services: agate: Change variable names and add system test.

* doc/guix.texi (Web Services): Update documentation for agate-service-type.
* gnu/services/web.scm (agate-configuration): Rename certs, addr, lang and
central-conf variables.
* gnu/tests/web.scm (%test-agate): Add system test for agate-service-type.

Change-Id: Ie14814fca1d5158acd67899da0c3fc2c5b586c72
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Rodion Goritskov 2024-08-17 01:11:50 +04:00 committed by Ludovic Courtès
parent 25f22fd0e9
commit 61a7930cb0
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
3 changed files with 135 additions and 29 deletions

View file

@ -32963,16 +32963,19 @@ This is the type of the agate service, whose value should be an
(service agate-service-type
(agate-configuration
(content "/srv/gemini")
(certs "/srv/gemini-certs")))
(certificates "/srv/gemini-certs")))
@end lisp
The example above represents the minimal tweaking necessary to get Agate
up and running. Specifying the path to the certificate and key directory is
always necessary, as the Gemini protocol requires TLS by default.
If specified path is writable by Agate, and contains no valid key
and certificate, the Agate will try to generate them on the first start.
If specified directory is read-only - key and certificate should be pre-generated by user.
If specified @code{certificates} path is writable by Agate, and contains no
valid pre-generated key and certificate, the Agate will try to generate
them on the first start. In this case you should pass at least one
hostname using the @code{hostnames} option.
If specified directory is read-only - key and certificate should be
pre-generated by user.
To obtain a certificate and a key in a DER format, you could, for example,
use OpenSSL, running a commands similar to the following example:
@ -32986,7 +32989,7 @@ openssl req -x509 -key key.der -outform DER -days 3650 -out cert.der \
Of course, you'll have to replace @i{example.com} with your own domain
name, and then point the Agate configuration towards the path of the
directory with the generated key and certificate using the @code{certs} option.
directory with the generated key and certificate using the @code{certificates} option.
@end defvar
@ -33000,10 +33003,10 @@ The package object of the Agate server.
@item @code{content} (default: @file{"/srv/gemini"})
The directory from which Agate will serve files.
@item @code{certs} (default: @file{"/srv/gemini-certs"})
@item @code{certificates} (default: @file{"/srv/gemini-certs"})
Root of the certificate directory. Must be filled in with a value from the user.
@item @code{addr} (default: @code{'("0.0.0.0:1965" "[::]:1965")})
@item @code{addresses} (default: @code{'("[::]:1965" "0.0.0.0:1965")})
A list of the addresses to listen on.
@item @code{hostnames} (default: @code{'()})
@ -33011,7 +33014,7 @@ Virtual hosts for the Gemini server. If multiple values are
specified, corresponding directory names should be present in the @code{content}
directory. Optional.
@item @code{lang} (default: @code{#f})
@item @code{languages} (default: @code{#f})
RFC 4646 language code(s) for text/gemini documents. Optional.
@item @code{only-tls13?} (default: @code{#f})
@ -33021,7 +33024,7 @@ Set to @code{#t} to disable support for TLSv1.2.
Set to @code{#t} to serve secret files (files/directories starting with
a dot).
@item @code{central-conf?} (default: @code{#f})
@item @code{central-configuration?} (default: @code{#f})
Set to @code{#t} to look for the .meta configuration file in the @code{content}
root directory and will ignore @code{.meta} files in other directories

View file

@ -2186,20 +2186,20 @@ (define-record-type* <agate-configuration>
(default agate))
(content agate-configuration-content
(default "/srv/gemini"))
(certs agate-configuration-certs
(default "/srv/gemini-certs"))
(addr agate-configuration-addr
(default '("0.0.0.0:1965" "[::]:1965")))
(hostname agate-configuration-hostname
(default '()))
(lang agate-configuration-lang
(default #f))
(certificates agate-configuration-certificates
(default "/srv/gemini-certs"))
(addresses agate-configuration-addresses
(default '("[::]:1965" "0.0.0.0:1965")))
(hostnames agate-configuration-hostnames
(default '()))
(languages agate-configuration-languages
(default #f))
(only-tls13? agate-configuration-only-tls13
(default #f))
(serve-secret? agate-configuration-serve-secret
(default #f))
(central-conf? agate-configuration-central-conf
(default #f))
(central-configuration? agate-configuration-central-configuration
(default #f))
(ed25519? agate-configuration-ed25519
(default #f))
(skip-port-check? agate-configuration-skip-port-check
@ -2215,9 +2215,9 @@ (define-record-type* <agate-configuration>
(define agate-shepherd-service
(match-lambda
(($ <agate-configuration> package content certs addr
hostname lang only-tls13?
serve-secret? central-conf?
(($ <agate-configuration> package content certificates addresses
hostnames languages only-tls13?
serve-secret? central-configuration?
ed25519? skip-port-check?
log-ip? user group log-file)
(list (shepherd-service
@ -2228,19 +2228,19 @@ (define agate-shepherd-service
#~(make-forkexec-constructor
(list #$agate
"--content" #$content
"--certs" #$certs
"--certs" #$certificates
#$@(append-map
(lambda x (append '("--addr") x))
addr)
addresses)
#$@(append-map
(lambda x (append '("--hostname") x))
hostname)
#$@(if lang
(list "--lang" lang)
hostnames)
#$@(if languages
(list "--lang" languages)
'())
#$@(if serve-secret? '("--serve-secret") '())
#$@(if only-tls13? '("--only-tls13") '())
#$@(if central-conf? '("--central-conf") '())
#$@(if central-configuration? '("--central-conf") '())
#$@(if ed25519? '("--ed25519") '())
#$@(if skip-port-check? '("--skip-port-check") '())
#$@(if log-ip? '("--log-ip") '()))

View file

@ -34,8 +34,10 @@ (define-module (gnu tests web)
#:use-module (gnu services shepherd)
#:use-module (gnu services mail)
#:use-module (gnu packages databases)
#:use-module (gnu packages guile-xyz)
#:use-module (gnu packages patchutils)
#:use-module (gnu packages python)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module (guix packages)
#:use-module (guix modules)
@ -50,7 +52,8 @@ (define-module (gnu tests web)
%test-php-fpm
%test-hpcguix-web
%test-tailon
%test-patchwork))
%test-patchwork
%test-agate))
(define %index.html-contents
;; Contents of the /index.html file.
@ -657,3 +660,103 @@ (define %test-patchwork
(name "patchwork")
(description "Connect to a running Patchwork service.")
(value (run-patchwork-test patchwork))))
;;;
;;; Agate
;;;
(define %index.gmi-contents
;; Contents of the /index.gmi file.
"Hello, guix!")
(define %make-agate-root
;; Create our server root in /srv.
#~(begin
(mkdir "/srv")
(mkdir "/srv/gemini")
(mkdir "/srv/gemini-certs")
;; Directory should be writable for Agate user to generate certificates
(let ((user (getpw "agate")))
(chown "/srv/gemini-certs" (passwd:uid user) (passwd:gid user)))
(call-with-output-file (string-append "/srv/gemini/index.gmi")
(lambda (port)
(display #$%index.gmi-contents port)))))
(define %agate-os
(simple-operating-system
(service dhcp-client-service-type)
(simple-service 'make-agate-root activation-service-type
%make-agate-root)
(service agate-service-type
(agate-configuration
(hostnames '("localhost"))))))
(define* (run-agate-test name test-os expected-content)
(define os
(marionette-operating-system
test-os
#:imported-modules '((gnu services herd)
(guix combinators))
#:extensions (list guile-gemini guile-gnutls)))
(define forwarded-port 1965)
(define vm
(virtual-machine
(operating-system os)
(port-forwardings `((1965 . ,forwarded-port)))))
(define test
(with-imported-modules '((gnu build marionette))
#~(begin
(use-modules (srfi srfi-64)
(gnu build marionette))
(define marionette
(make-marionette (list #$vm)))
(test-runner-current (system-test-runner #$output))
(test-begin #$name)
(test-assert #$(string-append name " service running")
(marionette-eval
'(begin
(use-modules (gnu services herd))
(match (start-service '#$(string->symbol name))
(#f #f)
(('service response-parts ...)
(match (assq-ref response-parts 'running)
((#t) #t)
((pid) (number? pid))))))
marionette))
(test-assert "Agate TCP port ready, IPv4"
(wait-for-tcp-port #$forwarded-port marionette))
(test-assert "Agate TCP port ready, IPv6"
(wait-for-tcp-port #$forwarded-port marionette
#:address
'(make-socket-address
AF_INET6 (inet-pton AF_INET6 "::1") #$forwarded-port)))
(test-equal "Agate responses with the specified index.gmi"
#$expected-content
(marionette-eval '(begin
(use-modules (ice-9 iconv)
(gemini client)
(gemini request)
(gemini response))
(bytevector->string (gemini-response-body-bytes
(send-gemini-request
(build-gemini-request #:host "localhost" #:port #$forwarded-port)))
"utf8")) marionette))
(test-end))))
(gexp->derivation "agate-test" test))
(define %test-agate
(system-test
(name "agate")
(description "Connect to a running Agate service.")
(value (run-agate-test name %agate-os %index.gmi-contents))))