jalil/webnsupdate
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity Actions

feat(tests): add nginx integration test
All checks were successful
/ build (push) Successful in 1s
Details
/ check (push) Successful in 9s
Details
/ report-size (push) Successful in 1s
Details

Browse source 
This ensures we can handle IPv4 and IPv6 simultaneously
This commit is contained in:
Jalil David Salamé Messina 2025-01-23 22:16:17 +01:00
parent e5f7d94f77
commit ec27e31336
Signed by: jalil
GPG key ID: F016B9E770737A0B
1 changed files with 104 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
flake-modules/tests.nix
View file

@ -100,6 +100,27 @@
config.services.webnsupdate.bindIp = "::1";
};
webnsupdate-nginx-machine =
{ lib, config, ... }:
{
imports = [
webnsupdate-ipv4-machine
];
config.services = {
# Use default IP Source
webnsupdate.extraArgs = lib.mkForce [ "-vvv" ]; # debug messages
nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts.webnsupdate.locations."/".proxyPass =
"http://${config.services.webnsupdate.bindIp}:${builtins.toString config.services.webnsupdate.bindPort}";
};
};
};
testScript = ''
machine.start(allow_reboot=True)
machine.wait_for_unit("bind.service")
@ -166,6 +187,89 @@
nodes.machine = webnsupdate-ipv6-machine;
inherit testScript;
};
module-nginx-test = pkgs.testers.runNixOSTest {
name = "webnsupdate-nginx-module";
nodes.machine = webnsupdate-nginx-machine;
testScript = ''
machine.start(allow_reboot=True)
machine.wait_for_unit("bind.service")
machine.wait_for_unit("webnsupdate.service")
# ensure base DNS records area available
with subtest("query base DNS records"):
machine.succeed("dig @127.0.0.1 ${testDomain} | grep ^${testDomain}")
machine.succeed("dig @127.0.0.1 ns1.${testDomain} | grep ^ns1.${testDomain}")
machine.succeed("dig @127.0.0.1 nsupdate.${testDomain} | grep ^nsupdate.${testDomain}")
# ensure webnsupdate managed records are missing
with subtest("query webnsupdate DNS records (fail)"):
machine.fail("dig @127.0.0.1 test1.${testDomain} A | grep ^test1.${testDomain}")
machine.fail("dig @127.0.0.1 test2.${testDomain} A | grep ^test2.${testDomain}")
machine.fail("dig @127.0.0.1 test3.${testDomain} A | grep ^test3.${testDomain}")
machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
with subtest("update webnsupdate DNS records (invalid auth)"):
machine.fail("curl --fail --silent -u test1:test1 -X GET http://127.0.0.1/update")
machine.fail("cat /var/lib/webnsupdate/last-ip") # no last-ip set yet
# ensure webnsupdate managed records are missing
with subtest("query webnsupdate DNS records (fail)"):
machine.fail("dig @127.0.0.1 test1.${testDomain} A | grep ^test1.${testDomain}")
machine.fail("dig @127.0.0.1 test2.${testDomain} A | grep ^test2.${testDomain}")
machine.fail("dig @127.0.0.1 test3.${testDomain} A | grep ^test3.${testDomain}")
machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
with subtest("update webnsupdate IPv4 DNS records (valid auth)"):
machine.succeed("curl --fail --silent -u test:test -X GET http://127.0.0.1/update")
machine.succeed("cat /var/lib/webnsupdate/last-ip")
# ensure webnsupdate managed IPv4 records are available
with subtest("query webnsupdate IPv4 DNS records (succeed)"):
machine.succeed("dig @127.0.0.1 test1.${testDomain} A | grep ^test1.${testDomain}")
machine.succeed("dig @127.0.0.1 test2.${testDomain} A | grep ^test2.${testDomain}")
machine.succeed("dig @127.0.0.1 test3.${testDomain} A | grep ^test3.${testDomain}")
# ensure webnsupdate managed IPv6 records are missing
with subtest("query webnsupdate IPv6 DNS records (fail)"):
machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
with subtest("update webnsupdate IPv6 DNS records (valid auth)"):
machine.succeed("curl --fail --silent -u test:test -X GET http://[::1]/update")
machine.succeed("cat /var/lib/webnsupdate/last-ip")
# ensure webnsupdate managed IPv6 records are missing
with subtest("query webnsupdate IPv6 DNS records (fail)"):
machine.succeed("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
machine.succeed("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
machine.succeed("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
machine.reboot()
machine.succeed("cat /var/lib/webnsupdate/last-ip")
machine.wait_for_unit("webnsupdate.service")
machine.succeed("cat /var/lib/webnsupdate/last-ip")
# ensure base DNS records area available after a reboot
with subtest("query base DNS records"):
machine.succeed("dig @127.0.0.1 ${testDomain} | grep ^${testDomain}")
machine.succeed("dig @127.0.0.1 ns1.${testDomain} | grep ^ns1.${testDomain}")
machine.succeed("dig @127.0.0.1 nsupdate.${testDomain} | grep ^nsupdate.${testDomain}")
# ensure webnsupdate managed records are available after a reboot
with subtest("query webnsupdate DNS records (succeed)"):
machine.succeed("dig @127.0.0.1 test1.${testDomain} A | grep ^test1.${testDomain}")
machine.succeed("dig @127.0.0.1 test2.${testDomain} A | grep ^test2.${testDomain}")
machine.succeed("dig @127.0.0.1 test3.${testDomain} A | grep ^test3.${testDomain}")
machine.succeed("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
machine.succeed("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
machine.succeed("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
'';
};
};
};
}