From ef0b3f491e1868c7b3899aff3f53be0325313c2d Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Wed, 5 Mar 2025 19:06:53 +0100
Subject: tests/email-dns: Init

This test is somewhat involved, but tries to exercise our full mail
handling capabilities.
It effectively only tests that alice can send a message to bob, but it
checks nearly all security mechanisms (DNSSEC is currently still missing).
---
 secrets.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'secrets.nix')

diff --git a/secrets.nix b/secrets.nix
index d90b504..8d3ae92 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -5,6 +5,9 @@ let
   server2HostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL1TUFoCTplkqTVbXQ6qDCyeo2h8+C0vjrIlKu6vmq5f";
   server3HostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3s4FjGx7LEVf/GE3WeCl8TmCtPt8gW1J0mp0fUJBNm";
 
+  # WARNING(@bpeetz): ONLY use this key on age files that are meant to be public! <2025-02-23>
+  testingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILxdvBk/PC9fC7B5vqe9TvygZKY6LgDQ2mXRdVrthBM/";
+
   publicKeys = {
     "server2" = [
       soispha
@@ -62,3 +65,9 @@ let
     );
 in
   secrets
+  // {
+    "./tests/by-name/em/email-dns/secrets/dkim/alice.com/private.age".publicKeys = [soispha sils testingKey];
+    "./tests/by-name/em/email-dns/secrets/dkim/bob.com/private.age".publicKeys = [soispha sils testingKey];
+    "./tests/by-name/em/email-dns/secrets/dkim/mail1.server.com/private.age".publicKeys = [soispha sils testingKey];
+    "./tests/by-name/em/email-dns/secrets/dkim/mail2.server.com/private.age".publicKeys = [soispha sils testingKey];
+  }
-- 
cgit 1.4.1