summary refs log tree commit diff
path: root/nixos/tests/doh-proxy-rust.nix
blob: 8c743fe77e328c9159ab21ea6df2f7c86a9aa5b8 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
import ./make-test-python.nix ({ lib, pkgs, ... }: {
  name = "doh-proxy-rust";
  meta.maintainers = with lib.maintainers; [ stephank ];

  nodes = {
    machine = { pkgs, lib, ... }: {
      services.bind = {
        enable = true;
        extraOptions = "empty-zones-enable no;";
        zones = lib.singleton {
          name = ".";
          master = true;
          file = pkgs.writeText "root.zone" ''
            $TTL 3600
            . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d )
            . IN NS ns.example.org.
            ns.example.org. IN A    192.168.0.1
          '';
        };
      };
      services.doh-proxy-rust = {
        enable = true;
        flags = [
          "--server-address=127.0.0.1:53"
        ];
      };
    };
  };

  testScript = { nodes, ... }: ''
    url = "http://localhost:3000/dns-query"
    query = "AAABAAABAAAAAAAAAm5zB2V4YW1wbGUDb3JnAAABAAE="  # IN A ns.example.org.
    bin_ip = r"$'\xC0\xA8\x00\x01'"  # 192.168.0.1, as shell binary string

    machine.wait_for_unit("bind.service")
    machine.wait_for_unit("doh-proxy-rust.service")
    machine.wait_for_open_port(53)
    machine.wait_for_open_port(3000)
    machine.succeed(f"curl --fail -H 'Accept: application/dns-message' '{url}?dns={query}' | grep -F {bin_ip}")
  '';
})