{modules,tests}/dns: Init

Most of the dns module was taken from: <https://github.com/nix-community/dns.nix>

1 files changed, 129 insertions, 0 deletions

diff --git a/tests/by-name/dn/dns/test.nix b/tests/by-name/dn/dns/test.nix
new file mode 100644
index 0000000..07a6e8c
--- /dev/null
+++ b/tests/by-name/dn/dns/test.nix
@@ -0,0 +1,129 @@
+# Inspired by this file: /nixpkgs/nixos/tests/nsd.nix
+{
+  nixos-lib,
+  pkgsUnstable,
+  nixpkgs-unstable,
+  vhackPackages,
+  pkgs,
+  extraModules,
+  nixLib,
+  ...
+}: let
+  common = {...}: {
+    networking.firewall.enable = false;
+    networking.dhcpcd.enable = false;
+  };
+
+  mkClient = version: {
+    lib,
+    nodes,
+    ...
+  }: {
+    environment.systemPackages = [pkgs.dig pkgs.dig.dnsutils];
+
+    imports = [common];
+    networking.nameservers = lib.mkForce [
+      (lib.head nodes.server.networking.interfaces.eth1."${version}".addresses).address
+    ];
+  };
+in
+  nixos-lib.runTest {
+    hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs
+
+    name = "dns";
+
+    node = {
+      specialArgs = {inherit pkgsUnstable vhackPackages nixpkgs-unstable nixLib;};
+
+      # Use the nixpkgs as constructed by the `nixpkgs.*` options
+      pkgs = null;
+    };
+
+    nodes = {
+      server = {
+        config,
+        lib,
+        ...
+      }: {
+        imports =
+          extraModules
+          ++ [
+            ../../../../modules
+            common
+          ];
+
+        vhack = {
+          dns = {
+            enable = true;
+            interfaces = lib.debug.traceValSeqN 2 [
+              (lib.head config.networking.interfaces.eth1.ipv4.addresses).address
+              (lib.head config.networking.interfaces.eth1.ipv6.addresses).address
+            ];
+            zones = {
+              "example.com" = {
+                SOA = {
+                  nameServer = "ns";
+                  adminEmail = "admin@example.com";
+                  serial = 2024012301;
+                };
+
+                useOrigin = false;
+                NS = [
+                  "ns.example.com."
+                ];
+
+                subdomains = {
+                  ns = {
+                    A = ["192.168.1.3"];
+                  };
+                  ipv4 = {
+                    A = ["1.2.3.4"];
+                  };
+                  ipv6 = {
+                    AAAA = ["dead:beef::1"];
+                  };
+                  openpgpkey = {
+                    TXT = ["Hi!"];
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+
+      clientV4 = mkClient "ipv4";
+      clientV6 = mkClient "ipv6";
+    };
+
+    testScript = {nodes, ...}:
+    /*
+    python
+    */
+    ''
+      start_all()
+
+      clientV4.wait_for_unit("network.target")
+      clientV6.wait_for_unit("network.target")
+      server.wait_for_unit("nsd.service")
+
+      def assert_host(ipVersion, dnsRecordType, dnsQuery, expected):
+          self = clientV4 if ipVersion == 4 else clientV6
+          out = self.succeed(f"host -{ipVersion} -t {dnsRecordType} {dnsQuery}").rstrip()
+          self.log(f"output: {out}")
+          import re
+          assert re.search(expected, out), f"DNS IPv{ipVersion} dnsQuery on {dnsQuery} gave '{out}' instead of '{expected}'"
+
+
+      for ipv in 4, 6:
+          with subtest(f"IPv{ipv}"):
+              assert_host(ipv, "a", "example.com", "has no [^ ]+ record")
+              assert_host(ipv, "aaaa", "example.com", "has no [^ ]+ record")
+
+              assert_host(ipv, "soa", "example.com", "SOA.*?admin\\.example\\.com")
+              assert_host(ipv, "a", "ipv4.example.com", "address 1.2.3.4$")
+              assert_host(ipv, "aaaa", "ipv6.example.com", "address dead:beef::1$")
+
+              assert_host(ipv, "txt", "openpgpkey.example.com", "descriptive text \"Hi!\"$")
+    '';
+  }