diff options
| author | joachifm <joachifm@users.noreply.github.com> | 2016-03-11 11:22:41 +0000 |
|---|---|---|
| committer | joachifm <joachifm@users.noreply.github.com> | 2016-03-11 11:22:41 +0000 |
| commit | 0f6e93d9d04762da2385b2bb4837139077f91183 (patch) | |
| tree | fcd56b9510db2720e15144fa1f601f9948a0b42b /nixos | |
| parent | da739e278d5bf1a07ed2492729bc4a004e102e46 (diff) | |
| parent | 19492185fa1b4f76692978c17d92c03109abb02b (diff) | |
| download | nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar.gz nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar.bz2 nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar.lz nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar.xz nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.tar.zst nixlib-0f6e93d9d04762da2385b2bb4837139077f91183.zip | |
Merge pull request #13780 from joachifm/dnscrypt-vmtest-for-upstream
nixos/tests: implement dnscrypt-proxy test
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/release.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/dnscrypt-proxy.nix | 32 |
2 files changed, 33 insertions, 0 deletions
diff --git a/nixos/release.nix b/nixos/release.nix index 069cf3727de7..101f68a43f7b 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -240,6 +240,7 @@ in rec { tests.containers = callTest tests/containers.nix {}; tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; }); tests.dockerRegistry = hydraJob (import tests/docker-registry.nix { system = "x86_64-linux"; }); + tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; }; tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; }); tests.ec2-nixops = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-nixops; tests.ec2-config = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-config; diff --git a/nixos/tests/dnscrypt-proxy.nix b/nixos/tests/dnscrypt-proxy.nix new file mode 100644 index 000000000000..20ec3a333e77 --- /dev/null +++ b/nixos/tests/dnscrypt-proxy.nix @@ -0,0 +1,32 @@ +import ./make-test.nix ({ pkgs, ... }: { + name = "dnscrypt-proxy"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ joachifm ]; + }; + + nodes = { + # A client running the recommended setup: DNSCrypt proxy as a forwarder + # for a caching DNS client. + client = + { config, pkgs, ... }: + let localProxyPort = 43; in + { + security.apparmor.enable = true; + + services.dnscrypt-proxy.enable = true; + services.dnscrypt-proxy.localPort = localProxyPort; + + services.dnsmasq.enable = true; + services.dnsmasq.servers = [ "127.0.0.1#${toString localProxyPort}" ]; + }; + }; + + testScript = '' + $client->start; + $client->waitForUnit("multi-user.target"); + + # The daemon is socket activated; sending a single ping should activate it. + $client->execute("${pkgs.iputils}/bin/ping -c1 example.com"); + $client->succeed("systemctl is-active dnscrypt-proxy.service"); + ''; +}) |