pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / ncdns.nix
at 22.05-pre 2.7 kB view raw
1import ./make-test-python.nix ({ lib, pkgs, ... }: 2let 3 fakeReply = pkgs.writeText "namecoin-reply.json" '' 4 { "error": null, 5 "id": 1, 6 "result": { 7 "address": "T31q8ucJ4dI1xzhxQ5QispfECld5c7Xw", 8 "expired": false, 9 "expires_in": 2248, 10 "height": 438155, 11 "name": "d/test", 12 "txid": "db61c0b2540ba0c1a2c8cc92af703a37002e7566ecea4dbf8727c7191421edfb", 13 "value": "{\"ip\": \"1.2.3.4\", \"email\": \"root@test.bit\",\"info\": \"Fake record\"}", 14 "vout": 0 15 } 16 } 17 ''; 18 19 # Disabled because DNSSEC does not currently validate, 20 # see https://github.com/namecoin/ncdns/issues/127 21 dnssec = false; 22 23in 24 25{ 26 name = "ncdns"; 27 meta = with pkgs.lib.maintainers; { 28 maintainers = [ rnhmjoj ]; 29 }; 30 31 nodes.server = { ... }: { 32 networking.nameservers = [ "127.0.0.1" ]; 33 34 services.namecoind.rpc = { 35 address = "127.0.0.1"; 36 user = "namecoin"; 37 password = "secret"; 38 port = 8332; 39 }; 40 41 # Fake namecoin RPC server because we can't 42 # run a full node in a test. 43 systemd.services.namecoind = { 44 wantedBy = [ "multi-user.target" ]; 45 script = '' 46 while true; do 47 echo -e "HTTP/1.1 200 OK\n\n $(<${fakeReply})\n" \ 48 | ${pkgs.netcat}/bin/nc -N -l 127.0.0.1 8332 49 done 50 ''; 51 }; 52 53 services.ncdns = { 54 enable = true; 55 dnssec.enable = dnssec; 56 identity.hostname = "example.com"; 57 identity.hostmaster = "root@example.com"; 58 identity.address = "1.0.0.1"; 59 }; 60 61 services.pdns-recursor = { 62 enable = true; 63 dns.allowFrom = [ "127.0.0.0/8" ]; 64 resolveNamecoin = true; 65 }; 66 67 environment.systemPackages = [ pkgs.dnsutils ]; 68 69 }; 70 71 testScript = 72 (lib.optionalString dnssec '' 73 with subtest("DNSSEC keys have been generated"): 74 server.wait_for_unit("ncdns") 75 server.wait_for_file("/var/lib/ncdns/bit.key") 76 server.wait_for_file("/var/lib/ncdns/bit-zone.key") 77 78 with subtest("DNSKEY bit record is present"): 79 server.wait_for_unit("pdns-recursor") 80 server.wait_for_open_port("53") 81 server.succeed("host -t DNSKEY bit") 82 '') + 83 '' 84 with subtest("can resolve a .bit name"): 85 server.wait_for_unit("namecoind") 86 server.wait_for_unit("ncdns") 87 server.wait_for_open_port("8332") 88 assert "1.2.3.4" in server.succeed("dig @localhost -p 5333 test.bit") 89 90 with subtest("SOA record has identity information"): 91 assert "example.com" in server.succeed("dig SOA @localhost -p 5333 bit") 92 93 with subtest("bit. zone forwarding works"): 94 assert "1.2.3.4" in server.succeed("host test.bit") 95 ''; 96})