nixpkgs/nixos/tests/networking-proxy.nix

# Test whether `networking.proxy' work as expected.

# TODO: use a real proxy node and put this test into networking.nix
# TODO: test whether nix tools work as expected behind a proxy

let default-config = {
        imports = [ ./common/user-account.nix ];

        services.xserver.enable = false;

        virtualisation.memorySize = 128;
      };
in import ./make-test-python.nix ({ pkgs, ...} : {
  name = "networking-proxy";
  meta = with pkgs.lib.maintainers; {
    maintainers = [  ];
  };

  nodes = {
    # no proxy
    machine =
      { ... }:

      default-config;

    # proxy default
    machine2 =
      { ... }:

      default-config // {
        networking.proxy.default = "http://user:pass@host:port";
      };

    # specific proxy options
    machine3 =
      { ... }:

      default-config //
      {
        networking.proxy = {
          # useless because overriden by the next options
          default = "http://user:pass@host:port";
          # advanced proxy setup
          httpProxy = "123-http://user:pass@http-host:port";
          httpsProxy = "456-http://user:pass@https-host:port";
          rsyncProxy = "789-http://user:pass@rsync-host:port";
          ftpProxy = "101112-http://user:pass@ftp-host:port";
          noProxy = "131415-127.0.0.1,localhost,.localdomain";
        };
      };

    # mix default + proxy options
    machine4 =
      { ... }:

      default-config // {
        networking.proxy = {
          # open for all *_proxy env var
          default = "000-http://user:pass@default-host:port";
          # except for those 2
          rsyncProxy = "123-http://user:pass@http-host:port";
          noProxy = "131415-127.0.0.1,localhost,.localdomain";
        };
      };
    };

  testScript =
    ''
      from typing import Dict, Optional


      def get_machine_env(machine: Machine, user: Optional[str] = None) -> Dict[str, str]:
          """
          Gets the environment from a given machine, and returns it as a
          dictionary in the form:
              {"lowercase_var_name": "value"}

          Duplicate environment variables with the same name
          (e.g. "foo" and "FOO") are handled in an undefined manner.
          """
          if user is not None:
              env = machine.succeed("su - {} -c 'env -0'".format(user))
          else:
              env = machine.succeed("env -0")
          ret = {}
          for line in env.split("\0"):
              if "=" not in line:
                  continue

              key, val = line.split("=", 1)
              ret[key.lower()] = val
          return ret


      start_all()

      with subtest("no proxy"):
          assert "proxy" not in machine.succeed("env").lower()
          assert "proxy" not in machine.succeed("su - alice -c env").lower()

      with subtest("default proxy"):
          assert "proxy" in machine2.succeed("env").lower()
          assert "proxy" in machine2.succeed("su - alice -c env").lower()

      with subtest("explicitly-set proxy"):
          env = get_machine_env(machine3)
          assert "123" in env["http_proxy"]
          assert "456" in env["https_proxy"]
          assert "789" in env["rsync_proxy"]
          assert "101112" in env["ftp_proxy"]
          assert "131415" in env["no_proxy"]

          env = get_machine_env(machine3, "alice")
          assert "123" in env["http_proxy"]
          assert "456" in env["https_proxy"]
          assert "789" in env["rsync_proxy"]
          assert "101112" in env["ftp_proxy"]
          assert "131415" in env["no_proxy"]

      with subtest("default proxy + some other specifics"):
          env = get_machine_env(machine4)
          assert "000" in env["http_proxy"]
          assert "000" in env["https_proxy"]
          assert "123" in env["rsync_proxy"]
          assert "000" in env["ftp_proxy"]
          assert "131415" in env["no_proxy"]

          env = get_machine_env(machine4, "alice")
          assert "000" in env["http_proxy"]
          assert "000" in env["https_proxy"]
          assert "123" in env["rsync_proxy"]
          assert "000" in env["ftp_proxy"]
          assert "131415" in env["no_proxy"]
    '';
})
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00			# Test whether `networking.proxy' work as expected.

			`# TODO: use a real proxy node and put this test into networking.nix`
			`# TODO: test whether nix tools work as expected behind a proxy`

			`let default-config = {`
			`imports = [ ./common/user-account.nix ];`

			`services.xserver.enable = false;`

			`virtualisation.memorySize = 128;`
			`};`
nixosTests.networkingProxy: port to Python 2020-01-21 21:29:43 -08:00			`in import ./make-test-python.nix ({ pkgs, ...} : {`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00			`name = "networking-proxy";`
treewide: simplify pkgs.stdenv.lib -> pkgs.lib The library does not depend on stdenv, that `stdenv` exposes `lib` is an artifact of the ancient origins of nixpkgs. 2021-01-10 20:08:30 +01:00			`meta = with pkgs.lib.maintainers; {`
all tests: added meta.maintainers section 2015-07-12 12:09:40 +02:00			`maintainers = [ ];`
			`};`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00
			`nodes = {`
			`# no proxy`
			`machine =`
[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`{ ... }:`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00
			`default-config;`

			`# proxy default`
			`machine2 =`
[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`{ ... }:`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00
			`default-config // {`
			`networking.proxy.default = "http://user:pass@host:port";`
			`};`

			`# specific proxy options`
			`machine3 =`
[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`{ ... }:`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00
			`default-config //`
			`{`
			`networking.proxy = {`
			`# useless because overriden by the next options`
			`default = "http://user:pass@host:port";`
			`# advanced proxy setup`
			`httpProxy = "123-http://user:pass@http-host:port";`
			`httpsProxy = "456-http://user:pass@https-host:port";`
			`rsyncProxy = "789-http://user:pass@rsync-host:port";`
			`ftpProxy = "101112-http://user:pass@ftp-host:port";`
			`noProxy = "131415-127.0.0.1,localhost,.localdomain";`
			`};`
			`};`

			`# mix default + proxy options`
			`machine4 =`
[bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00			`{ ... }:`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00
			`default-config // {`
			`networking.proxy = {`
			`# open for all *_proxy env var`
			`default = "000-http://user:pass@default-host:port";`
			`# except for those 2`
			`rsyncProxy = "123-http://user:pass@http-host:port";`
			`noProxy = "131415-127.0.0.1,localhost,.localdomain";`
			`};`
			`};`
			`};`

			`testScript =`
			`''`
nixosTests.networkingProxy: port to Python 2020-01-21 21:29:43 -08:00			`from typing import Dict, Optional`


			`def get_machine_env(machine: Machine, user: Optional[str] = None) -> Dict[str, str]:`
			`"""`
			`Gets the environment from a given machine, and returns it as a`
			`dictionary in the form:`
			`{"lowercase_var_name": "value"}`

			`Duplicate environment variables with the same name`
			`(e.g. "foo" and "FOO") are handled in an undefined manner.`
			`"""`
			`if user is not None:`
			`env = machine.succeed("su - {} -c 'env -0'".format(user))`
			`else:`
			`env = machine.succeed("env -0")`
			`ret = {}`
			`for line in env.split("\0"):`
			`if "=" not in line:`
			`continue`

			`key, val = line.split("=", 1)`
			`ret[key.lower()] = val`
			`return ret`


			`start_all()`

			`with subtest("no proxy"):`
			`assert "proxy" not in machine.succeed("env").lower()`
			`assert "proxy" not in machine.succeed("su - alice -c env").lower()`

			`with subtest("default proxy"):`
			`assert "proxy" in machine2.succeed("env").lower()`
			`assert "proxy" in machine2.succeed("su - alice -c env").lower()`

			`with subtest("explicitly-set proxy"):`
			`env = get_machine_env(machine3)`
			`assert "123" in env["http_proxy"]`
			`assert "456" in env["https_proxy"]`
			`assert "789" in env["rsync_proxy"]`
			`assert "101112" in env["ftp_proxy"]`
			`assert "131415" in env["no_proxy"]`

			`env = get_machine_env(machine3, "alice")`
			`assert "123" in env["http_proxy"]`
			`assert "456" in env["https_proxy"]`
			`assert "789" in env["rsync_proxy"]`
			`assert "101112" in env["ftp_proxy"]`
			`assert "131415" in env["no_proxy"]`

			`with subtest("default proxy + some other specifics"):`
			`env = get_machine_env(machine4)`
			`assert "000" in env["http_proxy"]`
			`assert "000" in env["https_proxy"]`
			`assert "123" in env["rsync_proxy"]`
			`assert "000" in env["ftp_proxy"]`
			`assert "131415" in env["no_proxy"]`

			`env = get_machine_env(machine4, "alice")`
			`assert "000" in env["http_proxy"]`
			`assert "000" in env["https_proxy"]`
			`assert "123" in env["rsync_proxy"]`
			`assert "000" in env["ftp_proxy"]`
			`assert "131415" in env["no_proxy"]`
Introduce a dedicated networking.proxy option Following the discussion NixOS#5021: - obsolete the nix.proxy option - add the networking.proxy option - open a default no_proxy environment variable - add a rsync option - Manual tests ok. - Automatic tests ok. Amended by lethalman to simplify the option descriptions. 2014-11-19 20:13:54 +01:00			`'';`
all tests: added meta.maintainers section 2015-07-12 12:09:40 +02:00			`})`