nix-cache-login/nixos-test-server.nix

self: {
  name = "nix-cache-login-nixos-module-server";

  nodes.machine =
    { pkgs, ... }:
    {
      imports = [ self.nixosModules.server ];
      services.nix-cache-login-server = {
        enable = true;
        configFile = pkgs.writeText "nix-cache-login-server-config.toml" ''
          issuer = "https://id.example.com/realms/test"
          client_id = "nix-cache-server"
          client_secret_file = "/run/secrets/nix-cache-client-secret"
          cache_host = "cache.example.com"
          netrc_path = "/var/lib/nix-cache-login/netrc"
        '';
      };
    };

  testScript = ''
    machine.wait_for_unit("multi-user.target")

    # Module should install system service and timer unit files.
    machine.succeed("test -f /etc/systemd/system/nix-cache-login.timer")
    machine.succeed("test -f /etc/systemd/system/nix-cache-login.service")

    # wantedBy = ["timers.target"] should create this symlink.
    machine.succeed("test -L /etc/systemd/system/timers.target.wants/nix-cache-login.timer")

    # Config should be available at a standard path for interactive commands.
    machine.succeed("test -f /etc/nix-cache-login/config.toml")

    # Service unit should invoke service-account mode with explicit --config.
    unit = machine.succeed("cat /etc/systemd/system/nix-cache-login.service")
    assert "nix-cache-login --config" in unit and "service-account" in unit, (
        f"ExecStart not found in service unit:\n{unit}"
    )
  '';
}