forked from mirrors/nixpkgs
109 lines
3.5 KiB
Nix
109 lines
3.5 KiB
Nix
let
|
|
certs = import ./common/acme/server/snakeoil-certs.nix;
|
|
domain = certs.domain;
|
|
in
|
|
import ./make-test-python.nix ({ pkgs, ... }: {
|
|
name = "alps";
|
|
meta = with pkgs.lib.maintainers; {
|
|
maintainers = [ hmenke ];
|
|
};
|
|
|
|
nodes = {
|
|
server = {
|
|
imports = [ ./common/user-account.nix ];
|
|
security.pki.certificateFiles = [
|
|
certs.ca.cert
|
|
];
|
|
networking.extraHosts = ''
|
|
127.0.0.1 ${domain}
|
|
'';
|
|
networking.firewall.allowedTCPPorts = [ 25 465 993 ];
|
|
services.postfix = {
|
|
enable = true;
|
|
enableSubmission = true;
|
|
enableSubmissions = true;
|
|
tlsTrustedAuthorities = "${certs.ca.cert}";
|
|
sslCert = "${certs.${domain}.cert}";
|
|
sslKey = "${certs.${domain}.key}";
|
|
};
|
|
services.dovecot2 = {
|
|
enable = true;
|
|
enableImap = true;
|
|
sslCACert = "${certs.ca.cert}";
|
|
sslServerCert = "${certs.${domain}.cert}";
|
|
sslServerKey = "${certs.${domain}.key}";
|
|
};
|
|
};
|
|
|
|
client = { nodes, config, ... }: {
|
|
security.pki.certificateFiles = [
|
|
certs.ca.cert
|
|
];
|
|
networking.extraHosts = ''
|
|
${nodes.server.config.networking.primaryIPAddress} ${domain}
|
|
'';
|
|
services.alps = {
|
|
enable = true;
|
|
theme = "alps";
|
|
imaps = {
|
|
host = domain;
|
|
port = 993;
|
|
};
|
|
smtps = {
|
|
host = domain;
|
|
port = 465;
|
|
};
|
|
};
|
|
environment.systemPackages = [
|
|
(pkgs.writers.writePython3Bin "test-alps-login" { } ''
|
|
from urllib.request import build_opener, HTTPCookieProcessor, Request
|
|
from urllib.parse import urlencode, urljoin
|
|
from http.cookiejar import CookieJar
|
|
|
|
baseurl = "http://localhost:${toString config.services.alps.port}"
|
|
username = "alice"
|
|
password = "${nodes.server.config.users.users.alice.password}"
|
|
cookiejar = CookieJar()
|
|
cookieprocessor = HTTPCookieProcessor(cookiejar)
|
|
opener = build_opener(cookieprocessor)
|
|
|
|
data = urlencode({"username": username, "password": password}).encode()
|
|
req = Request(urljoin(baseurl, "login"), data=data, method="POST")
|
|
with opener.open(req) as ret:
|
|
# Check that the alps_session cookie is set
|
|
print(cookiejar)
|
|
assert any(cookie.name == "alps_session" for cookie in cookiejar)
|
|
|
|
req = Request(baseurl)
|
|
with opener.open(req) as ret:
|
|
# Check that the alps_session cookie is still there...
|
|
print(cookiejar)
|
|
assert any(cookie.name == "alps_session" for cookie in cookiejar)
|
|
# ...and that we have not been redirected back to the login page
|
|
print(ret.url)
|
|
assert ret.url == urljoin(baseurl, "mailbox/INBOX")
|
|
|
|
req = Request(urljoin(baseurl, "logout"))
|
|
with opener.open(req) as ret:
|
|
# Check that the alps_session cookie is now gone
|
|
print(cookiejar)
|
|
assert all(cookie.name != "alps_session" for cookie in cookiejar)
|
|
'')
|
|
];
|
|
};
|
|
};
|
|
|
|
testScript = { nodes, ... }: ''
|
|
server.start()
|
|
server.wait_for_unit("postfix.service")
|
|
server.wait_for_unit("dovecot2.service")
|
|
server.wait_for_open_port(465)
|
|
server.wait_for_open_port(993)
|
|
|
|
client.start()
|
|
client.wait_for_unit("alps.service")
|
|
client.wait_for_open_port(${toString nodes.client.config.services.alps.port})
|
|
client.succeed("test-alps-login")
|
|
'';
|
|
})
|