1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
# Test whether `networking.proxy' work as expected.
# TODO: use a real proxy node and put this test into networking.nix
# TODO: test whether nix tools work as expected behind a proxy
let default-config = {
imports = [ ./common/user-account.nix ];
services.xserver.enable = false;
virtualisation.memorySize = 128;
};
in import ./make-test-python.nix ({ pkgs, ...} : {
name = "networking-proxy";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ ];
};
nodes = {
# no proxy
machine =
{ ... }:
default-config;
# proxy default
machine2 =
{ ... }:
default-config // {
networking.proxy.default = "http://user:pass@host:port";
};
# specific proxy options
machine3 =
{ ... }:
default-config //
{
networking.proxy = {
# useless because overriden by the next options
default = "http://user:pass@host:port";
# advanced proxy setup
httpProxy = "123-http://user:pass@http-host:port";
httpsProxy = "456-http://user:pass@https-host:port";
rsyncProxy = "789-http://user:pass@rsync-host:port";
ftpProxy = "101112-http://user:pass@ftp-host:port";
noProxy = "131415-127.0.0.1,localhost,.localdomain";
};
};
# mix default + proxy options
machine4 =
{ ... }:
default-config // {
networking.proxy = {
# open for all *_proxy env var
default = "000-http://user:pass@default-host:port";
# except for those 2
rsyncProxy = "123-http://user:pass@http-host:port";
noProxy = "131415-127.0.0.1,localhost,.localdomain";
};
};
};
testScript =
''
from typing import Dict, Optional
def get_machine_env(machine: Machine, user: Optional[str] = None) -> Dict[str, str]:
"""
Gets the environment from a given machine, and returns it as a
dictionary in the form:
{"lowercase_var_name": "value"}
Duplicate environment variables with the same name
(e.g. "foo" and "FOO") are handled in an undefined manner.
"""
if user is not None:
env = machine.succeed("su - {} -c 'env -0'".format(user))
else:
env = machine.succeed("env -0")
ret = {}
for line in env.split("\0"):
if "=" not in line:
continue
key, val = line.split("=", 1)
ret[key.lower()] = val
return ret
start_all()
with subtest("no proxy"):
assert "proxy" not in machine.succeed("env").lower()
assert "proxy" not in machine.succeed("su - alice -c env").lower()
with subtest("default proxy"):
assert "proxy" in machine2.succeed("env").lower()
assert "proxy" in machine2.succeed("su - alice -c env").lower()
with subtest("explicitly-set proxy"):
env = get_machine_env(machine3)
assert "123" in env["http_proxy"]
assert "456" in env["https_proxy"]
assert "789" in env["rsync_proxy"]
assert "101112" in env["ftp_proxy"]
assert "131415" in env["no_proxy"]
env = get_machine_env(machine3, "alice")
assert "123" in env["http_proxy"]
assert "456" in env["https_proxy"]
assert "789" in env["rsync_proxy"]
assert "101112" in env["ftp_proxy"]
assert "131415" in env["no_proxy"]
with subtest("default proxy + some other specifics"):
env = get_machine_env(machine4)
assert "000" in env["http_proxy"]
assert "000" in env["https_proxy"]
assert "123" in env["rsync_proxy"]
assert "000" in env["ftp_proxy"]
assert "131415" in env["no_proxy"]
env = get_machine_env(machine4, "alice")
assert "000" in env["http_proxy"]
assert "000" in env["https_proxy"]
assert "123" in env["rsync_proxy"]
assert "000" in env["ftp_proxy"]
assert "131415" in env["no_proxy"]
'';
})
|