diff options
author | Lucas Savva <lucas@m1cr0man.com> | 2021-12-04 19:01:18 +0000 |
---|---|---|
committer | Lucas Savva <lucas@m1cr0man.com> | 2021-12-26 16:49:57 +0000 |
commit | 41fb8d71ab5d92118eec5f056d3ce7e8f370a652 (patch) | |
tree | c8299c00c480167274f527e5a224b8270069b3bf /nixos/tests/acme.nix | |
parent | 8d01b0862d3d52d72539cff65a405c09d864f82f (diff) | |
download | nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar.gz nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar.bz2 nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar.lz nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar.xz nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.tar.zst nixpkgs-41fb8d71ab5d92118eec5f056d3ce7e8f370a652.zip |
nixos/acme: Add useRoot option
Diffstat (limited to 'nixos/tests/acme.nix')
-rw-r--r-- | nixos/tests/acme.nix | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index 549fa9e64ee..a4ed8fa67bf 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -232,6 +232,13 @@ in { } ]; + use-root.configuration = { ... }: lib.mkMerge [ + webserverBasicConfig + { + security.acme.useRoot = true; + } + ]; + # Test compatibility with Nginx } // (mkServerConfigs { server = "nginx"; @@ -450,6 +457,12 @@ in { webserver.wait_for_unit("nginx.service") check_connection(client, "slow.example.com") + with subtest("Can set useRoot to true and still use certs normally"): + switch_to(webserver, "use-root") + webserver.wait_for_unit("nginx.service") + webserver.succeed("test \"$(stat -c '%U' /var/lib/acme/* | uniq)\" = \"root\"") + check_connection(client, "a.example.com") + domains = ["http", "dns", "wildcard"] for server, logsrc in [ ("nginx", "journalctl -n 30 -u nginx.service"), |