[Backport release-24.11] nixos/opensmtpd: fix tests, fix sendmail, ad…

…d sendmail test (#368307) * nixos/opensmtpd: fix opensmtpd test (cherry picked from commit 42c2634) * nixos/opensmtpd: fix opensmtpd-rspamd test (cherry picked from commit c340fd8) * fix opensmtpd's sendmail, add relevant test (cherry picked from commit fb4ff06) * nixos/opensmtpd: run nixfmt as requested by ci (cherry picked from commit 69a8aba) --------- Co-authored-by: Léo Gaspard <[email protected]>
NixOS · Dec 27, 2024 · 3f02dc2 · 3f02dc2
1 parent 2db5eb1
commit 3f02dc2
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 19 deletions.
diff --git a/nixos/modules/services/mail/opensmtpd.nix b/nixos/modules/services/mail/opensmtpd.nix
@@ -114,7 +114,11 @@ in
     };
 
     services.mail.sendmailSetuidWrapper = lib.mkIf cfg.setSendmail (
-      security.wrappers.smtpctl // { program = "sendmail"; }
+      security.wrappers.smtpctl
+      // {
+        source = "${sendmail}/bin/sendmail";
+        program = "sendmail";
+      }
     );
 
     systemd.tmpfiles.rules = [

diff --git a/nixos/tests/opensmtpd-rspamd.nix b/nixos/tests/opensmtpd-rspamd.nix
@@ -29,12 +29,8 @@ import ./make-test-python.nix {
               "${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}"
             match from any for local action dovecot_deliver
 
-            action do_relay relay
-            # DO NOT DO THIS IN PRODUCTION!
-            # Setting up authentication requires a certificate which is painful in
-            # a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A
-            # WELL-CONTROLLED ENVIRONMENT!
-            match from any for any action do_relay
+            action relay_smtp2 relay host "smtp://192.168.1.2"
+            match from any for any action relay_smtp2
           '';
         };
         services.dovecot2 = {
@@ -107,7 +103,7 @@ import ./make-test-python.nix {
               import smtplib, sys
 
               with smtplib.SMTP('192.168.1.1') as smtp:
-                smtp.sendmail('alice@[192.168.1.1]', 'bob@[192.168.1.2]', """
+                smtp.sendmail('alice@smtp1', 'bob@smtp2', """
                   From: alice@smtp1
                   To: bob@smtp2
                   Subject: Test

diff --git a/nixos/tests/opensmtpd.nix b/nixos/tests/opensmtpd.nix
@@ -16,18 +16,33 @@ import ./make-test-python.nix {
             }
           ];
         };
-        environment.systemPackages = [ pkgs.opensmtpd ];
+        environment.systemPackages =
+          let
+            testSendmail = pkgs.writeScriptBin "test-sendmail" ''
+              #!/bin/sh
+              set -euxo pipefail
+              echo "========= SENDING" >&2
+              ${pkgs.system-sendmail}/bin/sendmail -v -f alice@smtp1 bob@smtp2 >&2 <<EOF
+              From: alice@smtp1
+              To: bob@smtp2
+              Subject: Sendmail Test
+
+              Hello World
+              EOF
+              echo "=========== FINISHED SENDING" >&2
+            '';
+          in
+          [
+            pkgs.opensmtpd
+            testSendmail
+          ];
         services.opensmtpd = {
           enable = true;
           extraServerArgs = [ "-v" ];
           serverConfiguration = ''
             listen on 0.0.0.0
-            action do_relay relay
-            # DO NOT DO THIS IN PRODUCTION!
-            # Setting up authentication requires a certificate which is painful in
-            # a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A
-            # WELL-CONTROLLED ENVIRONMENT!
-            match from any for any action do_relay
+            action relay_smtp2 relay host "smtp://192.168.1.2"
+            match from any for any action relay_smtp2
           '';
         };
       };
@@ -87,7 +102,7 @@ import ./make-test-python.nix {
               import smtplib, sys
 
               with smtplib.SMTP('192.168.1.1') as smtp:
-                smtp.sendmail('alice@[192.168.1.1]', 'bob@[192.168.1.2]', """
+                smtp.sendmail('alice@smtp1', 'bob@smtp2', """
                   From: alice@smtp1
                   To: bob@smtp2
                   Subject: Test
@@ -105,16 +120,19 @@ import ./make-test-python.nix {
                 imap.select()
                 status, refs = imap.search(None, 'ALL')
                 assert status == 'OK'
-                assert len(refs) == 1
-                status, msg = imap.fetch(refs[0], 'BODY[TEXT]')
+                assert len(refs) == 1 and refs[0] != ""
+                status, msg = imap.fetch(refs[0], '(BODY[TEXT])')
                 assert status == 'OK'
                 content = msg[0][1]
                 print("===> content:", content)
                 split = content.split(b'\r\n')
                 print("===> split:", split)
-                lastline = split[-3]
+                split.reverse()
+                lastline = next(filter(lambda x: x != b"", map(bytes.strip, split)))
                 print("===> lastline:", lastline)
                 assert lastline.strip() == b'Hello World'
+                imap.store(refs[0], '+FLAGS', '\\Deleted')
+                imap.expunge()
             '';
           in
           [
@@ -143,6 +161,11 @@ import ./make-test-python.nix {
     smtp1.wait_until_fails("smtpctl show queue | egrep .")
     smtp2.wait_until_fails("smtpctl show queue | egrep .")
     client.succeed("check-mail-landed >&2")
+
+    smtp1.succeed("test-sendmail")
+    smtp1.wait_until_fails("smtpctl show queue | egrep .")
+    smtp2.wait_until_fails("smtpctl show queue | egrep .")
+    client.succeed("check-mail-landed >&2")
   '';
 
   meta.timeout = 1800;