; hasSSL = { node, ... }: !(isNull node.config.shb.forgejo.ssl); waitForServices = { ... }: [ @@ -111,7 +111,23 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; + }; + + backup = pkgs.testers.runNixOSTest { + name = "forgejo_backup"; + + nodes.server = { config, ... }: { + imports = [ + base + basic + (testLib.backup config.shb.forgejo.backup) + ]; + }; + + nodes.client = {}; + + testScript = commonTestScript.backup; }; https = pkgs.testers.runNixOSTest { @@ -128,7 +144,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; ldap = pkgs.testers.runNixOSTest { @@ -145,7 +161,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; sso = pkgs.testers.runNixOSTest { @@ -165,6 +181,6 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; } diff --git a/test/services/home-assistant.nix b/test/services/home-assistant.nix index d56df14..296e164 100644 --- a/test/services/home-assistant.nix +++ b/test/services/home-assistant.nix @@ -7,7 +7,7 @@ let subdomain = "ha"; domain = "example.com"; - commonTestScript = lib.makeOverridable testLib.accessScript { + commonTestScript = testLib.mkScripts { inherit subdomain domain; hasSSL = { node, ... }: !(isNull node.config.shb.home-assistant.ssl); waitForServices = { ... }: [ @@ -78,7 +78,23 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; + }; + + backup = pkgs.testers.runNixOSTest { + name = "homeassistant_backup"; + + nodes.server = { config, ... }: { + imports = [ + base + basic + (testLib.backup config.shb.home-assistant.backup) + ]; + }; + + nodes.client = {}; + + testScript = commonTestScript.backup; }; https = pkgs.testers.runNixOSTest { @@ -95,7 +111,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; ldap = pkgs.testers.runNixOSTest { @@ -112,7 +128,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; # Not yet supported @@ -133,6 +149,6 @@ in # # nodes.client = {}; # - # testScript = commonTestScript; + # testScript = commonTestScript.access; # }; } diff --git a/test/services/jellyfin.nix b/test/services/jellyfin.nix index b97873b..ca3d6aa 100644 --- a/test/services/jellyfin.nix +++ b/test/services/jellyfin.nix @@ -7,7 +7,7 @@ let subdomain = "j"; domain = "example.com"; - commonTestScript = testLib.accessScript { + commonTestScript = testLib.mkScripts { inherit subdomain domain; hasSSL = { node, ... }: !(isNull node.config.shb.jellyfin.ssl); waitForServices = { ... }: [ @@ -87,7 +87,23 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; + }; + + backup = pkgs.testers.runNixOSTest { + name = "jellyfin_backup"; + + nodes.server = { config, ... }: { + imports = [ + base + basic + (testLib.backup config.shb.jellyfin.backup) + ]; + }; + + nodes.client = {}; + + testScript = commonTestScript.backup; }; https = pkgs.testers.runNixOSTest { @@ -104,7 +120,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; ldap = pkgs.testers.runNixOSTest { @@ -121,7 +137,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; sso = pkgs.testers.runNixOSTest { @@ -141,6 +157,6 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; } diff --git a/test/services/nextcloud.nix b/test/services/nextcloud.nix index e0fcb36..52c847f 100644 --- a/test/services/nextcloud.nix +++ b/test/services/nextcloud.nix @@ -11,7 +11,7 @@ let testLib = pkgs.callPackage ../common.nix {}; - commonTestScript = lib.makeOverridable testLib.accessScript { + commonTestScript = testLib.mkScripts { inherit subdomain domain; hasSSL = { node, ... }: !(isNull node.config.shb.nextcloud.ssl); waitForServices = { ... }: [ @@ -227,7 +227,23 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; + }; + + backup = pkgs.testers.runNixOSTest { + name = "nextcloud_backup"; + + nodes.server = { config, ... }: { + imports = [ + base + basic + (testLib.backup config.shb.nextcloud.backup) + ]; + }; + + nodes.client = {}; + + testScript = commonTestScript.backup; }; https = pkgs.testers.runNixOSTest { @@ -245,7 +261,7 @@ in nodes.client = {}; # TODO: Test login - testScript = commonTestScript; + testScript = commonTestScript.access; }; previewGenerator = pkgs.testers.runNixOSTest { @@ -263,7 +279,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; externalStorage = pkgs.testers.runNixOSTest { @@ -281,7 +297,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; ldap = pkgs.testers.runNixOSTest { @@ -300,7 +316,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; sso = pkgs.testers.runNixOSTest { @@ -321,6 +337,6 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; } diff --git a/test/services/vaultwarden.nix b/test/services/vaultwarden.nix index 95a16c6..6524f12 100644 --- a/test/services/vaultwarden.nix +++ b/test/services/vaultwarden.nix @@ -7,7 +7,7 @@ let subdomain = "v"; domain = "example.com"; - commonTestScript = lib.makeOverridable testLib.accessScript { + commonTestScript = testLib.mkScripts { inherit subdomain domain; hasSSL = { node, ... }: !(isNull node.config.shb.vaultwarden.ssl); waitForServices = { ... }: [ @@ -93,30 +93,6 @@ let authEndpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}"; }; }; - - backup = { config, ... }: { - imports = [ - ../../modules/blocks/restic.nix - ]; - shb.restic.instances."testinstance" = { - request = config.shb.vaultwarden.backup.request; - settings = { - enable = true; - passphrase.result = config.shb.hardcodedsecret.backupPassphrase.result; - repository = { - path = "/opt/repos/A"; - timerConfig = { - OnCalendar = "00:00:00"; - RandomizedDelaySec = "5h"; - }; - }; - }; - }; - shb.hardcodedsecret.backupPassphrase = { - request = config.shb.restic.instances."testinstance".settings.passphrase.request; - settings.content = "PassPhrase"; - }; - }; in { basic = pkgs.testers.runNixOSTest { @@ -131,7 +107,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; https = pkgs.testers.runNixOSTest { @@ -148,7 +124,7 @@ in nodes.client = {}; - testScript = commonTestScript; + testScript = commonTestScript.access; }; # Not yet supported @@ -164,7 +140,7 @@ in # # nodes.client = {}; # - # testScript = commonTestScript; + # testScript = commonTestScript.access; # }; sso = pkgs.testers.runNixOSTest { @@ -184,7 +160,7 @@ in nodes.client = {}; - testScript = commonTestScript.override { + testScript = commonTestScript.access.override { waitForPorts = { node, ... }: [ 8222 5432 @@ -211,17 +187,12 @@ in imports = [ base basic - backup + (testLib.backup config.shb.vaultwarden.backup) ]; }; nodes.client = {}; - testScript = commonTestScript.override { - extraScript = { proto_fqdn, ... }: '' - with subtest("backup"): - server.succeed("systemctl start restic-backups-testinstance_opt_repos_A") - ''; - }; + testScript = commonTestScript.backup; }; }