vuls: init at 0.27.0
[NixPkgs.git] / nixos / tests / alps.nix
blob9756f2d4da155e61d9a1a515f2906b5079a07880
1 let
2   certs = import ./common/acme/server/snakeoil-certs.nix;
3   domain = certs.domain;
4 in
5 import ./make-test-python.nix ({ pkgs, ... }: {
6   name = "alps";
7   meta = with pkgs.lib.maintainers; {
8     maintainers = [ hmenke ];
9   };
11   nodes = {
12     server = {
13       imports = [ ./common/user-account.nix ];
14       security.pki.certificateFiles = [
15         certs.ca.cert
16       ];
17       networking.extraHosts = ''
18         127.0.0.1 ${domain}
19       '';
20       networking.firewall.allowedTCPPorts = [ 25 465 993 ];
21       services.postfix = {
22         enable = true;
23         enableSubmission = true;
24         enableSubmissions = true;
25         tlsTrustedAuthorities = "${certs.ca.cert}";
26         sslCert = "${certs.${domain}.cert}";
27         sslKey = "${certs.${domain}.key}";
28       };
29       services.dovecot2 = {
30         enable = true;
31         enableImap = true;
32         sslCACert = "${certs.ca.cert}";
33         sslServerCert = "${certs.${domain}.cert}";
34         sslServerKey = "${certs.${domain}.key}";
35       };
36     };
38     client = { nodes, config, ... }: {
39       security.pki.certificateFiles = [
40         certs.ca.cert
41       ];
42       networking.extraHosts = ''
43         ${nodes.server.config.networking.primaryIPAddress} ${domain}
44       '';
45       services.alps = {
46         enable = true;
47         theme = "alps";
48         imaps = {
49           host = domain;
50           port = 993;
51         };
52         smtps = {
53           host = domain;
54           port = 465;
55         };
56       };
57       environment.systemPackages = [
58         (pkgs.writers.writePython3Bin "test-alps-login" { } ''
59           from urllib.request import build_opener, HTTPCookieProcessor, Request
60           from urllib.parse import urlencode, urljoin
61           from http.cookiejar import CookieJar
63           baseurl = "http://localhost:${toString config.services.alps.port}"
64           username = "alice"
65           password = "${nodes.server.config.users.users.alice.password}"
66           cookiejar = CookieJar()
67           cookieprocessor = HTTPCookieProcessor(cookiejar)
68           opener = build_opener(cookieprocessor)
70           data = urlencode({"username": username, "password": password}).encode()
71           req = Request(urljoin(baseurl, "login"), data=data, method="POST")
72           with opener.open(req) as ret:
73               # Check that the alps_session cookie is set
74               print(cookiejar)
75               assert any(cookie.name == "alps_session" for cookie in cookiejar)
77           req = Request(baseurl)
78           with opener.open(req) as ret:
79               # Check that the alps_session cookie is still there...
80               print(cookiejar)
81               assert any(cookie.name == "alps_session" for cookie in cookiejar)
82               # ...and that we have not been redirected back to the login page
83               print(ret.url)
84               assert ret.url == urljoin(baseurl, "mailbox/INBOX")
86           req = Request(urljoin(baseurl, "logout"))
87           with opener.open(req) as ret:
88               # Check that the alps_session cookie is now gone
89               print(cookiejar)
90               assert all(cookie.name != "alps_session" for cookie in cookiejar)
91         '')
92       ];
93     };
94   };
96   testScript = { nodes, ... }: ''
97     server.start()
98     server.wait_for_unit("postfix.service")
99     server.wait_for_unit("dovecot2.service")
100     server.wait_for_open_port(465)
101     server.wait_for_open_port(993)
103     client.start()
104     client.wait_for_unit("alps.service")
105     client.wait_for_open_port(${toString nodes.client.config.services.alps.port})
106     client.succeed("test-alps-login")
107   '';