Loading nixos/modules/services/web-apps/glitchtip.nix +10 −1 Original line number Diff line number Diff line Loading @@ -58,6 +58,12 @@ in default = 8000; }; stateDir = lib.mkOption { type = lib.types.path; description = "State directory of glitchtip."; default = "/var/lib/glitchtip"; }; settings = lib.mkOption { description = '' Configuration of GlitchTip. See <https://glitchtip.com/documentation/install#configuration> for more information. Loading Loading @@ -189,6 +195,7 @@ in StateDirectory = "glitchtip"; EnvironmentFile = cfg.environmentFiles; WorkingDirectory = "${pkg}/lib/glitchtip"; BindPaths = [ "${cfg.stateDir}/uploads:${pkg}/lib/glitchtip/uploads" ]; # hardening AmbientCapabilities = ""; Loading Loading @@ -220,6 +227,7 @@ in "@system-service" "~@privileged" "~@resources" "@chown" ]; UMask = "0077"; }; Loading Loading @@ -271,7 +279,6 @@ in users.users = lib.mkIf (cfg.user == "glitchtip") { glitchtip = { home = "/var/lib/glitchtip"; group = cfg.group; extraGroups = lib.optionals cfg.redis.createLocally [ "redis-glitchtip" ]; isSystemUser = true; Loading @@ -280,6 +287,8 @@ in users.groups = lib.mkIf (cfg.group == "glitchtip") { glitchtip = { }; }; systemd.tmpfiles.settings.glitchtip."${cfg.stateDir}/uploads".d = { inherit (cfg) user group; }; environment.systemPackages = let glitchtip-manage = pkgs.writeShellScriptBin "glitchtip-manage" '' Loading nixos/tests/glitchtip.nix +69 −58 Original line number Diff line number Diff line Loading @@ -42,7 +42,9 @@ in ]; }; testScript = '' testScript = { nodes, ... }: # python '' import json import re import time Loading Loading @@ -99,5 +101,14 @@ in assert len(resp) == 1 assert resp[0]["title"] == "hello world" assert int(resp[0]["count"]) == 1 # create api token csrf_token = machine.succeed(f"grep csrftoken {cookie_jar_path} | cut -f7").rstrip() resp = json.loads(machine.succeed(f"{curl} {origin_url}/api/0/api-tokens/ -s -H 'X-Csrftoken: {csrf_token}' -H 'Content-Type: application/json' -d '{{\"label\":\"token\",\"scopes\":[\"project:write\"]}}'")) token = resp["token"] # upload sourcemaps machine.succeed(f"sentry-cli --url {origin_url} --auth-token {token} sourcemaps upload --org main --project test ${nodes.machine.services.glitchtip.package.frontend}/*.map") assert machine.succeed("ls /var/lib/glitchtip/uploads/file_blobs/").strip() ''; } Loading
nixos/modules/services/web-apps/glitchtip.nix +10 −1 Original line number Diff line number Diff line Loading @@ -58,6 +58,12 @@ in default = 8000; }; stateDir = lib.mkOption { type = lib.types.path; description = "State directory of glitchtip."; default = "/var/lib/glitchtip"; }; settings = lib.mkOption { description = '' Configuration of GlitchTip. See <https://glitchtip.com/documentation/install#configuration> for more information. Loading Loading @@ -189,6 +195,7 @@ in StateDirectory = "glitchtip"; EnvironmentFile = cfg.environmentFiles; WorkingDirectory = "${pkg}/lib/glitchtip"; BindPaths = [ "${cfg.stateDir}/uploads:${pkg}/lib/glitchtip/uploads" ]; # hardening AmbientCapabilities = ""; Loading Loading @@ -220,6 +227,7 @@ in "@system-service" "~@privileged" "~@resources" "@chown" ]; UMask = "0077"; }; Loading Loading @@ -271,7 +279,6 @@ in users.users = lib.mkIf (cfg.user == "glitchtip") { glitchtip = { home = "/var/lib/glitchtip"; group = cfg.group; extraGroups = lib.optionals cfg.redis.createLocally [ "redis-glitchtip" ]; isSystemUser = true; Loading @@ -280,6 +287,8 @@ in users.groups = lib.mkIf (cfg.group == "glitchtip") { glitchtip = { }; }; systemd.tmpfiles.settings.glitchtip."${cfg.stateDir}/uploads".d = { inherit (cfg) user group; }; environment.systemPackages = let glitchtip-manage = pkgs.writeShellScriptBin "glitchtip-manage" '' Loading
nixos/tests/glitchtip.nix +69 −58 Original line number Diff line number Diff line Loading @@ -42,7 +42,9 @@ in ]; }; testScript = '' testScript = { nodes, ... }: # python '' import json import re import time Loading Loading @@ -99,5 +101,14 @@ in assert len(resp) == 1 assert resp[0]["title"] == "hello world" assert int(resp[0]["count"]) == 1 # create api token csrf_token = machine.succeed(f"grep csrftoken {cookie_jar_path} | cut -f7").rstrip() resp = json.loads(machine.succeed(f"{curl} {origin_url}/api/0/api-tokens/ -s -H 'X-Csrftoken: {csrf_token}' -H 'Content-Type: application/json' -d '{{\"label\":\"token\",\"scopes\":[\"project:write\"]}}'")) token = resp["token"] # upload sourcemaps machine.succeed(f"sentry-cli --url {origin_url} --auth-token {token} sourcemaps upload --org main --project test ${nodes.machine.services.glitchtip.package.frontend}/*.map") assert machine.succeed("ls /var/lib/glitchtip/uploads/file_blobs/").strip() ''; }
