From 629531bdefad41e8839fa818e68bcf9a083466f8 Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Sat, 13 Aug 2022 22:33:38 +0300
Subject: NixOS module fixes and temporary fixes to the legacy configuration

---
 configuration.nix       | 30 +++++++++++-------------------
 distributed-test.nix    |  9 +++++----
 kittybox-rs/src/main.rs | 43 +++++++------------------------------------
 smoke-test.nix          |  8 +++-----
 4 files changed, 26 insertions(+), 64 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 411b7b2..87759c8 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -45,7 +45,7 @@ in {
         description = ''
           Set the backend used for storing data. Available backends are:
            - file:// - static folder backend (recommended)
-           - redis:// - Redis backend
+           - redis:// - Redis backend (currently unavailable)
 
           Make sure that if you are using the file backend, the state
           directory is accessible by Kittybox. By default, the unit config
@@ -55,20 +55,15 @@ in {
           directory to reside elsewhere.
         '';
       };
-      tokenEndpoint = mkOption {
-        type = types.str;
-        example = "https://tokens.indieauth.com/token";
-        description = "Token endpoint to use for authenticating Micropub requests. Use the example if you are unsure.";
-      };
-      authorizationEndpoint = mkOption {
-        type = types.str;
-        example = "https://indieauth.com/auth";
-        description = "Authorization endpoint to use to authenticate the user. You can use the default if you are unsure.";
-      };
-      mediaEndpoint = mkOption {
+      blobstoreUri = mkOption {
         type = types.nullOr types.str;
-        default = null;
-        description = "The URL of a media endpoint to announce when asked by a Micropub client. Strongly recommended if you plan to upload images.";
+        default = "file:///var/lib/kittybox/media";
+        description = ''
+          Set the backend used for the media endpoint storage. Available options are:
+            - file:// - content-addressed storage using flat files (recommended)
+
+          When using the file backend, check notes in the `backendUri` option too.
+        '';
       };
       microsubServer = mkOption {
         type = types.nullOr types.str;
@@ -117,8 +112,7 @@ in {
 
       restartTriggers = [
         cfg.package
-        cfg.backendUri cfg.tokenEndpoint
-        cfg.authorizationEndpoint
+        cfg.backendUri cfg.blobstoreUri
         cfg.internalTokenFile
         cfg.bind cfg.port
         cfg.cookieSecretFile
@@ -126,13 +120,11 @@ in {
 
       environment = {
         SERVE_AT = "${cfg.bind}:${builtins.toString cfg.port}";
-        AUTHORIZATION_ENDPOINT = cfg.authorizationEndpoint;
-        TOKEN_ENDPOINT = cfg.tokenEndpoint;
-        MEDIA_ENDPOINT = cfg.mediaEndpoint;
         MICROSUB_ENDPOINT = cfg.microsubServer;
         WEBMENTION_ENDPOINT = cfg.webmentionEndpoint;
         #REDIS_URI = if (cfg.redisUri == null) then "redis://127.0.0.1:6379/" else cfg.redisUri;
         BACKEND_URI = cfg.backendUri;
+        BLOBSTORE_URI = cfg.blobstoreUri;
         RUST_LOG = "${cfg.logLevel}";
         COOKIE_SECRET_FILE = "${cfg.cookieSecretFile}";
       };
diff --git a/distributed-test.nix b/distributed-test.nix
index 39a080b..11c2dba 100644
--- a/distributed-test.nix
+++ b/distributed-test.nix
@@ -7,9 +7,8 @@ kittybox:
 
     services.kittybox = {
       enable = true;
-      tokenEndpoint = "https://example.com";
-      authorizationEndpoint = "https://example.com";
-      backendUri = "file:///srv/kittybox";
+      backendUri = "file:///srv/kittybox/data";
+      blobstoreUri = "file:///srv/kittybox/media";
     };
 
     environment.systemPackages = with pkgs; [ xh ];
@@ -51,7 +50,9 @@ in {
         /srv 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,fsid=0)
       '';
       systemd.tmpfiles.rules = [
-        "d /srv/kittybox 1750 kittybox root -"
+        "d /srv/kittybox       1750 kittybox root -"
+        "d /srv/kittybox/data  1750 kittybox root -"
+        "d /srv/kittybox/media 1750 kittybox root -"
       ];
     };
     longiflorum = { config, pkgs, lib, ... }: {
diff --git a/kittybox-rs/src/main.rs b/kittybox-rs/src/main.rs
index 7a363b8..fcfc135 100644
--- a/kittybox-rs/src/main.rs
+++ b/kittybox-rs/src/main.rs
@@ -1,7 +1,6 @@
 use kittybox::database::FileStorage;
 use std::{env, time::Duration};
 use tracing::{debug, error, info};
-use url::Url;
 
 #[tokio::main]
 async fn main() {
@@ -24,40 +23,6 @@ async fn main() {
         }
     };
 
-    let token_endpoint: Url = match env::var("TOKEN_ENDPOINT") {
-        Ok(val) => {
-            debug!("Token endpoint: {}", val);
-            match Url::parse(&val) {
-                Ok(val) => val,
-                _ => {
-                    error!("Token endpoint URL cannot be parsed, aborting.");
-                    std::process::exit(1)
-                }
-            }
-        }
-        Err(_) => {
-            error!("TOKEN_ENDPOINT is not set, will not be able to authorize users!");
-            std::process::exit(1)
-        }
-    };
-
-    let authorization_endpoint: Url = match env::var("AUTHORIZATION_ENDPOINT") {
-        Ok(val) => {
-            debug!("Auth endpoint: {}", val);
-            match Url::parse(&val) {
-                Ok(val) => val,
-                _ => {
-                    error!("Authorization endpoint URL cannot be parsed, aborting.");
-                    std::process::exit(1)
-                }
-            }
-        }
-        Err(_) => {
-            error!("AUTHORIZATION_ENDPOINT is not set, will not be able to confirm token and ID requests using IndieAuth!");
-            std::process::exit(1)
-        }
-    };
-
     let listen_at = match env::var("SERVE_AT")
         .ok()
         .unwrap_or_else(|| "[::]:8080".to_string())
@@ -190,7 +155,13 @@ async fn main() {
             .merge(media)
             //.merge(indieauth)
             .merge(technical)
-            .layer(axum::Extension(kittybox::tokenauth::TokenEndpoint(token_endpoint)))
+            .layer(
+                axum::Extension(
+                    kittybox::tokenauth::TokenEndpoint(
+                        "https://tokens.indieauth.com/token".parse().unwrap()
+                    )
+                )
+            )
             .layer(tower::ServiceBuilder::new()
                    .layer(tower_http::trace::TraceLayer::new_for_http())
                    .into_inner())
diff --git a/smoke-test.nix b/smoke-test.nix
index 3965e7b..df7583e 100644
--- a/smoke-test.nix
+++ b/smoke-test.nix
@@ -8,11 +8,6 @@ kittybox:
 
       services.kittybox = {
         enable = true;
-        # It never actually contacts those endpoints anyway unless we use Micropub so it's fine!
-        # TODO: Once we have self-hosted software for those endpoints,
-        #       make an e2e test for common workflows (e.g. making a post)
-        tokenEndpoint = "https://example.com";
-        authorizationEndpoint = "https://example.com";
         logLevel = "info,kittybox=debug,retainer::cache=warn,h2=warn,rustls=warn";
       };
 
@@ -22,6 +17,9 @@ kittybox:
     };
   };
 
+  # TODO: Make e2e tests for authentication endpoints and such
+  # Potentially using WebDriver
+  # Could also be implemented with fantoccini
   testScript = ''
     with subtest("Verify that Kittybox started correctly..."):
         kittybox.wait_for_open_port(8080)
-- 
cgit 1.4.1