From b9c953eb19a0c6be88ce0a1cfe4db255b8e05a0f Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Mon, 18 Jun 2018 19:59:19 +0200 Subject: [PATCH] nixos/tests/tor: a minimal test For now check that the default client config boots. Ideas for the future: - Expand on control via netcat - Configure a circuit of nodes exercise various configs (e.g., check that a client node can access a hidden www service). Needs setting up authoritative directory servers &c. --- nixos/release.nix | 1 + nixos/tests/tor.nix | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 nixos/tests/tor.nix diff --git a/nixos/release.nix b/nixos/release.nix index 0fa8b22cc89..881c9bafb4c 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -398,6 +398,7 @@ in rec { tests.switchTest = callTest tests/switch-test.nix {}; tests.taskserver = callTest tests/taskserver.nix {}; tests.tomcat = callTest tests/tomcat.nix {}; + tests.tor = callTest tests/tor.nix {}; tests.transmission = callTest tests/transmission.nix {}; tests.udisks2 = callTest tests/udisks2.nix {}; tests.vault = callTest tests/vault.nix {}; diff --git a/nixos/tests/tor.nix b/nixos/tests/tor.nix new file mode 100644 index 00000000000..24d46a03897 --- /dev/null +++ b/nixos/tests/tor.nix @@ -0,0 +1,28 @@ +import ./make-test.nix ({ lib, ... }: with lib; + +rec { + name = "tor"; + meta.maintainers = with maintainers; [ joachifm ]; + + common = + { config, ... }: + { boot.kernelParams = [ "audit=0" "apparmor=0" "quiet" ]; + networking.firewall.enable = false; + networking.useDHCP = false; + }; + + nodes.client = + { config, pkgs, ... }: + { imports = [ common ]; + environment.systemPackages = with pkgs; [ netcat ]; + services.tor.enable = true; + services.tor.client.enable = true; + services.tor.controlPort = 9051; + }; + + testScript = '' + $client->waitForUnit("tor.service"); + $client->waitForOpenPort(9051); + $client->succeed("echo GETINFO version | nc 127.0.0.1 9051") =~ /514 Authentication required./ or die; + ''; +})