diff --git a/nixos/tests/searx.nix b/nixos/tests/searx.nix index 36ba30c8ea42..0008424f068b 100644 --- a/nixos/tests/searx.nix +++ b/nixos/tests/searx.nix @@ -1,4 +1,4 @@ -{ pkgs, ...} : +{ pkgs, ... }: { name = "searx"; @@ -7,104 +7,108 @@ }; # basic setup: searx running the built-in webserver - nodes.base = { ... }: { - services.searx = { - enable = true; - environmentFile = pkgs.writeText "secrets" '' - WOLFRAM_API_KEY = sometoken - SEARX_SECRET_KEY = somesecret - ''; + nodes.base = + { ... }: + { + services.searx = { + enable = true; + environmentFile = pkgs.writeText "secrets" '' + WOLFRAM_API_KEY = sometoken + SEARX_SECRET_KEY = somesecret + ''; - settings.server = - { port = "8080"; + settings.server = { + port = "8080"; bind_address = "0.0.0.0"; secret_key = "@SEARX_SECRET_KEY@"; }; - settings.engines = [ - { name = "wolframalpha"; - api_key = "@WOLFRAM_API_KEY@"; - engine = "wolframalpha_api"; - } - { name = "startpage"; - shortcut = "start"; - } - ]; - }; + settings.engines = [ + { + name = "wolframalpha"; + api_key = "@WOLFRAM_API_KEY@"; + engine = "wolframalpha_api"; + } + { + name = "startpage"; + shortcut = "start"; + } + ]; + }; - }; + }; # fancy setup: run in uWSGI and use nginx as proxy - nodes.fancy = { config, ... }: { - services.searx = { - enable = true; - # searx refuses to run if unchanged - settings.server.secret_key = "somesecret"; + nodes.fancy = + { config, ... }: + { + services.searx = { + enable = true; + # searx refuses to run if unchanged + settings.server.secret_key = "somesecret"; - runInUwsgi = true; - uwsgiConfig = { - # serve using the uwsgi protocol - socket = "/run/searx/uwsgi.sock"; - chmod-socket = "660"; + runInUwsgi = true; + uwsgiConfig = { + # serve using the uwsgi protocol + socket = "/run/searx/uwsgi.sock"; + chmod-socket = "660"; - # use /searx as url "mountpoint" - mount = "/searx=searx.webapp:application"; - module = ""; - manage-script-name = true; + # use /searx as url "mountpoint" + mount = "/searx=searx.webapp:application"; + module = ""; + manage-script-name = true; + }; }; - }; - # use nginx as reverse proxy - services.nginx.enable = true; - services.nginx.virtualHosts.localhost = { - locations."/searx".extraConfig = - '' + # use nginx as reverse proxy + services.nginx.enable = true; + services.nginx.virtualHosts.localhost = { + locations."/searx".extraConfig = '' include ${pkgs.nginx}/conf/uwsgi_params; uwsgi_pass unix:/run/searx/uwsgi.sock; ''; - locations."/searx/static/".alias = "${config.services.searx.package}/share/static/"; + locations."/searx/static/".alias = "${config.services.searx.package}/share/static/"; + }; + + # allow nginx access to the searx socket + users.users.nginx.extraGroups = [ "searx" ]; + }; - # allow nginx access to the searx socket - users.users.nginx.extraGroups = [ "searx" ]; + testScript = '' + base.start() - }; + with subtest("Settings have been merged"): + base.wait_for_unit("searx-init") + base.wait_for_file("/run/searx/settings.yml") + output = base.succeed( + "${pkgs.yq-go}/bin/yq eval" + " '.engines[] | select(.name==\"startpage\") | .shortcut'" + " /run/searx/settings.yml" + ).strip() + assert output == "start", "Settings not merged" - testScript = - '' - base.start() + with subtest("Environment variables have been substituted"): + base.succeed("grep -q somesecret /run/searx/settings.yml") + base.succeed("grep -q sometoken /run/searx/settings.yml") + base.copy_from_vm("/run/searx/settings.yml") - with subtest("Settings have been merged"): - base.wait_for_unit("searx-init") - base.wait_for_file("/run/searx/settings.yml") - output = base.succeed( - "${pkgs.yq-go}/bin/yq eval" - " '.engines[] | select(.name==\"startpage\") | .shortcut'" - " /run/searx/settings.yml" - ).strip() - assert output == "start", "Settings not merged" + with subtest("Basic setup is working"): + base.wait_for_open_port(8080) + base.wait_for_unit("searx") + base.succeed( + "${pkgs.curl}/bin/curl --fail http://localhost:8080" + ) + base.shutdown() - with subtest("Environment variables have been substituted"): - base.succeed("grep -q somesecret /run/searx/settings.yml") - base.succeed("grep -q sometoken /run/searx/settings.yml") - base.copy_from_vm("/run/searx/settings.yml") - - with subtest("Basic setup is working"): - base.wait_for_open_port(8080) - base.wait_for_unit("searx") - base.succeed( - "${pkgs.curl}/bin/curl --fail http://localhost:8080" - ) - base.shutdown() - - with subtest("Nginx+uWSGI setup is working"): - fancy.start() - fancy.wait_for_open_port(80) - fancy.wait_for_unit("uwsgi") - fancy.succeed( - "${pkgs.curl}/bin/curl --fail http://localhost/searx >&2" - ) - fancy.succeed( - "${pkgs.curl}/bin/curl --fail http://localhost/searx/static/themes/simple/js/leaflet.js >&2" - ) - ''; + with subtest("Nginx+uWSGI setup is working"): + fancy.start() + fancy.wait_for_open_port(80) + fancy.wait_for_unit("uwsgi") + fancy.succeed( + "${pkgs.curl}/bin/curl --fail http://localhost/searx >&2" + ) + fancy.succeed( + "${pkgs.curl}/bin/curl --fail http://localhost/searx/static/themes/simple/js/leaflet.js >&2" + ) + ''; }