nixos/tests/tlsrpt: init

  tinydns = runTest ./tinydns.nix;

  tinyproxy = runTest ./tinyproxy.nix;

  tinywl = runTest ./tinywl.nix;

  tlsrpt = runTest ./tlsrpt.nix;

  tmate-ssh-server = runTest ./tmate-ssh-server.nix;

  tomcat = runTest ./tomcat.nix;

  tor = runTest ./tor.nix;

{

  pkgs,

  ...

}:

{

  name = "tlsrpt";

  meta = {

    inherit (pkgs.tlsrpt-reporter.meta) maintainers;

  };

  nodes.machine = {

    services.tlsrpt = {

      enable = true;

      reportd.settings = {

        organization_name = "NixOS Testers United";

        contact_info = "smtp-tls-report@localhost";

        sender_address = "noreply@localhost";

      };

    };

    # To test the postfix integration

    services.postfix.enable = true;

  };

  testScript = ''

    machine.wait_for_unit("tlsrpt-collectd.service")

    machine.wait_for_unit("tlsrpt-reportd.service")

    machine.wait_for_file("/run/tlsrpt/collectd.sock")

    machine.wait_until_succeeds("journalctl -o cat -u tlsrpt-collectd | grep -Pq 'Database .* setup finished'")

    machine.wait_until_succeeds("journalctl -o cat -u tlsrpt-reportd | grep -Pq 'Database .* setup finished'")

    # Enabling postfix should put sendmail as the sendmail setting

    machine.succeed("grep -q sendmail_script=sendmail /etc/tlsrpt/reportd.cfg")

    machine.succeed("systemctl show --property SupplementaryGroups postfix.service | grep tlsrpt")

    machine.log(machine.succeed("systemd-analyze security tlsrpt-collectd.service tlsrpt-reportd.service | grep -v ✓"))

  '';

}

  installShellFiles,

  python3,

  fetchFromGitHub,

  nixosTests,

}:

python3.pkgs.buildPythonApplication rec {

    "tlsrpt_reporter"

  ];

  passthru.tests = {

    inherit (nixosTests) tlsrpt;

  };

  meta = {

    description = "Application suite to receive TLSRPT datagrams and to generate and deliver TLSRPT reports";

    homepage = "https://github.com/sys4/tlsrpt-reporter";