From 629531bdefad41e8839fa818e68bcf9a083466f8 Mon Sep 17 00:00:00 2001 From: Vika Date: Sat, 13 Aug 2022 22:33:38 +0300 Subject: NixOS module fixes and temporary fixes to the legacy configuration --- configuration.nix | 30 +++++++++++------------------- distributed-test.nix | 9 +++++---- kittybox-rs/src/main.rs | 43 +++++++------------------------------------ smoke-test.nix | 8 +++----- 4 files changed, 26 insertions(+), 64 deletions(-) diff --git a/configuration.nix b/configuration.nix index 411b7b2..87759c8 100644 --- a/configuration.nix +++ b/configuration.nix @@ -45,7 +45,7 @@ in { description = '' Set the backend used for storing data. Available backends are: - file:// - static folder backend (recommended) - - redis:// - Redis backend + - redis:// - Redis backend (currently unavailable) Make sure that if you are using the file backend, the state directory is accessible by Kittybox. By default, the unit config @@ -55,20 +55,15 @@ in { directory to reside elsewhere. ''; }; - tokenEndpoint = mkOption { - type = types.str; - example = "https://tokens.indieauth.com/token"; - description = "Token endpoint to use for authenticating Micropub requests. Use the example if you are unsure."; - }; - authorizationEndpoint = mkOption { - type = types.str; - example = "https://indieauth.com/auth"; - description = "Authorization endpoint to use to authenticate the user. You can use the default if you are unsure."; - }; - mediaEndpoint = mkOption { + blobstoreUri = mkOption { type = types.nullOr types.str; - default = null; - description = "The URL of a media endpoint to announce when asked by a Micropub client. Strongly recommended if you plan to upload images."; + default = "file:///var/lib/kittybox/media"; + description = '' + Set the backend used for the media endpoint storage. Available options are: + - file:// - content-addressed storage using flat files (recommended) + + When using the file backend, check notes in the `backendUri` option too. + ''; }; microsubServer = mkOption { type = types.nullOr types.str; @@ -117,8 +112,7 @@ in { restartTriggers = [ cfg.package - cfg.backendUri cfg.tokenEndpoint - cfg.authorizationEndpoint + cfg.backendUri cfg.blobstoreUri cfg.internalTokenFile cfg.bind cfg.port cfg.cookieSecretFile @@ -126,13 +120,11 @@ in { environment = { SERVE_AT = "${cfg.bind}:${builtins.toString cfg.port}"; - AUTHORIZATION_ENDPOINT = cfg.authorizationEndpoint; - TOKEN_ENDPOINT = cfg.tokenEndpoint; - MEDIA_ENDPOINT = cfg.mediaEndpoint; MICROSUB_ENDPOINT = cfg.microsubServer; WEBMENTION_ENDPOINT = cfg.webmentionEndpoint; #REDIS_URI = if (cfg.redisUri == null) then "redis://127.0.0.1:6379/" else cfg.redisUri; BACKEND_URI = cfg.backendUri; + BLOBSTORE_URI = cfg.blobstoreUri; RUST_LOG = "${cfg.logLevel}"; COOKIE_SECRET_FILE = "${cfg.cookieSecretFile}"; }; diff --git a/distributed-test.nix b/distributed-test.nix index 39a080b..11c2dba 100644 --- a/distributed-test.nix +++ b/distributed-test.nix @@ -7,9 +7,8 @@ kittybox: services.kittybox = { enable = true; - tokenEndpoint = "https://example.com"; - authorizationEndpoint = "https://example.com"; - backendUri = "file:///srv/kittybox"; + backendUri = "file:///srv/kittybox/data"; + blobstoreUri = "file:///srv/kittybox/media"; }; environment.systemPackages = with pkgs; [ xh ]; @@ -51,7 +50,9 @@ in { /srv 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,fsid=0) ''; systemd.tmpfiles.rules = [ - "d /srv/kittybox 1750 kittybox root -" + "d /srv/kittybox 1750 kittybox root -" + "d /srv/kittybox/data 1750 kittybox root -" + "d /srv/kittybox/media 1750 kittybox root -" ]; }; longiflorum = { config, pkgs, lib, ... }: { diff --git a/kittybox-rs/src/main.rs b/kittybox-rs/src/main.rs index 7a363b8..fcfc135 100644 --- a/kittybox-rs/src/main.rs +++ b/kittybox-rs/src/main.rs @@ -1,7 +1,6 @@ use kittybox::database::FileStorage; use std::{env, time::Duration}; use tracing::{debug, error, info}; -use url::Url; #[tokio::main] async fn main() { @@ -24,40 +23,6 @@ async fn main() { } }; - let token_endpoint: Url = match env::var("TOKEN_ENDPOINT") { - Ok(val) => { - debug!("Token endpoint: {}", val); - match Url::parse(&val) { - Ok(val) => val, - _ => { - error!("Token endpoint URL cannot be parsed, aborting."); - std::process::exit(1) - } - } - } - Err(_) => { - error!("TOKEN_ENDPOINT is not set, will not be able to authorize users!"); - std::process::exit(1) - } - }; - - let authorization_endpoint: Url = match env::var("AUTHORIZATION_ENDPOINT") { - Ok(val) => { - debug!("Auth endpoint: {}", val); - match Url::parse(&val) { - Ok(val) => val, - _ => { - error!("Authorization endpoint URL cannot be parsed, aborting."); - std::process::exit(1) - } - } - } - Err(_) => { - error!("AUTHORIZATION_ENDPOINT is not set, will not be able to confirm token and ID requests using IndieAuth!"); - std::process::exit(1) - } - }; - let listen_at = match env::var("SERVE_AT") .ok() .unwrap_or_else(|| "[::]:8080".to_string()) @@ -190,7 +155,13 @@ async fn main() { .merge(media) //.merge(indieauth) .merge(technical) - .layer(axum::Extension(kittybox::tokenauth::TokenEndpoint(token_endpoint))) + .layer( + axum::Extension( + kittybox::tokenauth::TokenEndpoint( + "https://tokens.indieauth.com/token".parse().unwrap() + ) + ) + ) .layer(tower::ServiceBuilder::new() .layer(tower_http::trace::TraceLayer::new_for_http()) .into_inner()) diff --git a/smoke-test.nix b/smoke-test.nix index 3965e7b..df7583e 100644 --- a/smoke-test.nix +++ b/smoke-test.nix @@ -8,11 +8,6 @@ kittybox: services.kittybox = { enable = true; - # It never actually contacts those endpoints anyway unless we use Micropub so it's fine! - # TODO: Once we have self-hosted software for those endpoints, - # make an e2e test for common workflows (e.g. making a post) - tokenEndpoint = "https://example.com"; - authorizationEndpoint = "https://example.com"; logLevel = "info,kittybox=debug,retainer::cache=warn,h2=warn,rustls=warn"; }; @@ -22,6 +17,9 @@ kittybox: }; }; + # TODO: Make e2e tests for authentication endpoints and such + # Potentially using WebDriver + # Could also be implemented with fantoccini testScript = '' with subtest("Verify that Kittybox started correctly..."): kittybox.wait_for_open_port(8080) -- cgit 1.4.1