Split tests up based on certain use cases:
- http01-builtin: Tests most functionality of the core module, such
as the systemd and hashing components, whilst utilising lego's built
in http01 resolution mechanis.
- dns01: Tests only that DNS01 renewal works as expected.
- nginx: Tests nginx compatability
- httpd: Tests httpd compatability
- caddy: Tests caddy compatability
This test has always been broken. The fix is not obvious, there was an attempt to set up mount namespaces, but this will fail if the output directory doesn't exist. In the default configuration it will fail because the directory doesn't exist until cross-seed runs the first time. This points at a real issue with the module that should be addressed. But for now let's remove the broken test, then we can add it back in working condition.
Original PR: https://github.com/NixOS/nixpkgs/pull/383409
This lets us remove an assertion, because `pathWith` can require that a
file not be in the store.
Note that the old assertion didn't quite do what we wanted: it prevented
you from using top level store paths (such as
`/nix/store/gg8578vvbcf1wpqvk85bigi5s4pvylkk-test-certificates`), but was
ok with sub-files (such as
`/nix/store/gg8578vvbcf1wpqvk85bigi5s4pvylkk-test-certificates/intermediate-password-file`).
Now that we're stricter, we need some way to populate
`intermediatePasswordFile` in our test without making the type unhappy.
I opted to solve that by creating a file in `/etc`.
On my machine, I see that this `curl` command often fails. This is
because the caddy server hasn't finished the ACME dance with the step-ca
server yet.
This seems like the simplest fix. Alternatives I considered (and would
be happy to implement if folks prefer):
- Use `wait_for_file` to wait for the certificate to appear
- Increase caddy's log level and scrape its logs for the "certificate obtained"
message.
