diff options
Diffstat (limited to 'nixos/tests/dnscrypt-proxy2.nix')
-rw-r--r-- | nixos/tests/dnscrypt-proxy2.nix | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/nixos/tests/dnscrypt-proxy2.nix b/nixos/tests/dnscrypt-proxy2.nix new file mode 100644 index 00000000000..1ba5d983e9b --- /dev/null +++ b/nixos/tests/dnscrypt-proxy2.nix @@ -0,0 +1,36 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "dnscrypt-proxy2"; + meta = with pkgs.lib.maintainers; { + maintainers = [ joachifm ]; + }; + + nodes = { + # A client running the recommended setup: DNSCrypt proxy as a forwarder + # for a caching DNS client. + client = + { ... }: + let localProxyPort = 43; in + { + security.apparmor.enable = true; + + services.dnscrypt-proxy2.enable = true; + services.dnscrypt-proxy2.settings = { + listen_addresses = [ "127.0.0.1:${toString localProxyPort}" ]; + sources.public-resolvers = { + urls = [ "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md" ]; + cache_file = "public-resolvers.md"; + minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + refresh_delay = 72; + }; + }; + + services.dnsmasq.enable = true; + services.dnsmasq.servers = [ "127.0.0.1#${toString localProxyPort}" ]; + }; + }; + + testScript = '' + client.wait_for_unit("dnsmasq") + client.wait_for_unit("dnscrypt-proxy2") + ''; +}) |