fix(module): test both IPv4 and IPv6

This ensures both work
2025-01-23 18:01:58 +01:00 · 2025-01-23 18:01:58 +01:00 · 542336867a
commit 542336867a
parent 70162c83f6
1 changed files with 102 additions and 85 deletions
--- a/flake-modules/tests.nix
+++ b/flake-modules/tests.nix
@ -54,7 +54,9 @@
              '';
            };

-          webnsupdate-machine = {
+          webnsupdate-ipv4-machine =
+            { lib, ... }:
+            {
              imports = [
                bindDynamicZone
                self.nixosModules.webnsupdate
@ -71,7 +73,7 @@

                  webnsupdate = {
                    enable = true;
-                  bindIp = "127.0.0.1";
+                    bindIp = lib.mkDefault "127.0.0.1";
                    keyFile = "/etc/bind/rndc.key";
                    # test:test (user:password)
                    passwordFile = pkgs.writeText "webnsupdate.pass" "FQoNmuU1BKfg8qsU96F6bK5ykp2b0SLe3ZpB3nbtfZA";
@ -89,11 +91,15 @@
                };
              };
            };
-        in
-        {
-          module-test = pkgs.testers.runNixOSTest {
-            name = "webnsupdate-module";
-            nodes.machine = webnsupdate-machine;
+
+          webnsupdate-ipv6-machine = {
+            imports = [
+              webnsupdate-ipv4-machine
+            ];
+
+            config.services.webnsupdate.bindIp = "::1";
+          };
+
          testScript = ''
            machine.start(allow_reboot=True)
            machine.wait_for_unit("bind.service")
@ -107,9 +113,9 @@

            # ensure webnsupdate managed records are missing
            with subtest("query webnsupdate DNS records (fail)"):
-                  machine.fail("dig @127.0.0.1 test1.${testDomain} | grep ^test1.${testDomain}")
-                  machine.fail("dig @127.0.0.1 test2.${testDomain} | grep ^test2.${testDomain}")
-                  machine.fail("dig @127.0.0.1 test3.${testDomain} | grep ^test3.${testDomain}")
+                machine.fail("dig @127.0.0.1 test1.${testDomain} A test1.${testDomain} AAAA | grep ^test1.${testDomain}")
+                machine.fail("dig @127.0.0.1 test2.${testDomain} A test2.${testDomain} AAAA | grep ^test2.${testDomain}")
+                machine.fail("dig @127.0.0.1 test3.${testDomain} A test3.${testDomain} AAAA | grep ^test3.${testDomain}")

            with subtest("update webnsupdate DNS records (invalid auth)"):
                machine.fail("curl --fail --silent -u test1:test1 -X GET http://localhost:5353/update")
@ -117,9 +123,9 @@

            # ensure webnsupdate managed records are missing
            with subtest("query webnsupdate DNS records (fail)"):
-                  machine.fail("dig @127.0.0.1 test1.${testDomain} | grep ^test1.${testDomain}")
-                  machine.fail("dig @127.0.0.1 test2.${testDomain} | grep ^test2.${testDomain}")
-                  machine.fail("dig @127.0.0.1 test3.${testDomain} | grep ^test3.${testDomain}")
+                machine.fail("dig @127.0.0.1 test1.${testDomain} A test1.${testDomain} AAAA | grep ^test1.${testDomain}")
+                machine.fail("dig @127.0.0.1 test2.${testDomain} A test2.${testDomain} AAAA | grep ^test2.${testDomain}")
+                machine.fail("dig @127.0.0.1 test3.${testDomain} A test3.${testDomain} AAAA | grep ^test3.${testDomain}")

            with subtest("update webnsupdate DNS records (valid auth)"):
                machine.succeed("curl --fail --silent -u test:test -X GET http://localhost:5353/update")
@ -127,9 +133,9 @@

            # ensure webnsupdate managed records are available
            with subtest("query webnsupdate DNS records (succeed)"):
-                  machine.succeed("dig @127.0.0.1 test1.${testDomain} | grep ^test1.${testDomain}")
-                  machine.succeed("dig @127.0.0.1 test2.${testDomain} | grep ^test2.${testDomain}")
-                  machine.succeed("dig @127.0.0.1 test3.${testDomain} | grep ^test3.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test1.${testDomain} A test1.${testDomain} AAAA | grep ^test1.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test2.${testDomain} A test2.${testDomain} AAAA | grep ^test2.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test3.${testDomain} A test3.${testDomain} AAAA | grep ^test3.${testDomain}")

            machine.reboot()
            machine.succeed("cat /var/lib/webnsupdate/last-ip")
@ -144,10 +150,21 @@

            # ensure webnsupdate managed records are available after a reboot
            with subtest("query webnsupdate DNS records (succeed)"):
-                  machine.succeed("dig @127.0.0.1 test1.${testDomain} | grep ^test1.${testDomain}")
-                  machine.succeed("dig @127.0.0.1 test2.${testDomain} | grep ^test2.${testDomain}")
-                  machine.succeed("dig @127.0.0.1 test3.${testDomain} | grep ^test3.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test1.${testDomain} A test1.${testDomain} AAAA | grep ^test1.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test2.${testDomain} A test2.${testDomain} AAAA | grep ^test2.${testDomain}")
+                machine.succeed("dig @127.0.0.1 test3.${testDomain} A test3.${testDomain} AAAA | grep ^test3.${testDomain}")
          '';
+        in
+        {
+          module-ipv4-test = pkgs.testers.runNixOSTest {
+            name = "webnsupdate-ipv4-module";
+            nodes.machine = webnsupdate-ipv4-machine;
+            inherit testScript;
+          };
+          module-ipv6-test = pkgs.testers.runNixOSTest {
+            name = "webnsupdate-ipv6-module";
+            nodes.machine = webnsupdate-ipv6-machine;
+            inherit testScript;
          };
        };
    };