Add content to the demo vm

2023-06-07 22:47:02 -07:00 · 2023-06-07 22:47:02 -07:00 · 657f37634d
parent b2e199f8f3
commit 657f37634d
5 changed files with 66 additions and 14 deletions
--- a/demo/alice/credentials.json
+++ b/demo/alice/credentials.json
@ -0,0 +1,4 @@
+{
+  "username": "alice",
+  "secret": "alpha"
+}
--- a/demo/alice/currenttime/intake.json
+++ b/demo/alice/currenttime/intake.json
@ -0,0 +1,11 @@
+{
+  "action": {
+    "fetch": {
+      "exe": "sh",
+      "args": [
+        "-c",
+        "echo {\\\"id\\\": \\\"$(date +%Y-%m-%d-%H-%M)\\\"}"
+      ]
+    }
+  }
+}
--- a/demo/bob/credentials.json
+++ b/demo/bob/credentials.json
@ -0,0 +1,4 @@
+{
+  "username": "bob",
+  "secret": "beta"
+}
--- a/demo/default.nix
+++ b/demo/default.nix
@ -3,23 +3,56 @@ flake: { pkgs, ... }:
 {
  system.stateVersion = "22.11";

-  nixos-shell.mounts = {
-    mountHome = false;
-    mountNixProfile = false;
-    cache = "none";
-  };
-
-  services.intake.users.alpha.enable = true;
-
-  services.intake.users.beta.enable = true;
-
-  users.users.alpha = {
+  # Set up two users to demonstrate the user separation
+  users.users.alice = {
    isNormalUser = true;
    password = "alpha";
  };

-  users.users.beta = {
+  users.users.bob = {
    isNormalUser = true;
    password = "beta";
  };
+
+  # Put intake on both users' PATH
+  environment.systemPackages = [ flake.packages.${pkgs.stdenv.hostPlatform.system}.default ];
+
+  # Set up intake for both users with an entry point at port 8080
+  services.intake = {
+    listen.port = 8080;
+    users.alice.enable = true;
+    users.bob.enable = true;
+  };
+
+  # Expose the vm's intake revproxy at host port 5234
+  virtualisation.forwardPorts = [{
+    from = "host";
+    host.port = 5234;
+    guest.port = 8080;
+  }];
+
+  # Mount the demo content for both users
+  nixos-shell.mounts = {
+    mountHome = false;
+    mountNixProfile = false;
+    cache = "none";
+
+    extraMounts = {
+      "/mnt/alice" = ./alice;
+      "/mnt/bob" = ./bob;
+    };
+  };
+
+  # Create an activation script that copies and chowns the demo content
+  system.activationScripts.demoSetup = ''
+    ${pkgs.coreutils}/bin/mkdir -p /home/alice/.local/share/intake
+    ${pkgs.coreutils}/bin/cp -r /mnt/alice/* /home/alice/.local/share/intake/
+    ${pkgs.coreutils}/bin/chgrp -R users /home/alice
+    ${pkgs.coreutils}/bin/chmod -R 775 /home/alice/.local
+
+    ${pkgs.coreutils}/bin/mkdir -p /home/bob/.local/share/intake
+    ${pkgs.coreutils}/bin/cp -r /mnt/bob/* /home/bob/.local/share/intake/
+    ${pkgs.coreutils}/bin/chgrp -R users /home/bob
+    ${pkgs.coreutils}/bin/chmod -R 775 /home/bob/.local
+  '';
 }
--- a/module.nix
+++ b/module.nix
@ -14,7 +14,7 @@ in {

      listen.port = mkOption {
        type = types.port;
-        default = 8032;
+        default = 80;
        description = "The listen port for the entry point to intake services. This endpoint will redirect to a local port based on the request's HTTP Basic Auth credentials.";
      };

@ -84,7 +84,7 @@ in {
        listen = [ intakeCfg.listen ];
        locations."/" = {
          proxyPass = "http://127.0.0.1:$target_port";
-          basicAuth = { alpha = "alpha"; beta = "beta"; };
+          basicAuth = { alice = "alpha"; bob = "beta"; };
        };
        extraConfig = foldl (acc: val: acc + val) "" (mapAttrsToList (userName: port: ''
          if ($remote_user = "${userName}") {