186 lines
		
	
	
		
			5.0 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
			
		
		
	
	
			186 lines
		
	
	
		
			5.0 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
| import ./make-test-python.nix ({ pkgs, ...} : {
 | |
|   name = "3proxy";
 | |
|   meta = with pkgs.stdenv.lib.maintainers; {
 | |
|     maintainers = [ misuzu ];
 | |
|   };
 | |
| 
 | |
|   nodes = {
 | |
|     peer0 = { lib, ... }: {
 | |
|       networking.useDHCP = false;
 | |
|       networking.interfaces.eth1 = {
 | |
|         ipv4.addresses = [
 | |
|           {
 | |
|             address = "192.168.0.1";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|           {
 | |
|             address = "216.58.211.111";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|     };
 | |
| 
 | |
|     peer1 = { lib, ... }: {
 | |
|       networking.useDHCP = false;
 | |
|       networking.interfaces.eth1 = {
 | |
|         ipv4.addresses = [
 | |
|           {
 | |
|             address = "192.168.0.2";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|           {
 | |
|             address = "216.58.211.112";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       # test that binding to [::] is working when ipv6 is disabled
 | |
|       networking.enableIPv6 = false;
 | |
|       services._3proxy = {
 | |
|         enable = true;
 | |
|         services = [
 | |
|           {
 | |
|             type = "admin";
 | |
|             bindPort = 9999;
 | |
|             auth = [ "none" ];
 | |
|           }
 | |
|           {
 | |
|             type = "proxy";
 | |
|             bindPort = 3128;
 | |
|             auth = [ "none" ];
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       networking.firewall.allowedTCPPorts = [ 3128 9999 ];
 | |
|     };
 | |
| 
 | |
|     peer2 = { lib, ... }: {
 | |
|       networking.useDHCP = false;
 | |
|       networking.interfaces.eth1 = {
 | |
|         ipv4.addresses = [
 | |
|           {
 | |
|             address = "192.168.0.3";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|           {
 | |
|             address = "216.58.211.113";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       services._3proxy = {
 | |
|         enable = true;
 | |
|         services = [
 | |
|           {
 | |
|             type = "admin";
 | |
|             bindPort = 9999;
 | |
|             auth = [ "none" ];
 | |
|           }
 | |
|           {
 | |
|             type = "proxy";
 | |
|             bindPort = 3128;
 | |
|             auth = [ "iponly" ];
 | |
|             acl = [
 | |
|               {
 | |
|                 rule = "allow";
 | |
|               }
 | |
|             ];
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       networking.firewall.allowedTCPPorts = [ 3128 9999 ];
 | |
|     };
 | |
| 
 | |
|     peer3 = { lib, ... }: {
 | |
|       networking.useDHCP = false;
 | |
|       networking.interfaces.eth1 = {
 | |
|         ipv4.addresses = [
 | |
|           {
 | |
|             address = "192.168.0.4";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|           {
 | |
|             address = "216.58.211.114";
 | |
|             prefixLength = 24;
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       services._3proxy = {
 | |
|         enable = true;
 | |
|         usersFile = pkgs.writeText "3proxy.passwd" ''
 | |
|           admin:CR:$1$.GUV4Wvk$WnEVQtaqutD9.beO5ar1W/
 | |
|         '';
 | |
|         services = [
 | |
|           {
 | |
|             type = "admin";
 | |
|             bindPort = 9999;
 | |
|             auth = [ "none" ];
 | |
|           }
 | |
|           {
 | |
|             type = "proxy";
 | |
|             bindPort = 3128;
 | |
|             auth = [ "strong" ];
 | |
|             acl = [
 | |
|               {
 | |
|                 rule = "allow";
 | |
|               }
 | |
|             ];
 | |
|           }
 | |
|         ];
 | |
|       };
 | |
|       networking.firewall.allowedTCPPorts = [ 3128 9999 ];
 | |
|     };
 | |
|   };
 | |
| 
 | |
|   testScript = ''
 | |
|     peer1.wait_for_unit("3proxy.service")
 | |
|     peer1.wait_for_open_port("9999")
 | |
| 
 | |
|     # test none auth
 | |
|     peer0.succeed(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://216.58.211.112:9999"
 | |
|     )
 | |
|     peer0.succeed(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://192.168.0.2:9999"
 | |
|     )
 | |
|     peer0.succeed(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://127.0.0.1:9999"
 | |
|     )
 | |
| 
 | |
|     peer2.wait_for_unit("3proxy.service")
 | |
|     peer2.wait_for_open_port("9999")
 | |
| 
 | |
|     # test iponly auth
 | |
|     peer0.succeed(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://216.58.211.113:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://192.168.0.3:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://127.0.0.1:9999"
 | |
|     )
 | |
| 
 | |
|     peer3.wait_for_unit("3proxy.service")
 | |
|     peer3.wait_for_open_port("9999")
 | |
| 
 | |
|     # test strong auth
 | |
|     peer0.succeed(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://admin:bigsecret\@192.168.0.4:3128 -S -O /dev/null http://216.58.211.114:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://admin:bigsecret\@192.168.0.4:3128 -S -O /dev/null http://192.168.0.4:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://216.58.211.114:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://192.168.0.4:9999"
 | |
|     )
 | |
|     peer0.fail(
 | |
|         "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://127.0.0.1:9999"
 | |
|     )
 | |
|   '';
 | |
| })
 | 
