nixos/tests/postfix-tlspol.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / postfix-tlspol.nix

at master 1.0 kB view raw

 1{
 2  lib,
 3  ...
 4}:
 5{
 6  name = "postfix-tlspol";
 7
 8  meta.maintainers = with lib.maintainers; [ hexa ];
 9
10  nodes.machine = {
11    services.postfix.enable = true;
12    services.postfix-tlspol.enable = true;
13
14    services.dnsmasq = {
15      enable = true;
16      settings.selfmx = true;
17    };
18  };
19
20  testScript = ''
21    import json
22
23    machine.wait_for_unit("postfix-tlspol.service")
24    machine.succeed("getent group postfix-tlspol | grep :postfix")
25
26    with subtest("Interact with the service"):
27      machine.succeed("postfix-tlspol -purge")
28
29      response = json.loads((machine.succeed("postfix-tlspol -query localhost")))
30      machine.log(json.dumps(response, indent=2))
31
32      assert response["dane"]["policy"] == "", f"Unexpected DANE policy for localhost: {response["dane"]["policy"]}"
33      assert response["mta-sts"]["policy"] == "", f"Unexpected MTA-STS policy for localhost: {response["mta-sts"]["policy"]}"
34
35    machine.log(machine.execute("systemd-analyze security postfix-tlspol.service | grep -v ✓")[1])
36  '';
37
38}