diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 11502e8163ac..644f0af36037 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -161,7 +161,7 @@ in { alice-lg = runTest ./alice-lg.nix; alloy = runTest ./alloy.nix; allTerminfo = runTest ./all-terminfo.nix; - alps = handleTest ./alps.nix {}; + alps = runTest ./alps.nix; amazon-cloudwatch-agent = handleTest ./amazon-cloudwatch-agent.nix {}; amazon-init-shell = handleTest ./amazon-init-shell.nix {}; amazon-ssm-agent = handleTest ./amazon-ssm-agent.nix {}; diff --git a/nixos/tests/alps.nix b/nixos/tests/alps.nix index 3e990cea8035..fd4ee51e6e20 100644 --- a/nixos/tests/alps.nix +++ b/nixos/tests/alps.nix @@ -2,118 +2,116 @@ let certs = import ./common/acme/server/snakeoil-certs.nix; domain = certs.domain; in -import ./make-test-python.nix ( - { pkgs, ... }: - { - name = "alps"; - meta = with pkgs.lib.maintainers; { - maintainers = [ hmenke ]; +{ pkgs, ... }: +{ + name = "alps"; + meta = with pkgs.lib.maintainers; { + maintainers = [ hmenke ]; + }; + + nodes = { + server = { + imports = [ ./common/user-account.nix ]; + security.pki.certificateFiles = [ + certs.ca.cert + ]; + networking.extraHosts = '' + 127.0.0.1 ${domain} + ''; + networking.firewall.allowedTCPPorts = [ + 25 + 465 + 993 + ]; + services.postfix = { + enable = true; + enableSubmission = true; + enableSubmissions = true; + tlsTrustedAuthorities = "${certs.ca.cert}"; + sslCert = "${certs.${domain}.cert}"; + sslKey = "${certs.${domain}.key}"; + }; + services.dovecot2 = { + enable = true; + enableImap = true; + sslCACert = "${certs.ca.cert}"; + sslServerCert = "${certs.${domain}.cert}"; + sslServerKey = "${certs.${domain}.key}"; + }; }; - nodes = { - server = { - imports = [ ./common/user-account.nix ]; + client = + { nodes, config, ... }: + { security.pki.certificateFiles = [ certs.ca.cert ]; networking.extraHosts = '' - 127.0.0.1 ${domain} + ${nodes.server.config.networking.primaryIPAddress} ${domain} ''; - networking.firewall.allowedTCPPorts = [ - 25 - 465 - 993 - ]; - services.postfix = { + services.alps = { enable = true; - enableSubmission = true; - enableSubmissions = true; - tlsTrustedAuthorities = "${certs.ca.cert}"; - sslCert = "${certs.${domain}.cert}"; - sslKey = "${certs.${domain}.key}"; - }; - services.dovecot2 = { - enable = true; - enableImap = true; - sslCACert = "${certs.ca.cert}"; - sslServerCert = "${certs.${domain}.cert}"; - sslServerKey = "${certs.${domain}.key}"; - }; - }; - - client = - { nodes, config, ... }: - { - security.pki.certificateFiles = [ - certs.ca.cert - ]; - networking.extraHosts = '' - ${nodes.server.config.networking.primaryIPAddress} ${domain} - ''; - services.alps = { - enable = true; - theme = "alps"; - imaps = { - host = domain; - port = 993; - }; - smtps = { - host = domain; - port = 465; - }; + theme = "alps"; + imaps = { + host = domain; + port = 993; + }; + smtps = { + host = domain; + port = 465; }; - environment.systemPackages = [ - (pkgs.writers.writePython3Bin "test-alps-login" { } '' - from urllib.request import build_opener, HTTPCookieProcessor, Request - from urllib.parse import urlencode, urljoin - from http.cookiejar import CookieJar - - baseurl = "http://localhost:${toString config.services.alps.port}" - username = "alice" - password = "${nodes.server.config.users.users.alice.password}" - cookiejar = CookieJar() - cookieprocessor = HTTPCookieProcessor(cookiejar) - opener = build_opener(cookieprocessor) - - data = urlencode({"username": username, "password": password}).encode() - req = Request(urljoin(baseurl, "login"), data=data, method="POST") - with opener.open(req) as ret: - # Check that the alps_session cookie is set - print(cookiejar) - assert any(cookie.name == "alps_session" for cookie in cookiejar) - - req = Request(baseurl) - with opener.open(req) as ret: - # Check that the alps_session cookie is still there... - print(cookiejar) - assert any(cookie.name == "alps_session" for cookie in cookiejar) - # ...and that we have not been redirected back to the login page - print(ret.url) - assert ret.url == urljoin(baseurl, "mailbox/INBOX") - - req = Request(urljoin(baseurl, "logout")) - with opener.open(req) as ret: - # Check that the alps_session cookie is now gone - print(cookiejar) - assert all(cookie.name != "alps_session" for cookie in cookiejar) - '') - ]; }; - }; + environment.systemPackages = [ + (pkgs.writers.writePython3Bin "test-alps-login" { } '' + from urllib.request import build_opener, HTTPCookieProcessor, Request + from urllib.parse import urlencode, urljoin + from http.cookiejar import CookieJar - testScript = - { nodes, ... }: - '' - server.start() - server.wait_for_unit("postfix.service") - server.wait_for_unit("dovecot2.service") - server.wait_for_open_port(465) - server.wait_for_open_port(993) + baseurl = "http://localhost:${toString config.services.alps.port}" + username = "alice" + password = "${nodes.server.config.users.users.alice.password}" + cookiejar = CookieJar() + cookieprocessor = HTTPCookieProcessor(cookiejar) + opener = build_opener(cookieprocessor) - client.start() - client.wait_for_unit("alps.service") - client.wait_for_open_port(${toString nodes.client.config.services.alps.port}) - client.succeed("test-alps-login") - ''; - } -) + data = urlencode({"username": username, "password": password}).encode() + req = Request(urljoin(baseurl, "login"), data=data, method="POST") + with opener.open(req) as ret: + # Check that the alps_session cookie is set + print(cookiejar) + assert any(cookie.name == "alps_session" for cookie in cookiejar) + + req = Request(baseurl) + with opener.open(req) as ret: + # Check that the alps_session cookie is still there... + print(cookiejar) + assert any(cookie.name == "alps_session" for cookie in cookiejar) + # ...and that we have not been redirected back to the login page + print(ret.url) + assert ret.url == urljoin(baseurl, "mailbox/INBOX") + + req = Request(urljoin(baseurl, "logout")) + with opener.open(req) as ret: + # Check that the alps_session cookie is now gone + print(cookiejar) + assert all(cookie.name != "alps_session" for cookie in cookiejar) + '') + ]; + }; + }; + + testScript = + { nodes, ... }: + '' + server.start() + server.wait_for_unit("postfix.service") + server.wait_for_unit("dovecot2.service") + server.wait_for_open_port(465) + server.wait_for_open_port(993) + + client.start() + client.wait_for_unit("alps.service") + client.wait_for_open_port(${toString nodes.client.config.services.alps.port}) + client.succeed("test-alps-login") + ''; +}