nixos/dovecot: Fix createMailUser implementation

This option got introduced in 7904499 and it didn't check whether mailUser and mailGroup are null, which they are by default. Now we're only creating the user if createMailUser is set in conjunction with mailUser and the group if mailGroup is set as well. I've added a NixOS VM test so that we can verify whether dovecot works without any additional options set, so it serves as a regression test for issue #29466 and other issues that might come up with future changes to the Dovecot service. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Fixes: #29466 Cc: @qknight, @abbradar, @ixmatus, @siddharthist
NixOS · Sep 17, 2017 · 3ba2095 · 3ba2095
1 parent 222e186
commit 3ba2095
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 5 deletions.
diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix
@@ -9,6 +9,8 @@ let
   baseDir = "/run/dovecot2";
   stateDir = "/var/lib/dovecot";
 
+  canCreateMailUserGroup = cfg.mailUser != null && cfg.mailGroup != null;
+
   dovecotConf = concatStrings [
     ''
       base_dir = ${baseDir}
@@ -314,17 +316,18 @@ in
            description = "Dovecot user";
            group = cfg.group;
          }
-      ++ optional cfg.createMailUser
-         { name = cfg.mailUser;
-           description = "Virtual Mail User";
+      ++ optional (cfg.createMailUser && cfg.mailUser != null)
+         ({ name = cfg.mailUser;
+            description = "Virtual Mail User";
+         } // optionalAttrs (cfg.mailGroup != null) {
            group = cfg.mailGroup;
-         };
+         });
 
     users.extraGroups = optional (cfg.group == "dovecot2")
       { name = "dovecot2";
         gid = config.ids.gids.dovecot2;
       }
-    ++ optional cfg.createMailUser
+    ++ optional (cfg.createMailUser && cfg.mailGroup != null)
       { name = cfg.mailGroup;
       };
 

diff --git a/nixos/release.nix b/nixos/release.nix
@@ -236,6 +236,7 @@ in rec {
   tests.containers-macvlans = callTest tests/containers-macvlans.nix {};
   tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
   tests.docker-edge = hydraJob (import tests/docker-edge.nix { system = "x86_64-linux"; });
+  tests.dovecot = callTest tests/dovecot.nix {};
   tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };
   tests.ecryptfs = callTest tests/ecryptfs.nix {};
   tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });

diff --git a/nixos/tests/dovecot.nix b/nixos/tests/dovecot.nix
@@ -0,0 +1,64 @@
+import ./make-test.nix {
+  name = "dovecot";
+
+  machine = { pkgs, ... }: {
+    imports = [ common/user-account.nix ];
+    services.postfix.enable = true;
+    services.dovecot2.enable = true;
+    services.dovecot2.protocols = [ "imap" "pop3" ];
+    environment.systemPackages = let
+      sendTestMail = pkgs.writeScriptBin "send-testmail" ''
+        #!${pkgs.stdenv.shell}
+        exec sendmail -vt <<MAIL
+        From: root@localhost
+        To: alice@localhost
+        Subject: Very important!
+
+        Hello world!
+        MAIL
+      '';
+
+      testImap = pkgs.writeScriptBin "test-imap" ''
+        #!${pkgs.python3.interpreter}
+        import imaplib
+
+        with imaplib.IMAP4('localhost') as imap:
+          imap.login('alice', 'foobar')
+          imap.select()
+          status, refs = imap.search(None, 'ALL')
+          assert status == 'OK'
+          assert len(refs) == 1
+          status, msg = imap.fetch(refs[0], 'BODY[TEXT]')
+          assert status == 'OK'
+          assert msg[0][1].strip() == b'Hello world!'
+      '';
+
+      testPop = pkgs.writeScriptBin "test-pop" ''
+        #!${pkgs.python3.interpreter}
+        import poplib
+
+        pop = poplib.POP3('localhost')
+        try:
+          pop.user('alice')
+          pop.pass_('foobar')
+          assert len(pop.list()[1]) == 1
+          status, fullmail, size = pop.retr(1)
+          assert status.startswith(b'+OK ')
+          body = b"".join(fullmail[fullmail.index(b""):]).strip()
+          assert body == b'Hello world!'
+        finally:
+          pop.quit()
+      '';
+
+    in [ sendTestMail testImap testPop ];
+  };
+
+  testScript = ''
+    $machine->waitForUnit('postfix.service');
+    $machine->waitForUnit('dovecot2.service');
+    $machine->succeed('send-testmail');
+    $machine->waitUntilFails('[ "$(postqueue -p)" != "Mail queue is empty" ]');
+    $machine->succeed('test-imap');
+    $machine->succeed('test-pop');
+  '';
+}