b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

openldap: use specialisations for tests

Browse source 
This speeds up tests a bit. Also, ensure that mutable config works for
manual config dir.
This commit is contained in:
Kai Wohlfahrt 2022-06-05 13:47:24 +01:00 committed by Jörg Thalheim
parent fd7d901133
commit ad5acb9b0e
1 changed files with 93 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

113
nixos/tests/openldap.nix
View file

@ -1,9 +1,4 @@
{ pkgs ? (import ../.. { inherit system; config = { }; }) import ./make-test-python.nix ({ pkgs, ... }: let
, system ? builtins.currentSystem
, ...
}:
let
dbContents = '' dbContents = ''
dn: dc=example dn: dc=example
objectClass: domain objectClass: domain
@ -13,16 +8,38 @@ let
objectClass: organizationalUnit objectClass: organizationalUnit
ou: users ou: users
''; '';
testScript = ''
machine.wait_for_unit("openldap.service") ldifConfig = ''
machine.succeed( dn: cn=config
'ldapsearch -LLL -D "cn=root,dc=example" -w notapassword -b "dc=example"', cn: config
) objectClass: olcGlobal
olcLogLevel: stats
dn: cn=schema,cn=config
cn: schema
objectClass: olcSchemaConfig
include: file://${pkgs.openldap}/etc/schema/core.ldif
include: file://${pkgs.openldap}/etc/schema/cosine.ldif
include: file://${pkgs.openldap}/etc/schema/inetorgperson.ldif
dn: olcDatabase={0}config,cn=config
olcDatabase: {0}config
objectClass: olcDatabaseConfig
olcRootDN: cn=root,cn=config
olcRootPW: configpassword
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/db/openldap
olcDbIndex: objectClass eq
olcSuffix: dc=example
olcRootDN: cn=root,dc=example
olcRootPW: notapassword
''; '';
in { in {
# New-style configuration
current = import ./make-test-python.nix ({ pkgs, ... }: {
inherit testScript;
name = "openldap"; name = "openldap";
nodes.machine = { pkgs, ... }: { nodes.machine = { pkgs, ... }: {
@ -58,55 +75,41 @@ in {
}; };
declarativeContents."dc=example" = dbContents; declarativeContents."dc=example" = dbContents;
}; };
};
}) { inherit pkgs system; };
# Manually managed configDir, for example if dynamic config is essential specialisation = {
manualConfigDir = import ./make-test-python.nix ({ pkgs, ... }: { manualConfigDir = {
name = "openldap"; inheritParentConfig = false;
configuration = { ... }: {
nodes.machine = { pkgs, ... }: {
services.openldap = { services.openldap = {
enable = true; enable = true;
configDir = "/var/db/slapd.d"; configDir = "/var/db/slapd.d";
}; };
}; };
};
testScript = let };
contents = pkgs.writeText "data.ldif" dbContents; };
config = pkgs.writeText "config.ldif" '' testScript = { nodes, ... }: let
dn: cn=config specializations = "${nodes.machine.config.system.build.toplevel}/specialisation";
cn: config changeRootPw = ''
objectClass: olcGlobal
olcLogLevel: stats
olcPidFile: /run/slapd/slapd.pid
dn: cn=schema,cn=config
cn: schema
objectClass: olcSchemaConfig
include: file://${pkgs.openldap}/etc/schema/core.ldif
include: file://${pkgs.openldap}/etc/schema/cosine.ldif
include: file://${pkgs.openldap}/etc/schema/inetorgperson.ldif
dn: olcDatabase={1}mdb,cn=config dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig changetype: modify
objectClass: olcMdbConfig replace: olcRootPW
olcDatabase: {1}mdb olcRootPW: foobar
olcDbDirectory: /var/db/openldap
olcDbIndex: objectClass eq
olcSuffix: dc=example
olcRootDN: cn=root,dc=example
olcRootPW: notapassword
''; '';
in '' in ''
machine.wait_for_unit("openldap.service")
machine.succeed('ldapsearch -LLL -D "cn=root,dc=example" -w notapassword -b "dc=example"')
with subtest("manual config dir"):
machine.succeed( machine.succeed(
"mkdir -p /var/db/slapd.d /var/db/openldap", 'mkdir -p /var/db/slapd.d /var/db/openldap',
"slapadd -F /var/db/slapd.d -n0 -l ${config}", 'slapadd -F /var/db/slapd.d -n0 -l ${pkgs.writeText "config.ldif" ldifConfig}',
"slapadd -F /var/db/slapd.d -n1 -l ${contents}", 'slapadd -F /var/db/slapd.d -n1 -l ${pkgs.writeText "contents.ldif" dbContents}',
"chown -R openldap:openldap /var/db/slapd.d /var/db/openldap", 'chown -R openldap:openldap /var/db/slapd.d /var/db/openldap',
"systemctl restart openldap", '${specializations}/manualConfigDir/bin/switch-to-configuration test',
) )
'' + testScript; machine.succeed('ldapsearch -LLL -D "cn=root,dc=example" -w notapassword -b "dc=example"')
}) { inherit system pkgs; }; machine.succeed('ldapmodify -D cn=root,cn=config -w configpassword -f ${pkgs.writeText "rootpw.ldif" changeRootPw}')
} machine.succeed('ldapsearch -LLL -D "cn=root,dc=example" -w foobar -b "dc=example"')
'';
})