nixos/tests/acme-dns.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / acme-dns.nix
at master 1.5 kB view raw
 1{
 2  name = "acme-dns";
 3
 4  nodes.machine =
 5    { pkgs, ... }:
 6    {
 7      services.acme-dns = {
 8        enable = true;
 9        settings = {
10          general = rec {
11            domain = "acme-dns.home.arpa";
12            nsname = domain;
13            nsadmin = "admin.home.arpa";
14            records = [
15              "${domain}. A 127.0.0.1"
16              "${domain}. AAAA ::1"
17              "${domain}. NS ${domain}."
18            ];
19          };
20          logconfig.loglevel = "debug";
21        };
22      };
23      environment.systemPackages = with pkgs; [
24        curl
25        bind
26      ];
27    };
28
29  testScript = ''
30    import json
31
32    machine.wait_for_unit("acme-dns.service")
33    machine.wait_for_open_port(53) # dns
34    machine.wait_for_open_port(8080) # http api
35
36    result = machine.succeed("curl --fail -X POST http://localhost:8080/register")
37    print(result)
38
39    registration = json.loads(result)
40
41    machine.succeed(f'dig -t TXT @localhost {registration["fulldomain"]} | grep "SOA" | grep "admin.home.arpa"')
42
43    # acme-dns exspects a TXT value string length of exactly 43 chars
44    txt = "___dummy_validation_token_for_txt_record___"
45
46    machine.succeed(
47      "curl --fail -X POST http://localhost:8080/update "
48      + f' -H "X-Api-User: {registration["username"]}"'
49      + f' -H "X-Api-Key: {registration["password"]}"'
50      + f' -d \'{{"subdomain":"{registration["subdomain"]}", "txt":"{txt}"}}\'''
51    )
52
53    assert txt in machine.succeed(f'dig -t TXT +short @localhost {registration["fulldomain"]}')
54  '';
55}