nixos/tests/acme-dns.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / acme-dns.nix
at 24.11-pre 1.5 kB view raw
 1import ./make-test-python.nix ({ ... }: {
 2  name = "acme-dns";
 3
 4  nodes.machine = { pkgs, ... }: {
 5    services.acme-dns = {
 6      enable = true;
 7      settings = {
 8        general = rec {
 9          domain = "acme-dns.home.arpa";
10          nsname = domain;
11          nsadmin = "admin.home.arpa";
12          records = [
13            "${domain}. A 127.0.0.1"
14            "${domain}. AAAA ::1"
15            "${domain}. NS ${domain}."
16          ];
17        };
18        logconfig.loglevel = "debug";
19      };
20    };
21    environment.systemPackages = with pkgs; [ curl bind ];
22  };
23
24  testScript = ''
25    import json
26
27    machine.wait_for_unit("acme-dns.service")
28    machine.wait_for_open_port(53) # dns
29    machine.wait_for_open_port(8080) # http api
30
31    result = machine.succeed("curl --fail -X POST http://localhost:8080/register")
32    print(result)
33
34    registration = json.loads(result)
35
36    machine.succeed(f'dig -t TXT @localhost {registration["fulldomain"]} | grep "SOA" | grep "admin.home.arpa"')
37
38    # acme-dns exspects a TXT value string length of exactly 43 chars
39    txt = "___dummy_validation_token_for_txt_record___"
40
41    machine.succeed(
42      "curl --fail -X POST http://localhost:8080/update "
43      + f' -H "X-Api-User: {registration["username"]}"'
44      + f' -H "X-Api-Key: {registration["password"]}"'
45      + f' -d \'{{"subdomain":"{registration["subdomain"]}", "txt":"{txt}"}}\'''
46    )
47
48    assert txt in machine.succeed(f'dig -t TXT +short @localhost {registration["fulldomain"]}')
49  '';
50})