diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2022-09-27 10:18:38 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-27 10:18:38 +0200 |
| commit | 2e977bf954e84a981b15ff4d2442802ce9b675f9 (patch) | |
| tree | 5e7105edb51a83a9f78efe2d643af4a10229c0fc /nixos | |
| parent | 54197947dc95f85994feebe2da75cd42fab46ff2 (diff) | |
| parent | 73f09f2145b4d57380ab6313a3b6e1dfb3f33af8 (diff) | |
Merge pull request #188575 from gador/pgadmin-6.13
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/admin/pgadmin.nix | 72 | ||||
| -rw-r--r-- | nixos/tests/pgadmin4.nix | 19 |
2 files changed, 75 insertions, 16 deletions
diff --git a/nixos/modules/services/admin/pgadmin.nix b/nixos/modules/services/admin/pgadmin.nix index 439f8f0d0fd2..390c80d1a2d4 100644 --- a/nixos/modules/services/admin/pgadmin.nix +++ b/nixos/modules/services/admin/pgadmin.nix @@ -37,27 +37,76 @@ in }; initialEmail = mkOption { - description = lib.mdDoc "Initial email for the pgAdmin account."; + description = lib.mdDoc "Initial email for the pgAdmin account"; type = types.str; }; initialPasswordFile = mkOption { description = lib.mdDoc '' Initial password file for the pgAdmin account. - NOTE: Should be string not a store path, to prevent the password from being world readable. + NOTE: Should be string not a store path, to prevent the password from being world readable ''; type = types.path; }; + emailServer = { + enable = mkOption { + description = lib.mdDoc '' + Enable SMTP email server. This is necessary, if you want to use password recovery or change your own password + ''; + type = types.bool; + default = false; + }; + address = mkOption { + description = lib.mdDoc "SMTP server for email delivery"; + type = types.str; + default = "localhost"; + }; + port = mkOption { + description = lib.mdDoc "SMTP server port for email delivery"; + type = types.port; + default = 25; + }; + useSSL = mkOption { + description = lib.mdDoc "SMTP server should use SSL"; + type = types.bool; + default = false; + }; + useTLS = mkOption { + description = lib.mdDoc "SMTP server should use TLS"; + type = types.bool; + default = false; + }; + username = mkOption { + description = lib.mdDoc "SMTP server username for email delivery"; + type = types.nullOr types.str; + default = null; + }; + sender = mkOption { + description = lib.mdDoc '' + SMTP server sender email for email delivery. Some servers require this to be a valid email address from that server + ''; + type = types.str; + example = "noreply@example.com"; + }; + passwordFile = mkOption { + description = lib.mdDoc '' + Password for SMTP email account. + NOTE: Should be string not a store path, to prevent the password from being world readable + ''; + type = types.path; + }; + }; + openFirewall = mkEnableOption (lib.mdDoc "firewall passthrough for pgadmin4"); settings = mkOption { description = lib.mdDoc '' Settings for pgadmin4. - [Documentation](https://www.pgadmin.org/docs/pgadmin4/development/config_py.html). + [Documentation](https://www.pgadmin.org/docs/pgadmin4/development/config_py.html) ''; type = pyType; - default= {}; + default = { }; }; }; @@ -69,6 +118,13 @@ in SERVER_MODE = true; } // (optionalAttrs cfg.openFirewall { DEFAULT_SERVER = mkDefault "::"; + }) // (optionalAttrs cfg.emailServer.enable { + MAIL_SERVER = cfg.emailServer.address; + MAIL_PORT = cfg.emailServer.port; + MAIL_USE_SSL = cfg.emailServer.useSSL; + MAIL_USE_TLS = cfg.emailServer.useTLS; + MAIL_USERNAME = cfg.emailServer.username; + SECURITY_EMAIL_SENDER = cfg.emailServer.sender; }); systemd.services.pgadmin = { @@ -115,10 +171,14 @@ in group = "pgadmin"; }; - users.groups.pgadmin = {}; + users.groups.pgadmin = { }; environment.etc."pgadmin/config_system.py" = { - text = formatPy cfg.settings; + text = lib.optionalString cfg.emailServer.enable '' + with open("${cfg.emailServer.passwordFile}") as f: + pw = f.read() + MAIL_PASSWORD = pw + '' + formatPy cfg.settings; mode = "0600"; user = "pgadmin"; group = "pgadmin"; diff --git a/nixos/tests/pgadmin4.nix b/nixos/tests/pgadmin4.nix index 9f5ac3d8d922..f28099659772 100644 --- a/nixos/tests/pgadmin4.nix +++ b/nixos/tests/pgadmin4.nix @@ -106,15 +106,15 @@ import ./make-test-python.nix ({ pkgs, lib, buildDeps ? [ ], pythonEnv ? [ ], .. && sed -i 's|driver_local.maximize_window()||' web/regression/runtests.py" ) - # don't bother to test LDAP authentification - # exclude resql test due to recent postgres 14.4 update - # see bugreport here https://redmine.postgresql.org/issues/7527 + # Don't bother to test LDAP or kerberos authentification + # For now deactivate change_password API test. Current bug report at https://redmine.postgresql.org/issues/7648 + # Password change works from the UI, if email SMTP is configured. with subtest("run browser test"): machine.succeed( 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \ && python regression/runtests.py \ --pkg browser \ - --exclude browser.tests.test_ldap_login.LDAPLoginTestCase,browser.tests.test_ldap_login,resql' + --exclude browser.tests.test_ldap_login.LDAPLoginTestCase,browser.tests.test_ldap_login,browser.tests.test_kerberos_with_mocking,browser.tests.test_change_password' ) # fontconfig is necessary for chromium to run @@ -126,11 +126,10 @@ import ./make-test-python.nix ({ pkgs, lib, buildDeps ? [ ], pythonEnv ? [ ], .. && python regression/runtests.py --pkg feature_tests' ) - # reactivate this test again, when the postgres 14.4 test has been fixed - # with subtest("run resql test"): - # machine.succeed( - # 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \ - # && python regression/runtests.py --pkg resql' - # ) + with subtest("run resql test"): + machine.succeed( + 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \ + && python regression/runtests.py --pkg resql' + ) ''; }) |