pyrox.dev
1# Test whether `networking.proxy' work as expected.
2
3# TODO: use a real proxy node and put this test into networking.nix
4# TODO: test whether nix tools work as expected behind a proxy
5
6let
7 default-config = {
8 imports = [ ./common/user-account.nix ];
9
10 services.xserver.enable = false;
11
12 };
13in
14{ pkgs, ... }:
15{
16 name = "networking-proxy";
17 meta = with pkgs.lib.maintainers; {
18 maintainers = [ ];
19 };
20
21 nodes = {
22 # no proxy
23 machine =
24 { ... }:
25
26 default-config;
27
28 # proxy default
29 machine2 =
30 { ... }:
31
32 default-config
33 // {
34 networking.proxy.default = "http://user:pass@host:port";
35 };
36
37 # specific proxy options
38 machine3 =
39 { ... }:
40
41 default-config
42 // {
43 networking.proxy = {
44 # useless because overridden by the next options
45 default = "http://user:pass@host:port";
46 # advanced proxy setup
47 httpProxy = "123-http://user:pass@http-host:port";
48 httpsProxy = "456-http://user:pass@https-host:port";
49 rsyncProxy = "789-http://user:pass@rsync-host:port";
50 ftpProxy = "101112-http://user:pass@ftp-host:port";
51 noProxy = "131415-127.0.0.1,localhost,.localdomain";
52 };
53 };
54
55 # mix default + proxy options
56 machine4 =
57 { ... }:
58
59 default-config
60 // {
61 networking.proxy = {
62 # open for all *_proxy env var
63 default = "000-http://user:pass@default-host:port";
64 # except for those 2
65 rsyncProxy = "123-http://user:pass@http-host:port";
66 noProxy = "131415-127.0.0.1,localhost,.localdomain";
67 };
68 };
69 };
70
71 testScript = ''
72 from typing import Dict, Optional
73
74
75 def get_machine_env(machine: Machine, user: Optional[str] = None) -> Dict[str, str]:
76 """
77 Gets the environment from a given machine, and returns it as a
78 dictionary in the form:
79 {"lowercase_var_name": "value"}
80
81 Duplicate environment variables with the same name
82 (e.g. "foo" and "FOO") are handled in an undefined manner.
83 """
84 if user is not None:
85 env = machine.succeed("su - {} -c 'env -0'".format(user))
86 else:
87 env = machine.succeed("env -0")
88 ret = {}
89 for line in env.split("\0"):
90 if "=" not in line:
91 continue
92
93 key, val = line.split("=", 1)
94 ret[key.lower()] = val
95 return ret
96
97
98 start_all()
99
100 with subtest("no proxy"):
101 assert "proxy" not in machine.succeed("env").lower()
102 assert "proxy" not in machine.succeed("su - alice -c env").lower()
103
104 with subtest("default proxy"):
105 assert "proxy" in machine2.succeed("env").lower()
106 assert "proxy" in machine2.succeed("su - alice -c env").lower()
107
108 with subtest("explicitly-set proxy"):
109 env = get_machine_env(machine3)
110 assert "123" in env["http_proxy"]
111 assert "456" in env["https_proxy"]
112 assert "789" in env["rsync_proxy"]
113 assert "101112" in env["ftp_proxy"]
114 assert "131415" in env["no_proxy"]
115
116 env = get_machine_env(machine3, "alice")
117 assert "123" in env["http_proxy"]
118 assert "456" in env["https_proxy"]
119 assert "789" in env["rsync_proxy"]
120 assert "101112" in env["ftp_proxy"]
121 assert "131415" in env["no_proxy"]
122
123 with subtest("default proxy + some other specifics"):
124 env = get_machine_env(machine4)
125 assert "000" in env["http_proxy"]
126 assert "000" in env["https_proxy"]
127 assert "123" in env["rsync_proxy"]
128 assert "000" in env["ftp_proxy"]
129 assert "131415" in env["no_proxy"]
130
131 env = get_machine_env(machine4, "alice")
132 assert "000" in env["http_proxy"]
133 assert "000" in env["https_proxy"]
134 assert "123" in env["rsync_proxy"]
135 assert "000" in env["ftp_proxy"]
136 assert "131415" in env["no_proxy"]
137 '';
138}