50 lines
1.4 KiB
Nix
50 lines
1.4 KiB
Nix
{pkgs, ...}:
|
|
pkgs.nixosTest {
|
|
name = "internal";
|
|
nodes.machine = {...}: {
|
|
imports = [./common/server.nix];
|
|
mailsystem = {
|
|
fqdn = "mail.example.com";
|
|
domains = ["example.com"];
|
|
accounts = {};
|
|
vmailUserName = "vmail";
|
|
vmailGroupName = "vmail";
|
|
vmailUID = 5000;
|
|
};
|
|
};
|
|
testScript = {nodes, ...}: let
|
|
pkgs = nodes.machine.nixpkgs.pkgs;
|
|
in ''
|
|
machine.start()
|
|
machine.wait_for_unit("multi-user.target")
|
|
|
|
with subtest("imap is only available via port 993 and is encrypted"):
|
|
machine.wait_for_closed_port(143)
|
|
machine.wait_for_open_port(993)
|
|
machine.succeed(
|
|
"echo | ${pkgs.openssl}/bin/openssl s_client -connect localhost:993 | grep 'New, TLS'"
|
|
)
|
|
|
|
with subtest("smtp is only available via port 465 and is encrypted"):
|
|
machine.wait_for_closed_port(587)
|
|
machine.wait_for_open_port(465)
|
|
machine.succeed(
|
|
"echo | ${pkgs.openssl}/bin/openssl s_client -connect localhost:465 | grep 'New, TLS'"
|
|
)
|
|
|
|
with subtest("`postfix check` succeeds"):
|
|
machine.succeed(
|
|
"${pkgs.postfix}/bin/postfix check"
|
|
)
|
|
|
|
with subtest("vmail uid is set correctly"):
|
|
machine.succeed(
|
|
"[ $(getent passwd vmail | cut -d: -f3) -eq 5000 ]"
|
|
)
|
|
|
|
with subtest("vmail gid is set correctly"):
|
|
machine.succeed(
|
|
"[ $(getent group vmail | cut -d: -f3) -eq 5000 ]"
|
|
)
|
|
'';
|
|
}
|