78 lines
2.0 KiB
Nix
78 lines
2.0 KiB
Nix
import ./make-test-python.nix ({ pkgs, ... }:
|
|
let
|
|
fakeReply = pkgs.writeText "namecoin-reply.json" ''
|
|
{ "error": null,
|
|
"id": 1,
|
|
"result": {
|
|
"address": "T31q8ucJ4dI1xzhxQ5QispfECld5c7Xw",
|
|
"expired": false,
|
|
"expires_in": 2248,
|
|
"height": 438155,
|
|
"name": "d/test",
|
|
"txid": "db61c0b2540ba0c1a2c8cc92af703a37002e7566ecea4dbf8727c7191421edfb",
|
|
"value": "{\"ip\": \"1.2.3.4\", \"email\": \"root@test.bit\",\"info\": \"Fake record\"}",
|
|
"vout": 0
|
|
}
|
|
}
|
|
'';
|
|
in
|
|
|
|
{
|
|
name = "ncdns";
|
|
|
|
nodes.server = { ... }: {
|
|
networking.nameservers = [ "127.0.0.1" ];
|
|
|
|
services.namecoind.rpc = {
|
|
address = "127.0.0.1";
|
|
user = "namecoin";
|
|
password = "secret";
|
|
port = 8332;
|
|
};
|
|
|
|
# Fake namecoin RPC server because we can't
|
|
# run a full node in a test.
|
|
systemd.services.namecoind = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
script = ''
|
|
while true; do
|
|
echo -e "HTTP/1.1 200 OK\n\n $(<${fakeReply})\n" \
|
|
| ${pkgs.netcat}/bin/nc -N -l 127.0.0.1 8332
|
|
done
|
|
'';
|
|
};
|
|
|
|
services.ncdns = {
|
|
enable = true;
|
|
dnssec.enable = true;
|
|
};
|
|
|
|
services.pdns-recursor = {
|
|
enable = true;
|
|
dns.allowFrom = [ "127.0.0.0/8" ];
|
|
settings.loglevel = 8;
|
|
resolveNamecoin = true;
|
|
};
|
|
|
|
environment.systemPackages = [ pkgs.dnsutils ];
|
|
|
|
};
|
|
|
|
testScript = ''
|
|
with subtest("DNSSEC keys have been generated"):
|
|
server.wait_for_unit("ncdns")
|
|
server.wait_for_file("/var/lib/ncdns/bit.key")
|
|
server.wait_for_file("/var/lib/ncdns/bit-zone.key")
|
|
|
|
with subtest("DNSKEY bit record is present"):
|
|
server.wait_for_unit("pdns-recursor")
|
|
server.wait_for_open_port("53")
|
|
server.succeed("host -t DNSKEY bit")
|
|
|
|
with subtest("can resolve a .bit name"):
|
|
server.wait_for_unit("namecoind")
|
|
server.wait_for_open_port("8332")
|
|
assert "1.2.3.4" in server.succeed("host -t A test.bit")
|
|
'';
|
|
})
|