-
-
Notifications
You must be signed in to change notification settings - Fork 14.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
204 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
{ | ||
config, | ||
lib, | ||
pkgs, | ||
... | ||
}: | ||
let | ||
|
||
cfg = config.services.froide; | ||
format = pkgs.formats.toml { }; | ||
|
||
in { | ||
options.services.froide = { | ||
|
||
enable = lib.mkEnableOption "Gouvernment planer web app Govplan"; | ||
|
||
settings = lib.mkOption { | ||
default = { }; | ||
description = '' | ||
IMAP authentication configuration for rspamd-trainer. For supplying | ||
the IMAP password, use the `secrets` option. | ||
''; | ||
type = lib.types.submodule { | ||
freeformType = format.type; | ||
}; | ||
example = lib.literalExpression '' | ||
{ | ||
HOST = "localhost"; | ||
USERNAME = "spam@example.com"; | ||
INBOXPREFIX = "INBOX/"; | ||
} | ||
''; | ||
}; | ||
|
||
secrets = lib.mkOption { | ||
type = with lib.types; listOf path; | ||
description = '' | ||
A list of files containing the various secrets. Should be in the | ||
format expected by systemd's `EnvironmentFile` directory. For the | ||
IMAP account password use `PASSWORD = mypassword`. | ||
''; | ||
default = [ ]; | ||
}; | ||
|
||
}; | ||
|
||
config = lib.mkIf cfg.enable { | ||
|
||
services.postgresql = { | ||
enable = true; | ||
ensureDatabases = [ "froide" ]; | ||
ensureUsers = [ | ||
{ name = "froide"; | ||
ensureDBOwnership = true; | ||
} | ||
]; | ||
extraPlugins = ps: with ps; [ postgis ]; | ||
authentication = '' | ||
host froide froide localhost trust | ||
''; | ||
initialScript = pkgs.writeText "backend-initScript" '' | ||
ALTER USER froide WITH SUPERUSER; | ||
''; | ||
}; | ||
|
||
systemd.services = { | ||
|
||
postgresql.serviceConfig.ExecStartPost = | ||
let | ||
sqlFile = pkgs.writeText "froide-pgvectors-setup.sql" '' | ||
ALTER USER froide WITH SUPERUSER; | ||
#CREATE EXTENSION IF NOT EXISTS postgis; | ||
#ALTER SCHEMA govplan OWNER TO govplan; | ||
#ALTER EXTENSION govplan UPDATE; | ||
''; | ||
in | ||
[ | ||
'' | ||
${lib.getExe' config.services.postgresql.package "psql"} -d froide -f "${sqlFile}" | ||
'' | ||
]; | ||
|
||
froide = { | ||
description = "Gouvernment planer Govplan"; | ||
serviceConfig = { | ||
ExecStart = "${pkgs.froide}/bin/froide runserver 0.0.0.0:8000"; | ||
WorkingDirectory = "/var/lib/froide"; | ||
StateDirectory = [ "froide" ]; | ||
DynamicUser = true; | ||
EnvironmentFile = [ | ||
( format.generate "froide-env" cfg.settings ) | ||
cfg.secrets | ||
]; | ||
}; | ||
after = [ "postgresql.service" ]; | ||
wantedBy = [ "multi-user.target" ]; | ||
preStart = '' | ||
# FIXME adapt paperless-ngx check for new versions | ||
${pkgs.froide}/bin/froide migrate | ||
''; | ||
}; | ||
}; | ||
|
||
environment.systemPackages = [ pkgs.froide ]; | ||
|
||
}; | ||
|
||
meta.maintainers = with lib.maintainers; [ onny ]; | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
import ./make-test-python.nix ({ lib, ... }: { | ||
name = "paperless"; | ||
meta.maintainers = with lib.maintainers; [ leona SuperSandro2000 erikarvstedt ]; | ||
|
||
nodes = let self = { | ||
simple = { pkgs, ... }: { | ||
environment.systemPackages = with pkgs; [ imagemagick jq ]; | ||
services.paperless = { | ||
enable = true; | ||
passwordFile = builtins.toFile "password" "admin"; | ||
}; | ||
}; | ||
postgres = { config, pkgs, ... }: { | ||
imports = [ self.simple ]; | ||
services.postgresql = { | ||
enable = true; | ||
ensureDatabases = [ "paperless" ]; | ||
ensureUsers = [ | ||
{ name = config.services.paperless.user; | ||
ensureDBOwnership = true; | ||
} | ||
]; | ||
}; | ||
services.paperless.settings = { | ||
PAPERLESS_DBHOST = "/run/postgresql"; | ||
PAPERLESS_OCR_LANGUAGE = "deu"; | ||
}; | ||
}; | ||
}; in self; | ||
|
||
testScript = '' | ||
import json | ||
def test_paperless(node): | ||
node.wait_for_unit("paperless-consumer.service") | ||
with subtest("Add a document via the file system"): | ||
node.succeed( | ||
"convert -size 400x40 xc:white -font 'DejaVu-Sans' -pointsize 20 -fill black " | ||
"-annotate +5+20 'hello world 16-10-2005' /var/lib/paperless/consume/doc.png" | ||
) | ||
with subtest("Web interface gets ready"): | ||
node.wait_for_unit("paperless-web.service") | ||
# Wait until server accepts connections | ||
node.wait_until_succeeds("curl -fs localhost:28981") | ||
# Required for consuming documents via the web interface | ||
with subtest("Task-queue gets ready"): | ||
node.wait_for_unit("paperless-task-queue.service") | ||
with subtest("Add a png document via the web interface"): | ||
node.succeed( | ||
"convert -size 400x40 xc:white -font 'DejaVu-Sans' -pointsize 20 -fill black " | ||
"-annotate +5+20 'hello web 16-10-2005' /tmp/webdoc.png" | ||
) | ||
node.wait_until_succeeds("curl -u admin:admin -F document=@/tmp/webdoc.png -fs localhost:28981/api/documents/post_document/") | ||
with subtest("Add a txt document via the web interface"): | ||
node.succeed( | ||
"echo 'hello web 16-10-2005' > /tmp/webdoc.txt" | ||
) | ||
node.wait_until_succeeds("curl -u admin:admin -F document=@/tmp/webdoc.txt -fs localhost:28981/api/documents/post_document/") | ||
with subtest("Documents are consumed"): | ||
node.wait_until_succeeds( | ||
"(($(curl -u admin:admin -fs localhost:28981/api/documents/ | jq .count) == 3))" | ||
) | ||
docs = json.loads(node.succeed("curl -u admin:admin -fs localhost:28981/api/documents/"))['results'] | ||
assert "2005-10-16" in docs[0]['created'] | ||
assert "2005-10-16" in docs[1]['created'] | ||
assert "2005-10-16" in docs[2]['created'] | ||
# Detects gunicorn issues, see PR #190888 | ||
with subtest("Document metadata can be accessed"): | ||
metadata = json.loads(node.succeed("curl -u admin:admin -fs localhost:28981/api/documents/1/metadata/")) | ||
assert "original_checksum" in metadata | ||
metadata = json.loads(node.succeed("curl -u admin:admin -fs localhost:28981/api/documents/2/metadata/")) | ||
assert "original_checksum" in metadata | ||
metadata = json.loads(node.succeed("curl -u admin:admin -fs localhost:28981/api/documents/3/metadata/")) | ||
assert "original_checksum" in metadata | ||
test_paperless(simple) | ||
simple.send_monitor_command("quit") | ||
simple.wait_for_shutdown() | ||
test_paperless(postgres) | ||
''; | ||
}) |