646b892680
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
39 lines
1.0 KiB
Nix
39 lines
1.0 KiB
Nix
{
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
name = "postfix-tlspol";
|
|
|
|
meta.maintainers = with lib.maintainers; [ hexa ];
|
|
|
|
nodes.machine = {
|
|
services.postfix.enable = true;
|
|
services.postfix-tlspol.enable = true;
|
|
|
|
services.dnsmasq = {
|
|
enable = true;
|
|
settings.selfmx = true;
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
import json
|
|
|
|
machine.wait_for_unit("postfix-tlspol.service")
|
|
machine.succeed("getent group postfix-tlspol | grep :postfix")
|
|
|
|
with subtest("Interact with the service"):
|
|
machine.succeed("postfix-tlspol -purge")
|
|
|
|
response = json.loads((machine.succeed("postfix-tlspol -query localhost")))
|
|
machine.log(json.dumps(response, indent=2))
|
|
|
|
assert response["dane"]["policy"] == "", f"Unexpected DANE policy for localhost: {response["dane"]["policy"]}"
|
|
assert response["mta-sts"]["policy"] == "", f"Unexpected MTA-STS policy for localhost: {response["mta-sts"]["policy"]}"
|
|
|
|
machine.log(machine.execute("systemd-analyze security postfix-tlspol.service | grep -v ✓")[1])
|
|
'';
|
|
|
|
}
|