summary refs log blame commit diff
path: root/nixos/tests/rspamd.nix
blob: a12622b6aa0b84bc7572afb5625a665997a11c21 (plain) (tree) 
27ee0b9099e ^















783a58f363f ^

27ee0b9099e ^


783a58f363f ^

27ee0b9099e ^










908fc5e14b5 ^

27ee0b9099e ^










783a58f363f ^


908fc5e14b5 ^


27ee0b9099e ^













908fc5e14b5 ^

908fc5e14b5 ^










908fc5e14b5 ^





















27ee0b9099e ^





1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

16

17
18

19

20
21
22
23
24
25
26
27
28
29

30

31
32
33
34
35
36
37
38
39
40

41
42

43
44

45
46
47
48
49
50
51
52
53
54
55
56
57

58

59
60
61
62
63
64
65
66
67
68

69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

90
91
92
93
94















                                                                            
                                       

                            
                                    









                                                                       
                                                               









                                                                           

                                     

                               












                                                                                    
                                                               









                                                                                                           




















                                                                   




                                                                                                           
{ system ? builtins.currentSystem }:
with import ../lib/testing.nix { inherit system; };
with pkgs.lib;
let
  initMachine = ''
    startAll
    $machine->waitForUnit("rspamd.service");
    $machine->succeed("id \"rspamd\" >/dev/null");
  '';
  checkSocket = socket: user: group: mode: ''
    $machine->succeed("ls ${socket} >/dev/null");
    $machine->succeed("[[ \"\$(stat -c %U ${socket})\" == \"${user}\" ]]");
    $machine->succeed("[[ \"\$(stat -c %G ${socket})\" == \"${group}\" ]]");
    $machine->succeed("[[ \"\$(stat -c %a ${socket})\" == \"${mode}\" ]]");
  '';
  simple = name: enableIPv6: makeTest {
    name = "rspamd-${name}";
    machine = {
      services.rspamd.enable = true;
      networking.enableIPv6 = enableIPv6;
    };
    testScript = ''
      startAll
      $machine->waitForUnit("multi-user.target");
      $machine->waitForOpenPort(11334);
      $machine->waitForUnit("rspamd.service");
      $machine->succeed("id \"rspamd\" >/dev/null");
      ${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "660" }
      sleep 10;
      $machine->log($machine->succeed("cat /etc/rspamd.conf"));
      $machine->log($machine->succeed("systemctl cat rspamd.service"));
      $machine->log($machine->succeed("curl http://localhost:11334/auth"));
      $machine->log($machine->succeed("curl http://127.0.0.1:11334/auth"));
      ${optionalString enableIPv6 ''
        $machine->log($machine->succeed("curl http://[::1]:11334/auth"));
      ''}
    '';
  };
in
{
  simple = simple "simple" true;
  ipv4only = simple "ipv4only" false;
  deprecated = makeTest {
    name = "rspamd-deprecated";
    machine = {
      services.rspamd = {
        enable = true;
        bindSocket = [ "/run/rspamd.sock mode=0600 user=root group=root" ];
        bindUISocket = [ "/run/rspamd-worker.sock mode=0666 user=root group=root" ];
      };
    };

    testScript = ''
      ${initMachine}
      $machine->waitForFile("/run/rspamd.sock");
      ${checkSocket "/run/rspamd.sock" "root" "root" "600" }
      ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
      $machine->log($machine->succeed("cat /etc/rspamd.conf"));
      $machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat"));
      $machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping"));
    '';
  };

  bindports = makeTest {
    name = "rspamd-bindports";
    machine = {
      services.rspamd = {
        enable = true;
        workers.normal.bindSockets = [{
          socket = "/run/rspamd.sock";
          mode = "0600";
          owner = "root";
          group = "root";
        }];
        workers.controller.bindSockets = [{
          socket = "/run/rspamd-worker.sock";
          mode = "0666";
          owner = "root";
          group = "root";
        }];
      };
    };

    testScript = ''
      ${initMachine}
      $machine->waitForFile("/run/rspamd.sock");
      ${checkSocket "/run/rspamd.sock" "root" "root" "600" }
      ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
      $machine->log($machine->succeed("cat /etc/rspamd.conf"));
      $machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat"));
      $machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping"));
    '';
  };
}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 06:22:55 +0000