about summary refs log tree commit diff
path: root/nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix')
-rw-r--r--nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix41
1 files changed, 41 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix b/nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix
new file mode 100644
index 000000000000..2a6c85a3a920
--- /dev/null
+++ b/nixpkgs/nixos/tests/postfix-raise-smtpd-tls-security-level.nix
@@ -0,0 +1,41 @@
+import ./make-test-python.nix {
+  name = "postfix";
+
+  nodes.machine = { pkgs, ... }: {
+    imports = [ common/user-account.nix ];
+    services.postfix = {
+      enable = true;
+      enableSubmissions = true;
+      submissionsOptions = {
+        smtpd_tls_security_level = "none";
+      };
+    };
+
+    environment.systemPackages = let
+      checkConfig = pkgs.writeScriptBin "check-config" ''
+        #!${pkgs.python3.interpreter}
+        import sys
+
+        state = 1
+        success = False
+
+        with open("/etc/postfix/master.cf") as masterCf:
+          for line in masterCf:
+            if state == 1 and line.startswith("submissions"):
+              state = 2
+            elif state == 2 and line.startswith(" ") and "smtpd_tls_security_level=encrypt" in line:
+              success = True
+            elif state == 2 and not line.startswith(" "):
+              state == 3
+        if not success:
+          sys.exit(1)
+      '';
+
+    in [ checkConfig ];
+  };
+
+  testScript = ''
+    machine.wait_for_unit("postfix.service")
+    machine.succeed("check-config")
+  '';
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-09 16:49:10 +0000