diff options
author | Eric Wolf <1983821+typetetris@users.noreply.github.com> | 2020-07-06 03:37:56 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-06 03:37:56 +0200 |
commit | 8af58eda1202bc9df98add36dbca118f88a2b0b7 (patch) | |
tree | 5f56c333b2fe00fcdf7d4139686f17cbf8c9b9bc /nixos/tests/postfix.nix | |
parent | 152a29fef8d7856a68bfc6dbe2d16d38a01dc261 (diff) | |
download | nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar.gz nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar.bz2 nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar.lz nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar.xz nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.tar.zst nixpkgs-8af58eda1202bc9df98add36dbca118f88a2b0b7.zip |
postfix: Add submissions option for postfix and test (#91691)
RFC 8314 suggests, for end user submission of mails, SMTP over TLS on port 465 should be used. Closes #91690
Diffstat (limited to 'nixos/tests/postfix.nix')
-rw-r--r-- | nixos/tests/postfix.nix | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/nixos/tests/postfix.nix b/nixos/tests/postfix.nix new file mode 100644 index 00000000000..0d677427d76 --- /dev/null +++ b/nixos/tests/postfix.nix @@ -0,0 +1,76 @@ +let + certs = import ./common/acme/server/snakeoil-certs.nix; +in +import ./make-test-python.nix { + name = "postfix"; + + machine = { pkgs, ... }: { + imports = [ common/user-account.nix ]; + services.postfix = { + enable = true; + enableSubmission = true; + enableSubmissions = true; + sslCACert = certs.ca.cert; + sslCert = certs."acme.test".cert; + sslKey = certs."acme.test".key; + submissionsOptions = { + smtpd_sasl_auth_enable = "yes"; + smtpd_client_restrictions = "permit"; + milter_macro_daemon_name = "ORIGINATING"; + }; + }; + + security.pki.certificateFiles = [ + certs.ca.cert + ]; + + networking.extraHosts = '' + 127.0.0.1 acme.test + ''; + + environment.systemPackages = let + sendTestMail = pkgs.writeScriptBin "send-testmail" '' + #!${pkgs.python3.interpreter} + import smtplib + + with smtplib.SMTP('acme.test') as smtp: + smtp.sendmail('root@localhost', 'alice@localhost', 'Subject: Test\n\nTest data.') + smtp.quit() + ''; + + sendTestMailStarttls = pkgs.writeScriptBin "send-testmail-starttls" '' + #!${pkgs.python3.interpreter} + import smtplib + import ssl + + ctx = ssl.create_default_context() + + with smtplib.SMTP('acme.test') as smtp: + smtp.ehlo() + smtp.starttls(context=ctx) + smtp.ehlo() + smtp.sendmail('root@localhost', 'alice@localhost', 'Subject: Test STARTTLS\n\nTest data.') + smtp.quit() + ''; + + sendTestMailSmtps = pkgs.writeScriptBin "send-testmail-smtps" '' + #!${pkgs.python3.interpreter} + import smtplib + import ssl + + ctx = ssl.create_default_context() + + with smtplib.SMTP_SSL(host='acme.test', context=ctx) as smtp: + smtp.sendmail('root@localhost', 'alice@localhost', 'Subject: Test SMTPS\n\nTest data.') + smtp.quit() + ''; + in [ sendTestMail sendTestMailStarttls sendTestMailSmtps ]; + }; + + testScript = '' + machine.wait_for_unit("postfix.service") + machine.succeed("send-testmail") + machine.succeed("send-testmail-starttls") + machine.succeed("send-testmail-smtps") + ''; +} |