02e1f00ffd
Rationale --------- Currently, tests are hard to discover. For instance, someone updating `dovecot` might not notice that the interaction of `dovecot` with `opensmtpd` is handled in the `opensmtpd.nix` test. And even for someone updating `opensmtpd`, it requires manual work to go check in `nixos/tests` whether there is actually a test, especially given not so many packages in `nixpkgs` have tests and this is thus most of the time useless. Finally, for the reviewer, it is much easier to check that the “Tested via one or more NixOS test(s)” has been checked if the file modified already includes the list of relevant tests. Implementation -------------- Currently, this commit only adds the metadata in the package. Each element of the `meta.tests` attribute is a derivation that, when it builds successfully, means the test has passed (ie. following the same convention as NixOS tests). Future Work ----------- In the future, the tools could be made aware of this `meta.tests` attribute, and for instance a `--with-tests` could be added to `nix-build` so that it also builds all the tests. Or a `--without-tests` to build without all the tests. @Profpatsch described in his NixCon talk such systems. Another thing that would help in the future would be the possibility to reasonably easily have cross-derivation nix tests without the whole NixOS VM stack. @7c6f434c already proposed such a system. This RFC currently handles none of these concerns. Only the addition of `meta.tests` as metadata to be used by maintainers to remember to run relevant tests.
126 lines
3.9 KiB
Nix
126 lines
3.9 KiB
Nix
import ./make-test.nix {
|
|
name = "opensmtpd";
|
|
|
|
nodes = {
|
|
smtp1 = { pkgs, ... }: {
|
|
imports = [ common/user-account.nix ];
|
|
networking = {
|
|
firewall.allowedTCPPorts = [ 25 ];
|
|
useDHCP = false;
|
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
|
|
{ address = "192.168.1.1"; prefixLength = 24; }
|
|
];
|
|
};
|
|
environment.systemPackages = [ pkgs.opensmtpd ];
|
|
services.opensmtpd = {
|
|
enable = true;
|
|
extraServerArgs = [ "-v" ];
|
|
serverConfiguration = ''
|
|
listen on 0.0.0.0
|
|
action do_relay relay
|
|
# DO NOT DO THIS IN PRODUCTION!
|
|
# Setting up authentication requires a certificate which is painful in
|
|
# a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A
|
|
# WELL-CONTROLLED ENVIRONMENT!
|
|
match from any for any action do_relay
|
|
'';
|
|
};
|
|
};
|
|
|
|
smtp2 = { pkgs, ... }: {
|
|
imports = [ common/user-account.nix ];
|
|
networking = {
|
|
firewall.allowedTCPPorts = [ 25 143 ];
|
|
useDHCP = false;
|
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
|
|
{ address = "192.168.1.2"; prefixLength = 24; }
|
|
];
|
|
};
|
|
environment.systemPackages = [ pkgs.opensmtpd ];
|
|
services.opensmtpd = {
|
|
enable = true;
|
|
extraServerArgs = [ "-v" ];
|
|
serverConfiguration = ''
|
|
listen on 0.0.0.0
|
|
action dovecot_deliver mda \
|
|
"${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}"
|
|
match from any for local action dovecot_deliver
|
|
'';
|
|
};
|
|
services.dovecot2 = {
|
|
enable = true;
|
|
enableImap = true;
|
|
mailLocation = "maildir:~/mail";
|
|
protocols = [ "imap" ];
|
|
};
|
|
};
|
|
|
|
client = { pkgs, ... }: {
|
|
networking = {
|
|
useDHCP = false;
|
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
|
|
{ address = "192.168.1.3"; prefixLength = 24; }
|
|
];
|
|
};
|
|
environment.systemPackages = let
|
|
sendTestMail = pkgs.writeScriptBin "send-a-test-mail" ''
|
|
#!${pkgs.python3.interpreter}
|
|
import smtplib, sys
|
|
|
|
with smtplib.SMTP('192.168.1.1') as smtp:
|
|
smtp.sendmail('alice@[192.168.1.1]', 'bob@[192.168.1.2]', """
|
|
From: alice@smtp1
|
|
To: bob@smtp2
|
|
Subject: Test
|
|
|
|
Hello World
|
|
""")
|
|
'';
|
|
|
|
checkMailLanded = pkgs.writeScriptBin "check-mail-landed" ''
|
|
#!${pkgs.python3.interpreter}
|
|
import imaplib
|
|
|
|
with imaplib.IMAP4('192.168.1.2', 143) as imap:
|
|
imap.login('bob', 'foobar')
|
|
imap.select()
|
|
status, refs = imap.search(None, 'ALL')
|
|
assert status == 'OK'
|
|
assert len(refs) == 1
|
|
status, msg = imap.fetch(refs[0], 'BODY[TEXT]')
|
|
assert status == 'OK'
|
|
content = msg[0][1]
|
|
print("===> content:", content)
|
|
split = content.split(b'\r\n')
|
|
print("===> split:", split)
|
|
lastline = split[-3]
|
|
print("===> lastline:", lastline)
|
|
assert lastline.strip() == b'Hello World'
|
|
'';
|
|
in [ sendTestMail checkMailLanded ];
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
startAll;
|
|
|
|
$client->waitForUnit("network-online.target");
|
|
$smtp1->waitForUnit('opensmtpd');
|
|
$smtp2->waitForUnit('opensmtpd');
|
|
$smtp2->waitForUnit('dovecot2');
|
|
|
|
# To prevent sporadic failures during daemon startup, make sure
|
|
# services are listening on their ports before sending requests
|
|
$smtp1->waitForOpenPort(25);
|
|
$smtp2->waitForOpenPort(25);
|
|
$smtp2->waitForOpenPort(143);
|
|
|
|
$client->succeed('send-a-test-mail');
|
|
$smtp1->waitUntilFails('smtpctl show queue | egrep .');
|
|
$smtp2->waitUntilFails('smtpctl show queue | egrep .');
|
|
$client->succeed('check-mail-landed >&2');
|
|
'';
|
|
|
|
meta.timeout = 30;
|
|
}
|