nixos/tests: implement dnscrypt-proxy test

This test verifies that the daemon actually activates upon a
user-initiated ping, when using the recommended configuration.
This commit is contained in:
Joachim Fasting 2016-03-09 02:36:53 +01:00
parent dcfca100ec
commit 19492185fa
2 changed files with 33 additions and 0 deletions

View File

@ -240,6 +240,7 @@ in rec {
tests.containers = callTest tests/containers.nix {};
tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
tests.dockerRegistry = hydraJob (import tests/docker-registry.nix { system = "x86_64-linux"; });
tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };
tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });
tests.ec2-nixops = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-nixops;
tests.ec2-config = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-config;

View File

@ -0,0 +1,32 @@
import ./make-test.nix ({ pkgs, ... }: {
name = "dnscrypt-proxy";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ joachifm ];
};
nodes = {
# A client running the recommended setup: DNSCrypt proxy as a forwarder
# for a caching DNS client.
client =
{ config, pkgs, ... }:
let localProxyPort = 43; in
{
security.apparmor.enable = true;
services.dnscrypt-proxy.enable = true;
services.dnscrypt-proxy.localPort = localProxyPort;
services.dnsmasq.enable = true;
services.dnsmasq.servers = [ "127.0.0.1#${toString localProxyPort}" ];
};
};
testScript = ''
$client->start;
$client->waitForUnit("multi-user.target");
# The daemon is socket activated; sending a single ping should activate it.
$client->execute("${pkgs.iputils}/bin/ping -c1 example.com");
$client->succeed("systemctl is-active dnscrypt-proxy.service");
'';
})