about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVika <vika@fireburn.ru>2022-05-24 12:58:15 +0300
committerVika <vika@fireburn.ru>2022-05-24 16:30:43 +0300
commitd0057b822858e5d31d0b80d61ec555dea9b71ace (patch)
treeaa9c6a39e1a6394b9f352b26e484adbae09122e2
parent7d25e1ed45c05c64c8783bb72f1f62e166b69783 (diff)
downloadkittybox-d0057b822858e5d31d0b80d61ec555dea9b71ace.tar.zst
flake.nix: make a test for distributed Kittybox
I said some boastful words about Kittybox being able to horizontally
scale and I wanted to prove them. This is the proof.

This test creates an NFS file server, then spawns three
VMs. Provisioning a website on one of them, it then queries the
website on all of the three machines. This shows that a shared backing
store can make Kittybox infinitely scale horizontally depending on how
much traffic you're getting.
-rw-r--r--distributed-test.nix89
-rw-r--r--flake.nix20
2 files changed, 105 insertions, 4 deletions
diff --git a/distributed-test.nix b/distributed-test.nix
new file mode 100644
index 0000000..9b62542
--- /dev/null
+++ b/distributed-test.nix
@@ -0,0 +1,89 @@
+# This doesn't seem to work for some reason. I wonder why.
+# The VMs themselves don't want to launch properly.
+kittybox:
+{ lib, system, ... }: let
+  kittyboxModule = { config, pkgs, lib, ... }: {
+    imports = [ kittybox.nixosModule commonModule ];
+
+    services.kittybox = {
+      enable = true;
+      tokenEndpoint = "https://example.com";
+      authorizationEndpoint = "https://example.com";
+      backendUri = "file:///srv/kittybox";
+    };
+
+    environment.systemPackages = with pkgs; [ xh curl ];
+
+    virtualisation.fileSystems."/srv" = {
+      fsType = "nfs";
+      options = [ "vers=4" ];
+      device = "primrose:/";
+    };
+
+    systemd.services.kittybox = {
+      bindsTo = [ "srv.mount" ];
+      after = [ "srv.mount" ];
+      serviceConfig = {
+        DynamicUser = lib.mkForce false;
+        User = "kittybox";
+        Group = "kittybox";
+      };
+    };
+  };
+  commonModule = {
+    users.users.kittybox = {
+      isSystemUser = true;
+      uid = 990;
+      group = "kittybox";
+    };
+    users.groups.kittybox.gid = 990;
+    networking.firewall.enable = false;
+  };
+in {
+  name = "kittybox-distributed";
+
+  nodes = {
+    primrose = { config, pkgs, lib, ... }: {
+      imports = [ commonModule ];
+      services.nfs.server.enable = true;
+      services.nfs.server.createMountPoints = true;
+      services.nfs.server.exports = ''
+        /srv 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,fsid=0)
+      '';
+      systemd.tmpfiles.rules = [
+        "d /srv/kittybox 1750 kittybox root -"
+      ];
+    };
+    longiflorum = { config, pkgs, lib, ... }: {
+      imports = [ kittyboxModule ];
+    };
+    amaranthus = { config, pkgs, lib, ... }: {
+      imports = [ kittyboxModule ];
+    };
+    hydrangea = { config, pkgs, lib, ... }: {
+      imports = [ kittyboxModule ];
+    };
+  };
+
+  testScript = ''
+    primary = primrose;
+    servants = [longiflorum, amaranthus, hydrangea];
+
+    primary.wait_for_unit("nfs-server")
+    primary.succeed("systemctl start network-online.target")
+    primary.wait_for_unit("network-online.target")
+
+    start_all()
+
+    for machine in servants:
+        machine.wait_for_open_port(8080)
+
+    # Onboarding
+    servants[0].copy_from_host("${./onboarding.json}", "/root/onboarding.json")
+    servants[0].succeed("curl -vvv http://localhost:8080/onboarding -d@/root/onboarding.json -H 'Content-Type: application/json'")
+
+    # Check that all machines got this address onboarded
+    for machine in servants:
+        machine.succeed("curl --silent http://localhost:8080/ | grep 'vestige of the past long gone'")
+  '';
+}
diff --git a/flake.nix b/flake.nix
index 900d879..4de70c6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -187,12 +187,25 @@
     };
     rust-bin = pkgs.rust-bin.stable.latest;
     packages = {
-      kittybox = { stdenv, lib, openssl, zlib, pkg-config, protobuf, naersk-lib, lld, mold }:
+      kittybox = { stdenv, lib, runCommandNoCC, openssl, zlib, pkg-config, protobuf, naersk-lib, lld, mold }:
       naersk-lib.buildPackage {
         pname = "kittybox";
         version = "0.1.0";
 
-        src = ./.;
+        /*src = builtins.filterSource (name: type: builtins.elem (builtins.elemAt (lib.splitString "/" name) 4) [
+          "Cargo.toml" "Cargo.lock"
+          "src" "templates" "util"
+          "fonts"
+        ]) ./.;*/
+        src = runCommandNoCC "kittybox-src" {} ''
+          mkdir -p $out
+          cp -r ${./Cargo.toml} $out/Cargo.toml
+          cp -r ${./Cargo.lock} $out/Cargo.lock
+          cp -r ${./src} $out/src
+          cp -r ${./templates} $out/templates
+          cp -r ${./util} $out/util
+          cp -r ${./fonts} $out/fonts
+        '';
 
         checkInputs = [ openssl.dev zlib ];
         nativeBuildInputs = [ pkg-config protobuf ];
@@ -200,8 +213,6 @@
 
         doCheck = stdenv.hostPlatform == stdenv.targetPlatform;
 
-        singleStep = true;
-
         meta = with lib.meta; {
           maintainers = with lib.maintainers; [ vikanezrimaya ];
           platforms = supportedSystems;
@@ -221,6 +232,7 @@
 
     checks = {
       kittybox = self.packages.${system}.kittybox;
+      distributed-test = pkgs.nixosTest (import ./distributed-test.nix self);
       nixos-test = (pkgs.nixosTest ({ lib }: {
         name = "nixos-kittybox";