nixos/tests/coturn.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / coturn.nix
at master 1.2 kB view raw
 1{ pkgs, ... }:
 2{
 3  name = "coturn";
 4  nodes = {
 5    default = {
 6      services.coturn.enable = true;
 7    };
 8    secretsfile = {
 9      boot.postBootCommands = ''
10        echo "some-very-secret-string" > /run/coturn-secret
11      '';
12      services.coturn = {
13        enable = true;
14        static-auth-secret-file = "/run/coturn-secret";
15      };
16    };
17  };
18
19  testScript = ''
20    start_all()
21
22    with subtest("by default works without configuration"):
23        default.wait_for_unit("coturn.service")
24
25    with subtest("works with static-auth-secret-file"):
26        secretsfile.wait_for_unit("coturn.service")
27        secretsfile.wait_for_open_port(3478)
28        secretsfile.succeed("grep 'some-very-secret-string' /run/coturn/turnserver.cfg")
29        # Forbidden IP, fails:
30        secretsfile.fail("${pkgs.coturn}/bin/turnutils_uclient -W some-very-secret-string 127.0.0.1 -DgX -e 127.0.0.1 -n 1 -c -y")
31        # allowed-peer-ip, should succeed:
32        secretsfile.succeed("${pkgs.coturn}/bin/turnutils_uclient -W some-very-secret-string 192.168.1.2 -DgX -e 192.168.1.2 -n 1 -c -y")
33
34    default.log(default.execute("systemd-analyze security coturn.service | grep -v '✓'")[1])
35  '';
36}