nixos/tests/alps.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / alps.nix
at 23.11-pre 3.6 kB view raw
  1let
  2  certs = import ./common/acme/server/snakeoil-certs.nix;
  3  domain = certs.domain;
  4in
  5import ./make-test-python.nix ({ pkgs, ... }: {
  6  name = "alps";
  7  meta = with pkgs.lib.maintainers; {
  8    maintainers = [ hmenke ];
  9  };
 10
 11  nodes = {
 12    server = {
 13      imports = [ ./common/user-account.nix ];
 14      security.pki.certificateFiles = [
 15        certs.ca.cert
 16      ];
 17      networking.extraHosts = ''
 18        127.0.0.1 ${domain}
 19      '';
 20      networking.firewall.allowedTCPPorts = [ 25 465 993 ];
 21      services.postfix = {
 22        enable = true;
 23        enableSubmission = true;
 24        enableSubmissions = true;
 25        tlsTrustedAuthorities = "${certs.ca.cert}";
 26        sslCert = "${certs.${domain}.cert}";
 27        sslKey = "${certs.${domain}.key}";
 28      };
 29      services.dovecot2 = {
 30        enable = true;
 31        enableImap = true;
 32        sslCACert = "${certs.ca.cert}";
 33        sslServerCert = "${certs.${domain}.cert}";
 34        sslServerKey = "${certs.${domain}.key}";
 35      };
 36    };
 37
 38    client = { nodes, config, ... }: {
 39      security.pki.certificateFiles = [
 40        certs.ca.cert
 41      ];
 42      networking.extraHosts = ''
 43        ${nodes.server.config.networking.primaryIPAddress} ${domain}
 44      '';
 45      services.alps = {
 46        enable = true;
 47        theme = "alps";
 48        imaps = {
 49          host = domain;
 50          port = 993;
 51        };
 52        smtps = {
 53          host = domain;
 54          port = 465;
 55        };
 56      };
 57      environment.systemPackages = [
 58        (pkgs.writers.writePython3Bin "test-alps-login" { } ''
 59          from urllib.request import build_opener, HTTPCookieProcessor, Request
 60          from urllib.parse import urlencode, urljoin
 61          from http.cookiejar import CookieJar
 62
 63          baseurl = "http://localhost:${toString config.services.alps.port}"
 64          username = "alice"
 65          password = "${nodes.server.config.users.users.alice.password}"
 66          cookiejar = CookieJar()
 67          cookieprocessor = HTTPCookieProcessor(cookiejar)
 68          opener = build_opener(cookieprocessor)
 69
 70          data = urlencode({"username": username, "password": password}).encode()
 71          req = Request(urljoin(baseurl, "login"), data=data, method="POST")
 72          with opener.open(req) as ret:
 73              # Check that the alps_session cookie is set
 74              print(cookiejar)
 75              assert any(cookie.name == "alps_session" for cookie in cookiejar)
 76
 77          req = Request(baseurl)
 78          with opener.open(req) as ret:
 79              # Check that the alps_session cookie is still there...
 80              print(cookiejar)
 81              assert any(cookie.name == "alps_session" for cookie in cookiejar)
 82              # ...and that we have not been redirected back to the login page
 83              print(ret.url)
 84              assert ret.url == urljoin(baseurl, "mailbox/INBOX")
 85
 86          req = Request(urljoin(baseurl, "logout"))
 87          with opener.open(req) as ret:
 88              # Check that the alps_session cookie is now gone
 89              print(cookiejar)
 90              assert all(cookie.name != "alps_session" for cookie in cookiejar)
 91        '')
 92      ];
 93    };
 94  };
 95
 96  testScript = { nodes, ... }: ''
 97    server.start()
 98    server.wait_for_unit("postfix.service")
 99    server.wait_for_unit("dovecot2.service")
100    server.wait_for_open_port(465)
101    server.wait_for_open_port(993)
102
103    client.start()
104    client.wait_for_unit("alps.service")
105    client.wait_for_open_port(${toString nodes.client.config.services.alps.port})
106    client.succeed("test-alps-login")
107  '';
108})