Sets up a declaratively configured OpenLDAP instance with users alice
and bob. They each own one email address,
First we test that postfix can communicate with LDAP and do the expected
lookups using the defined maps.
Then we use doveadm to make sure it can look up the two accounts.
Next we check the binding between account and mail address, by logging
in as alice and trying to send from bob@example.com, which alice is not
allowed to do. We expect postfix to reject the sender address here.
Finally we check mail delivery between alice and bob. Alice tries to
send a mail from alice@example.com to bob@example.com and bob then
checks whether it arrived in their mailbox.
When a local account address is forwarded, the mails were not locally
kept. This was due to the way lookup tables were internally managed.
Instead of using lists to represent Postfix lookup tables, we now use
attribute sets: they can then be easily merged.
A regression test for
https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/
has been added: it sets a forward on a local address and ensure an
email sent to this address is locally kept.
Fixes#205
Before using Niv, we were following channels meaning we can not
reproduce CI jobs easily.
In this change, we use Niv to pin these dependencies. We are also
addding a tests/default.nix to be able to run these tests locally.
For instance, to run the test extern.nix on the nixpkgs-19.09 release:
nix-build tests/default.nix -A extern.nixpkgs_19_09
Fixes#178
The current version fetches clamav-db-files from gitlab,
in the master branch. This is currently broken as the files
were removed, and does not allow to ensure a fixture update
does not break the test
- restructure rspamd config. It's nicer now, and it was getting
overridden the old way.
- "scan_mime_parts = false" apparently must be used in rspamd for ClamAV
to work
- refactor the clamav test a bit for cleanliness
- wait for rspamd and clamd sockets to open, before testing
- use clamdscan for speed, and verify that the virus was found
- verify msmtp returns virus scan result
Their CI environment currently doesn't have KVM. This commit should be
reverted when/if they do, for much better CI speed.
You can still run tests locally on your KVM-enabled machine as documented
on the wiki.
Workaround on GitLab is several pieces (injected through .gitlab-ci.yml):
- Make a /dev/kvm file so that nix thinks we have "kvm" system feature
and proceeds with executing the tests.
- Inject a QEMU package that replaces qemu-kvm with a full emulator.
- Monkey-patch the test script to wait longer for the VM to boot, since
it's slow on full emulation. 1200 seconds, double the previous value.
The patch method is not bulletproof, but better than maintaining forks of
nixpkgs.
- Set systemd's DefaultTimeoutStartSec=15min, so nix's "backdoor" test
service doesn't time out on the slow boot.
Fix#136 (stop pulling the files from @griff's poor server), also add a script
to update the files.
The fun thing about this is that due to sourcing the files from
`https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/raw/master/tests/clamav`
during the tests, updates to the `hashes.json` and `*.cvd` files will always
fail CI. I guess this is a reasonable tradeoff as long as people are aware of
it.
