nixosTests.redlib: mock OAuth endpoint (d4554ab8) · Commits · nix / nixpkgs

nixos/tests/common/acme/server/generate-certs.nix

+1 −4

Original line number	Diff line number	Diff line
		@@ -4,11 +4,8 @@
		pkgs ? import <nixpkgs> { },
		minica ? pkgs.minica,
		mkDerivation ? pkgs.stdenv.mkDerivation,
		domain ? (import ./snakeoil-certs.nix).domain,
		}:
		let
		conf = import ./snakeoil-certs.nix;
		domain = conf.domain;
		in
		mkDerivation {
		name = "test-certs";
		buildInputs = [

+22 −0

Original line number	Diff line number	Diff line
		{ lib, pkgs, ... }:
		let
		certs = import redlib/snakeoil-certs.nix;
		redditDomain = certs.domain;
		in
		{
		name = "redlib";
		meta.maintainers = with lib.maintainers; [
		@@ -7,6 +11,24 @@
		];

		nodes.machine = {
		# The test will hang if Redlib can't initialize its OAuth client, so we
		# provide it with a mock endpoint.
		networking.hosts."127.0.0.1" = [ redditDomain ];
		security.pki.certificates = [
		(builtins.readFile certs.ca.cert)
		];
		services.nginx = {
		enable = true;
		virtualHosts.${redditDomain} = {
		onlySSL = true;
		sslCertificate = certs.${redditDomain}.cert;
		sslCertificateKey = certs.${redditDomain}.key;
		locations."/auth/v2/oauth/access-token/loid".extraConfig = ''
		return 200 "{\"access_token\":\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\",\"expires_in\":0}";
		'';
		};
		};

		services.redlib = {
		package = pkgs.redlib;
		enable = true;

0 → 100644

+13 −0

Original line number	Diff line number	Diff line
		-----BEGIN CERTIFICATE-----
		MIIB/TCCAYKgAwIBAgIIR+NCHSDJCIAwCgYIKoZIzj0EAwMwIDEeMBwGA1UEAxMV
		bWluaWNhIHJvb3QgY2EgNDdlMzQyMCAXDTI1MTEwOTA2MjMwNFoYDzIxMjUxMTA5
		MDYyMzA0WjAgMR4wHAYDVQQDExVtaW5pY2Egcm9vdCBjYSA0N2UzNDIwdjAQBgcq
		hkjOPQIBBgUrgQQAIgNiAASo81ED5tomfR47qFXpan+0cBKP7eoAhAAkJeT9w/h2
		axpVVQ/X+rDFu1QbKDqE7lJ2j3Ue7eb/6Q5Zrt9MSFPDcQz7eFr6kX0S2u5AHO9z
		6E60gUNUwZBDBenr0P/uTQ6jgYYwgYMwDgYDVR0PAQH/BAQDAgKEMB0GA1UdJQQW
		MBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
		DgQWBBQuPLVPdRiEUCga2W3RKwL4diQVMDAfBgNVHSMEGDAWgBQuPLVPdRiEUCga
		2W3RKwL4diQVMDAKBggqhkjOPQQDAwNpADBmAjEAqG8PIYJ0CQG3CfLsQFpwDLmj
		DoEFgcRMkRQz4vtAQMpLhoo8VAPo7Vl+AAaZgRVPAjEA6XDte56Oou5qMj4Zkzi8
		EYIucHtYrfTNJOarDSYYvTlNrmuQ73KTP4Hxfd26TA2q
		-----END CERTIFICATE-----

0 → 100644

+6 −0

Original line number	Diff line number	Diff line
		-----BEGIN PRIVATE KEY-----
		MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBuuWbxl4uwwcIT0SvT
		jcQHDekytbQrLw4imrpfrAJmTdvyHcfEGiWuwscs36mq50WhZANiAASo81ED5tom
		fR47qFXpan+0cBKP7eoAhAAkJeT9w/h2axpVVQ/X+rDFu1QbKDqE7lJ2j3Ue7eb/
		6Q5Zrt9MSFPDcQz7eFr6kX0S2u5AHO9z6E60gUNUwZBDBenr0P/uTQ4=
		-----END PRIVATE KEY-----

0 → 100644

+17 −0

Original line number	Diff line number	Diff line
		# To generate cert files:
		# cp $(nix-build ../common/acme/server/generate-certs.nix --arg domain '(import ./snakeoil-certs.nix).domain' --no-out-link)/* .

		let
		domain = "www.reddit.com";
		in
		{
		inherit domain;
		ca = {
		cert = ./ca.cert.pem;
		key = ./ca.key.pem;
		};
		${domain} = {
		cert = ./${domain}.cert.pem;
		key = ./${domain}.key.pem;
		};
		}