Add unit tests container

6 files changed, 217 insertions, 0 deletions

diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix

index 559cd93..4663e95 100755
--- a/host/Rory-nginx/configuration.nix
+++ b/host/Rory-nginx/configuration.nix
@@ -34,5 +34,9 @@
     inherit pkgs lib conduit;
   };
 
+  containers."matrix_unit_tests" = import ./services/containers/matrix_unit_tests/container.nix {
+    inherit pkgs lib conduit;
+  };
+
   system.stateVersion = "22.11"; # DO NOT EDIT!
 }
diff --git a/host/Rory-nginx/services/containers/matrix_unit_tests/container.nix b/host/Rory-nginx/services/containers/matrix_unit_tests/container.nix
new file mode 100755

index 0000000..7c15e04
--- /dev/null
+++ b/host/Rory-nginx/services/containers/matrix_unit_tests/container.nix
@@ -0,0 +1,26 @@
+{ pkgs, lib, conduit, ... }:
+
+{
+  privateNetwork = true;
+  autoStart = true;
+  specialArgs = {
+    inherit conduit;
+  };  
+  config = { lib, pkgs, conduit, ... }: {
+    imports = [ ./root.nix ];
+    environment.etc."resolv.conf".text = ''
+      nameserver 8.8.8.8
+      nameserver 8.4.4.8
+      nameserver 1.1.1.1
+      nameserver 1.0.0.1
+      '';
+    networking.firewall = {
+      enable = true;
+      allowedTCPPorts = [ 80 ];  
+    };
+  };  
+  hostAddress = "192.168.100.12";
+  localAddress = "192.168.100.13";
+  hostAddress6 = "fc00::3";
+  localAddress6 = "fc00::4";
+}
\ No newline at end of file
diff --git a/host/Rory-nginx/services/containers/matrix_unit_tests/root.nix b/host/Rory-nginx/services/containers/matrix_unit_tests/root.nix
new file mode 100755

index 0000000..6ee6f26
--- /dev/null
+++ b/host/Rory-nginx/services/containers/matrix_unit_tests/root.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, lib, conduit, ... }:
+
+{
+  imports =
+    [
+      ./services/nginx.nix
+      ./services/conduit.nix
+      ./services/pantalaimon.nix
+    ];
+
+  environment.systemPackages = with pkgs; [
+    wget
+    neofetch
+    lnav
+    zsh
+    git
+    lsd
+    htop
+    btop
+    duf
+    kitty.terminfo
+    neovim
+    tmux
+    jq
+    yq
+    pv
+    dig
+    cloud-utils
+  ];
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+}
\ No newline at end of file
diff --git a/host/Rory-nginx/services/containers/matrix_unit_tests/services/conduit.nix b/host/Rory-nginx/services/containers/matrix_unit_tests/services/conduit.nix
new file mode 100755

index 0000000..5d41bc7
--- /dev/null
+++ b/host/Rory-nginx/services/containers/matrix_unit_tests/services/conduit.nix
@@ -0,0 +1,38 @@
+{ config, pkgs, lib, conduit, ... }:
+
+{
+  services.matrix-conduit = {
+    package = conduit.packages.${pkgs.system}.default;
+    enable = true;
+    settings.global = {
+      address = "127.0.0.1";
+      server_name = "matrix_unit_tests.rory.gay";
+      database_backend = "rocksdb";
+      enable_lightning_bolt = true;
+      max_concurrent_requests = 1000;
+      allow_check_for_updates = false;
+      allow_registration = true;
+      disable_federation = true;
+    };
+  };
+
+  systemd.services.matrix-conduit-reg-token = {
+    enable = true;
+    description = "Random registration token for Conduit.";
+    wantedBy = ["conduit.service"]; # So the registration can be used by Conduit.
+
+    script = ''
+      rm -rfv /var/lib/matrix-conduit/*
+      systemctl daemon-reload
+      systemctl try-restart conduit.service'';
+    serviceConfig = {
+      User = "root";
+      Group = "root";
+      IgnoreSIGPIPE = true;
+      Restart = "on-failure";
+    };
+  };
+
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
diff --git a/host/Rory-nginx/services/containers/matrix_unit_tests/services/nginx.nix b/host/Rory-nginx/services/containers/matrix_unit_tests/services/nginx.nix
new file mode 100755

index 0000000..9daaa8a
--- /dev/null
+++ b/host/Rory-nginx/services/containers/matrix_unit_tests/services/nginx.nix
@@ -0,0 +1,101 @@
+{ config, pkgs, lib, ... }:
+
+{
+  services = {
+    nginx = {
+      enable = true;
+      package = pkgs.nginxQuic;
+      recommendedProxySettings = true;
+      recommendedTlsSettings = true;
+      recommendedZstdSettings = true;
+      recommendedGzipSettings = true;
+      recommendedBrotliSettings = true;
+      recommendedOptimisation = true;
+      appendConfig = ''
+        worker_processes 16;
+        '';
+       eventsConfig = ''
+        #use kqueue;
+        worker_connections 512;
+        '';
+      appendHttpConfig = ''
+        #sendfile on;
+        disable_symlinks off;
+      '';
+      additionalModules = with pkgs.nginxModules; [
+        moreheaders
+      ];
+      virtualHosts = {
+        "matrix_unit_tests.rory.gay" = {
+          locations."/" = {
+            proxyPass = "http://127.0.0.1:6167"; 
+            extraConfig = ''
+              if ($request_method = 'OPTIONS') {
+                more_set_headers 'Access-Control-Allow-Origin: *';
+                more_set_headers 'Access-Control-Allow-Methods: *';
+                #
+                # Custom headers and headers various browsers *should* be OK with but aren't
+                #
+                more_set_headers 'Access-Control-Allow-Headers: *';
+                #
+                # Tell client that this pre-flight info is valid for 20 days
+                #
+                more_set_headers 'Access-Control-Max-Age: 1728000';
+                more_set_headers 'Content-Type: text/plain; charset=utf-8';
+                more_set_headers 'Content-Length: 0';
+                return 204;
+              }
+            '';
+          };
+          locations."= /.well-known/matrix/server".extraConfig = ''
+            more_set_headers 'Content-Type application/json';
+            more_set_headers 'Access-Control-Allow-Origin *';
+            return 200 '${builtins.toJSON {
+              "m.server" = "matrix_unit_tests.rory.gay:443";
+            }}';
+          ''; 
+          locations."= /.well-known/matrix/client".extraConfig = ''
+            more_set_headers 'Content-Type application/json';
+            more_set_headers 'Access-Control-Allow-Origin *';
+            return 200 '${builtins.toJSON {
+              "m.homeserver".base_url = "https://matrix_unit_tests.rory.gay";
+            }
+            }';
+          ''; 
+          locations."= /.well-known/matrix/support".extraConfig = ''
+            more_set_headers 'Content-Type application/json';
+            more_set_headers 'Access-Control-Allow-Origin *';
+            return 200 '${builtins.toJSON {
+              admins = [
+                  {
+                    matrix_id = "@emma:rory.gay";
+                    role = "admin";
+                  }
+                  {
+                    matrix_id = "@alicia:rory.gay";
+                    role = "admin";
+                  }
+                  {
+                    matrix_id = "@root:rory.gay";
+                    role = "admin";
+                  }
+                  {
+                    matrix_id = "@rory:rory.gay";
+                    role = "admin";
+                  }
+                ];
+              }
+            }';
+          '';
+        };
+      };
+    };
+  };
+  systemd.services.nginx.serviceConfig = {
+    LimitNOFILE=5000000;
+  };
+  security.acme.acceptTerms = true;
+  security.acme.defaults.email = "root@rory.gay";
+
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+}
diff --git a/host/Rory-nginx/services/containers/matrix_unit_tests/services/pantalaimon.nix b/host/Rory-nginx/services/containers/matrix_unit_tests/services/pantalaimon.nix
new file mode 100755

index 0000000..88b81a9
--- /dev/null
+++ b/host/Rory-nginx/services/containers/matrix_unit_tests/services/pantalaimon.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, lib, ... }:
+
+{
+  services.pantalaimon-headless = {
+    instances."localhost" = {
+      homeserver = "http://localhost:6167";
+      ssl = false;
+      extraSettings = {
+        "DropOldKeys" = true;
+        "UseKeyring" = false;
+      };
+    };
+  };
+
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+