mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-10-18 11:43:17 +02:00
Merge pull request #98620 from rnhmjoj/ncdns
nixos/tests/ncdns: more tests and disable DNSSEC
This commit is contained in:
commit
a0563ded10
|
@ -1,4 +1,4 @@
|
||||||
import ./make-test-python.nix ({ pkgs, ... }:
|
import ./make-test-python.nix ({ lib, pkgs, ... }:
|
||||||
let
|
let
|
||||||
fakeReply = pkgs.writeText "namecoin-reply.json" ''
|
fakeReply = pkgs.writeText "namecoin-reply.json" ''
|
||||||
{ "error": null,
|
{ "error": null,
|
||||||
|
@ -15,10 +15,18 @@ let
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# Disabled because DNSSEC does not currently validate,
|
||||||
|
# see https://github.com/namecoin/ncdns/issues/127
|
||||||
|
dnssec = false;
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
name = "ncdns";
|
name = "ncdns";
|
||||||
|
meta = with pkgs.stdenv.lib.maintainers; {
|
||||||
|
maintainers = [ rnhmjoj ];
|
||||||
|
};
|
||||||
|
|
||||||
nodes.server = { ... }: {
|
nodes.server = { ... }: {
|
||||||
networking.nameservers = [ "127.0.0.1" ];
|
networking.nameservers = [ "127.0.0.1" ];
|
||||||
|
@ -44,13 +52,15 @@ in
|
||||||
|
|
||||||
services.ncdns = {
|
services.ncdns = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dnssec.enable = true;
|
dnssec.enable = dnssec;
|
||||||
|
identity.hostname = "example.com";
|
||||||
|
identity.hostmaster = "root@example.com";
|
||||||
|
identity.address = "1.0.0.1";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.pdns-recursor = {
|
services.pdns-recursor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dns.allowFrom = [ "127.0.0.0/8" ];
|
dns.allowFrom = [ "127.0.0.0/8" ];
|
||||||
settings.loglevel = 8;
|
|
||||||
resolveNamecoin = true;
|
resolveNamecoin = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -58,7 +68,8 @@ in
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
testScript = ''
|
testScript =
|
||||||
|
(lib.optionalString dnssec ''
|
||||||
with subtest("DNSSEC keys have been generated"):
|
with subtest("DNSSEC keys have been generated"):
|
||||||
server.wait_for_unit("ncdns")
|
server.wait_for_unit("ncdns")
|
||||||
server.wait_for_file("/var/lib/ncdns/bit.key")
|
server.wait_for_file("/var/lib/ncdns/bit.key")
|
||||||
|
@ -68,10 +79,18 @@ in
|
||||||
server.wait_for_unit("pdns-recursor")
|
server.wait_for_unit("pdns-recursor")
|
||||||
server.wait_for_open_port("53")
|
server.wait_for_open_port("53")
|
||||||
server.succeed("host -t DNSKEY bit")
|
server.succeed("host -t DNSKEY bit")
|
||||||
|
'') +
|
||||||
|
''
|
||||||
with subtest("can resolve a .bit name"):
|
with subtest("can resolve a .bit name"):
|
||||||
server.wait_for_unit("namecoind")
|
server.wait_for_unit("namecoind")
|
||||||
|
server.wait_for_unit("ncdns")
|
||||||
server.wait_for_open_port("8332")
|
server.wait_for_open_port("8332")
|
||||||
assert "1.2.3.4" in server.succeed("host -t A test.bit")
|
assert "1.2.3.4" in server.succeed("dig @localhost -p 5333 test.bit")
|
||||||
|
|
||||||
|
with subtest("SOA record has identity information"):
|
||||||
|
assert "example.com" in server.succeed("dig SOA @localhost -p 5333 bit")
|
||||||
|
|
||||||
|
with subtest("bit. zone forwarding works"):
|
||||||
|
assert "1.2.3.4" in server.succeed("host test.bit")
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue