mirror/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2025-01-18 13:36:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/gnu/tests/dns.scm
Sören Tempel 8db6cfe022
services: dns: Add unbound service. 
This allows using Unbound as a local DNSSEC-enabled resolver. This
commit also allows configuration of the Unbound DNS resolver via a
Scheme API. The API currently provides very common options and
includes an escape hatch to enable less common configurations.

* gnu/service/dns.scm (unbound-serialize-field): New procedure.
(unbound-serialize-alist, unbound-serialize-section)
(unbound-serialize-string, unbound-serialize-boolean)
(unbound-serialize-list-of-strings): New procedures.
(unbound-zone): New record type.
(unbound-serialize-unbound-zone)
(unbound-serialize-list-of-unbound-zone): New procedures.
(unbound-remote): New record type.
(unbound-serialize-unbound-remote): New procedure.
(unbound-server): New record type.
(unbound-serialize-unbound-server): New procedure.
(unbound-configuration): New record type.
(unbound-config-file, unbound-shepherd-service): New procedures.
(unbound-account-service): New variable.
(unbound-service-type): New services.
* gnu/tests/dns.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (DNS Services): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I4c9646c9e17d4882e596d33ff8f738e1877fa1ae
2025-01-11 23:36:58 +01:00

110 lines
3.8 KiB
Scheme
Raw Permalink Blame History

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2025 Sören Tempel <soeren@soeren-tempel.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu tests dns)
#:use-module (gnu tests)
#:use-module (gnu system)
#:use-module (gnu system vm)
#:use-module (gnu services)
#:use-module (gnu services dns)
#:use-module (gnu services networking)
#:use-module (gnu packages dns)
#:use-module (guix gexp)
#:export (%test-unbound))
(define %unbound-os
;; TODO: Unbound config
(let ((base-os
(simple-operating-system
(service dhcp-client-service-type)
(service unbound-service-type
(unbound-configuration
(server
(unbound-server
(interface '("127.0.0.1" "::1"))
(extra-options
'((local-data . "example.local A 192.0.2.1"))))))))))
(operating-system
(inherit base-os)
(packages
(append (list
`(,isc-bind "utils")
unbound)
(operating-system-packages base-os))))))
(define (run-unbound-test)
"Run tests in %unbound-os with a running unbound daemon on localhost."
(define os
(marionette-operating-system
%unbound-os
#:imported-modules '((gnu services herd))))
(define vm
(virtual-machine os))
(define test
(with-imported-modules '((gnu build marionette))
#~(begin
(use-modules (srfi srfi-64)
(gnu build marionette))
(define marionette
(make-marionette (list #$vm)))
(test-runner-current (system-test-runner #$output))
(test-begin "unbound")
(test-assert "service is running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
;; Make sure the 'unbound-control' and 'host' command is found.
(setenv "PATH" "/run/current-system/profile/bin:/run/current-system/profile/sbin")
(start-service 'unbound))
marionette))
(test-equal "unbound remote control works"
0
(marionette-eval
'(status:exit-val
(system* "unbound-control" "-s" "/run/unbound.sock" "status"))
marionette))
;; We use a custom local-data A record here to avoid depending
;; on network access and being able to contact the root servers.
(test-equal "resolves local-data domain"
"192.0.2.1"
(marionette-eval
'(begin
(use-modules (ice-9 popen) (rnrs io ports))
(let* ((port (open-input-pipe "dig @127.0.0.1 example.local +short"))
(out (get-string-all port)))
(close-port port)
(string-drop-right out 1))) ;; drop newline
marionette))
(test-end))))
(gexp->derivation "unbound-test" test))
(define %test-unbound
(system-test
(name "unbound")
(description "Test that the unbound can respond to queries.")
(value (run-unbound-test))))
Reference in a new issue View git blame Copy permalink