diff options
| author | Christoph Hrdinka <c.github@hrdinka.at> | 2021-05-20 10:41:30 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-20 10:41:30 +0200 |
| commit | 57acb6f9f7d736bd3fb7eb09c65981f7997c300e (patch) | |
| tree | 467849feb1717bc5aa771fdf01872f14c13731c5 /nixos/tests | |
| parent | 76a7840f5f4fc5998dc5675dd99f69f5b068b574 (diff) | |
| parent | 69202853ea8ae2d92c0d6344cd9446421cc2a4bd (diff) | |
Merge pull request #123598 from pschyska/master
nixos/nsd: make nsd-checkconf work when configuration contains keys (#118140)
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/nsd.nix | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/nixos/tests/nsd.nix b/nixos/tests/nsd.nix index a558ee0a42542..7387f4f1dfa10 100644 --- a/nixos/tests/nsd.nix +++ b/nixos/tests/nsd.nix @@ -43,6 +43,10 @@ in import ./make-test-python.nix ({ pkgs, ...} : { services.nsd.enable = true; services.nsd.rootServer = true; services.nsd.interfaces = lib.mkForce []; + services.nsd.keys."tsig.example.com." = { + algorithm = "hmac-sha256"; + keyFile = pkgs.writeTextFile { name = "tsig.example.com."; text = "aR3FJA92+bxRSyosadsJ8Aeeav5TngQW/H/EF9veXbc="; }; + }; services.nsd.zones."example.com.".data = '' @ SOA ns.example.com noc.example.com 666 7200 3600 1209600 3600 ipv4 A 1.2.3.4 @@ -51,6 +55,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : { ns A 192.168.0.1 ns AAAA dead:beef::1 ''; + services.nsd.zones."example.com.".provideXFR = [ "0.0.0.0 tsig.example.com." ]; services.nsd.zones."deleg.example.com.".data = '' @ SOA ns.example.com noc.example.com 666 7200 3600 1209600 3600 @ A 9.8.7.6 @@ -71,6 +76,10 @@ in import ./make-test-python.nix ({ pkgs, ...} : { clientv6.wait_for_unit("network.target") server.wait_for_unit("nsd.service") + with subtest("server tsig.example.com."): + expected_tsig = " secret: \"aR3FJA92+bxRSyosadsJ8Aeeav5TngQW/H/EF9veXbc=\"\n" + tsig=server.succeed("cat /var/lib/nsd/private/tsig.example.com.") + assert expected_tsig == tsig, f"Expected /var/lib/nsd/private/tsig.example.com. to contain '{expected_tsig}', but found '{tsig}'" def assert_host(type, rr, query, expected): self = clientv4 if type == 4 else clientv6 |