From 3f209044980b0ae58a17c3f03c2f5b696c1cdfd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 7 Feb 2024 14:59:50 +0100 Subject: [PATCH 1/2] tests/acme: check consistent account hash --- nixos/tests/acme.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index 272782dc2f62..a857b098bdad 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -535,6 +535,12 @@ in { check_fullchain(webserver, "http.example.test") check_issuer(webserver, "http.example.test", "pebble") + # Perform account hash test + with subtest("Assert that account hash didn't unexpected change"): + hash = webserver.succeed("ls /var/lib/acme/.lego/accounts/") + print("Account hash: " + hash) + assert hash.strip() == "d590213ed52603e9128d" + # Perform renewal test with subtest("Can renew certificates when they expire"): hash = webserver.succeed("sha256sum /var/lib/acme/http.example.test/cert.pem") From f97594c700c61543725871ee488b164946e186f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 7 Feb 2024 15:00:03 +0100 Subject: [PATCH 2/2] tests/acme: drop unused variables --- nixos/tests/acme.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index a857b098bdad..ddb3a4fc4256 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -382,8 +382,6 @@ in { testScript = { nodes, ... }: let caDomain = nodes.acme.test-support.acme.caDomain; - newServerSystem = nodes.webserver.config.system.build.toplevel; - switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test"; in # Note, wait_for_unit does not work for oneshot services that do not have RemainAfterExit=true, # this is because a oneshot goes from inactive => activating => inactive, and never