nixos/tests/dnscrypt-proxy.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / dnscrypt-proxy.nix

at master 1.2 kB view raw

 1{ lib, ... }:
 2let
 3  localProxyPort = 43;
 4in
 5{
 6  name = "dnscrypt-proxy";
 7  meta.maintainers = with lib.maintainers; [ joachifm ];
 8
 9  nodes = {
10    # A client running the recommended setup: DNSCrypt proxy as a forwarder
11    # for a caching DNS client.
12    client =
13      { ... }:
14      {
15        security.apparmor.enable = true;
16
17        services.dnscrypt-proxy.enable = true;
18        services.dnscrypt-proxy.settings = {
19          listen_addresses = [ "127.0.0.1:${toString localProxyPort}" ];
20          sources.public-resolvers = {
21            urls = [ "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md" ];
22            cache_file = "public-resolvers.md";
23            minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
24            refresh_delay = 72;
25          };
26        };
27
28        services.dnsmasq.enable = true;
29        services.dnsmasq.settings.server = [ "127.0.0.1#${toString localProxyPort}" ];
30      };
31  };
32
33  testScript = ''
34    client.wait_for_unit("dnsmasq")
35    client.wait_for_unit("dnscrypt-proxy")
36    client.wait_until_succeeds("ss --numeric --udp --listening | grep -q ${toString localProxyPort}")
37  '';
38}