aboutsummaryrefslogtreecommitdiffstats
path: root/tests/by-name/em/email-http/test.nix
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--tests/by-name/em/email-http/test.nix123
1 files changed, 64 insertions, 59 deletions
diff --git a/tests/by-name/em/email-http/test.nix b/tests/by-name/em/email-http/test.nix
index 2c7921d..f508b9f 100644
--- a/tests/by-name/em/email-http/test.nix
+++ b/tests/by-name/em/email-http/test.nix
@@ -31,13 +31,38 @@ in
lib,
...
}: {
- imports = [../../../common/acme];
- networking.nameservers = lib.mkForce [
- nodes.name_server.networking.primaryIPAddress
+ imports = [
+ ../../../common/acme/server.nix
+ ../../../common/dns/client.nix
];
};
- name_server = import ./nodes/name_server.nix {inherit extraModules;};
+ name_server = {nodes, ...}: {
+ imports =
+ extraModules
+ ++ [
+ ../../../common/acme/client.nix
+ ../../../common/dns/server.nix
+ ];
+
+ vhack.dns.zones = {
+ "mail.server.com" = {
+ SOA = {
+ nameServer = "ns";
+ adminEmail = "admin@server.com";
+ serial = 2025012301;
+ };
+ useOrigin = false;
+
+ A = [
+ nodes.mail_server.networking.primaryIPAddress
+ ];
+ AAAA = [
+ nodes.mail_server.networking.primaryIPv6Address
+ ];
+ };
+ };
+ };
mail_server = mkMailServer "mail" null;
@@ -45,66 +70,46 @@ in
};
# TODO(@bpeetz): This test should also test the http JMAP features of stalwart-mail. <2025-04-12>
- testScript = _:
- /*
- python
- */
- ''
- # Start dependencies for the other services
- acme.start()
- acme.wait_for_unit("pebble.service")
- name_server.start()
- name_server.wait_for_unit("nsd.service")
-
- # Start the actual testing machines
- start_all()
-
- mail_server.wait_for_unit("stalwart-mail.service")
- mail_server.wait_for_open_port(993) # imap
- mail_server.wait_for_open_port(465) # smtp
-
- bob.wait_for_unit("multi-user.target")
-
- with subtest("Add pebble ca key to all services"):
- for node in [name_server, mail_server, bob]:
- node.succeed("${pkgs.writeShellScript "fetch-and-set-ca" ''
- set -xe
-
- # Fetch the randomly generated ca certificate
- curl https://acme.test:15000/roots/0 > /tmp/ca.crt
- curl https://acme.test:15000/intermediates/0 >> /tmp/ca.crt
+ testScript = _: let
+ acme_scripts = import ../../../common/acme/scripts.nix {inherit pkgs;};
+ in
+ /*
+ python
+ */
+ ''
+ # Start dependencies for the other services
+ acme.start()
+ acme.wait_for_unit("pebble.service")
+ name_server.start()
+ name_server.wait_for_unit("nsd.service")
- # Append it to the various system stores
- # The file paths are from <nixpgks>/modules/security/ca.nix
- for cert_path in "ssl/certs/ca-certificates.crt" "ssl/certs/ca-bundle.crt" "pki/tls/certs/ca-bundle.crt"; do
- cert_path="/etc/$cert_path"
+ # Start the actual testing machines
+ start_all()
- mv "$cert_path" "$cert_path.old"
- cat "$cert_path.old" > "$cert_path"
- cat /tmp/ca.crt >> "$cert_path"
- done
+ mail_server.wait_for_unit("stalwart-mail.service")
+ mail_server.wait_for_open_port(993) # imap
+ mail_server.wait_for_open_port(465) # smtp
- export NIX_SSL_CERT_FILE=/tmp/ca.crt
- export SSL_CERT_FILE=/tmp/ca.crt
+ bob.wait_for_unit("multi-user.target")
- # TODO
- # # P11-Kit trust source.
- # environment.etc."ssl/trust-source".source = "$${cacertPackage.p11kit}/etc/ssl/trust-source";
- ''}")
+ with subtest("Add pebble ca key to all services"):
+ for node in [name_server, mail_server, bob]:
+ node.wait_for_unit("network-online.target")
+ node.succeed("${acme_scripts.add_pebble_acme_ca}")
- with subtest("The mailserver successfully started all services"):
- import json
- def all_services_running(host):
- (status, output) = host.systemctl("list-units --state=failed --plain --no-pager --output=json")
- host_failed = json.loads(output)
- assert len(host_failed) == 0, f"Expected zero failing services, but found: {json.dumps(host_failed, indent=4)}"
- all_services_running(mail_server)
+ with subtest("The mailserver successfully started all services"):
+ import json
+ def all_services_running(host):
+ (status, output) = host.systemctl("list-units --state=failed --plain --no-pager --output=json")
+ host_failed = json.loads(output)
+ assert len(host_failed) == 0, f"Expected zero failing services, but found: {json.dumps(host_failed, indent=4)}"
+ all_services_running(mail_server)
- with subtest("Bob can use the self-service interface"):
- bob.succeed("${pkgs.writeShellScript "check-self-service" ''
- curl mail.server.com --location --output /home/bob/output.html;
- ''}")
+ with subtest("Bob can use the self-service interface"):
+ bob.succeed("${pkgs.writeShellScript "check-self-service" ''
+ curl mail.server.com --location --output /home/bob/output.html;
+ ''}")
- bob.copy_from_vm("/home/bob", "")
- '';
+ bob.copy_from_vm("/home/bob", "")
+ '';
}