diff --git a/nixos/release.nix b/nixos/release.nix index e494fa35029f..0d3ae997469f 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -364,6 +364,7 @@ in rec { tests.nsd = callTest tests/nsd.nix {}; tests.openssh = callTest tests/openssh.nix {}; tests.openldap = callTest tests/openldap.nix {}; + tests.opensmtpd = callTest tests/opensmtpd.nix {}; tests.owncloud = callTest tests/owncloud.nix {}; tests.pam-oath-login = callTest tests/pam-oath-login.nix {}; tests.peerflix = callTest tests/peerflix.nix {}; diff --git a/nixos/tests/opensmtpd.nix b/nixos/tests/opensmtpd.nix new file mode 100644 index 000000000000..5079779f35b4 --- /dev/null +++ b/nixos/tests/opensmtpd.nix @@ -0,0 +1,115 @@ +import ./make-test.nix { + name = "opensmtpd"; + + nodes = { + smtp1 = { pkgs, ... }: { + imports = [ common/user-account.nix ]; + networking = { + firewall.allowedTCPPorts = [ 25 ]; + useDHCP = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = "192.168.1.1"; prefixLength = 24; } + ]; + }; + environment.systemPackages = [ pkgs.opensmtpd ]; + services.opensmtpd = { + enable = true; + extraServerArgs = [ "-v" ]; + serverConfiguration = '' + listen on 0.0.0.0 + # DO NOT DO THIS IN PRODUCTION! + # Setting up authentication requires a certificate which is painful in + # a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A + # WELL-CONTROLLED ENVIRONMENT! + accept from any for any relay + ''; + }; + }; + + smtp2 = { pkgs, ... }: { + imports = [ common/user-account.nix ]; + networking = { + firewall.allowedTCPPorts = [ 25 143 ]; + useDHCP = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = "192.168.1.2"; prefixLength = 24; } + ]; + }; + environment.systemPackages = [ pkgs.opensmtpd ]; + services.opensmtpd = { + enable = true; + extraServerArgs = [ "-v" ]; + serverConfiguration = '' + listen on 0.0.0.0 + accept from any for local deliver to mda \ + "${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}" + ''; + }; + services.dovecot2 = { + enable = true; + enableImap = true; + mailLocation = "maildir:~/mail"; + protocols = [ "imap" ]; + }; + }; + + client = { pkgs, ... }: { + networking = { + useDHCP = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = "192.168.1.3"; prefixLength = 24; } + ]; + }; + environment.systemPackages = let + sendTestMail = pkgs.writeScriptBin "send-a-test-mail" '' + #!${pkgs.python3.interpreter} + import smtplib, sys + + with smtplib.SMTP('192.168.1.1') as smtp: + smtp.sendmail('alice@[192.168.1.1]', 'bob@[192.168.1.2]', """ + From: alice@smtp1 + To: bob@smtp2 + Subject: Test + + Hello World + """) + ''; + + checkMailLanded = pkgs.writeScriptBin "check-mail-landed" '' + #!${pkgs.python3.interpreter} + import imaplib + + with imaplib.IMAP4('192.168.1.2', 143) as imap: + imap.login('bob', 'foobar') + imap.select() + status, refs = imap.search(None, 'ALL') + assert status == 'OK' + assert len(refs) == 1 + status, msg = imap.fetch(refs[0], 'BODY[TEXT]') + assert status == 'OK' + content = msg[0][1] + print("===> content:", content) + split = content.split(b'\r\n') + print("===> split:", split) + lastline = split[-3] + print("===> lastline:", lastline) + assert lastline.strip() == b'Hello World' + ''; + in [ sendTestMail checkMailLanded ]; + }; + }; + + testScript = '' + startAll; + + $client->waitForUnit("network.target"); + $smtp1->waitForUnit('opensmtpd'); + $smtp2->waitForUnit('opensmtpd'); + $smtp2->waitForUnit('dovecot2'); + + $client->succeed('send-a-test-mail'); + $smtp1->waitUntilFails('smtpctl show queue | egrep .'); + $smtp2->waitUntilFails('smtpctl show queue | egrep .'); + $client->succeed('check-mail-landed >&2'); + ''; +}