nixos/tests/containers-tmpfs.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / containers-tmpfs.nix
at 17.09-beta 3.3 kB view raw
 1# Test for NixOS' container support.
 2
 3import ./make-test.nix ({ pkgs, ...} : {
 4  name = "containers-bridge";
 5  meta = with pkgs.stdenv.lib.maintainers; {
 6    maintainers = [ ckampka ];
 7  };
 8
 9  machine =
10    { config, pkgs, ... }:
11    { imports = [ ../modules/installer/cd-dvd/channel.nix ];
12      virtualisation.writableStore = true;
13      virtualisation.memorySize = 768;
14
15      containers.tmpfs =
16        {
17          autoStart = true;
18          tmpfs = [
19            # Mount var as a tmpfs
20            "/var"
21
22            # Add a nested mount inside a tmpfs
23            "/var/log"
24
25            # Add a tmpfs on a path that does not exist
26            "/some/random/path"
27          ];
28          config = { };
29        };
30
31      virtualisation.pathsInNixDB = [ pkgs.stdenv ];
32    };
33
34  testScript =
35    ''
36      $machine->waitForUnit("default.target");
37      $machine->succeed("nixos-container list") =~ /tmpfs/ or die;
38
39      # Start the tmpfs container.
40      #$machine->succeed("nixos-container status tmpfs") =~ /up/ or die;
41
42      # Verify that /var is mounted as a tmpfs
43      #$machine->succeed("nixos-container run tmpfs -- systemctl status var.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die;
44      $machine->succeed("nixos-container run tmpfs -- mountpoint -q /var 2>/dev/null");
45
46      # Verify that /var/log is mounted as a tmpfs
47      $machine->succeed("nixos-container run tmpfs -- systemctl status var-log.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die;
48      $machine->succeed("nixos-container run tmpfs -- mountpoint -q /var/log 2>/dev/null");
49
50      # Verify that /some/random/path is mounted as a tmpfs
51      $machine->succeed("nixos-container run tmpfs -- systemctl status some-random-path.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die;
52      $machine->succeed("nixos-container run tmpfs -- mountpoint -q /some/random/path 2>/dev/null");
53
54      # Verify that files created in the container in a non-tmpfs directory are visible on the host.
55      # This establishes legitimacy for the following tests
56      $machine->succeed("nixos-container run tmpfs -- touch /root/test.file 2>/dev/null");
57      $machine->succeed("nixos-container run tmpfs -- ls -l  /root | grep -q test.file 2>/dev/null");
58      $machine->succeed("test -e /var/lib/containers/tmpfs/root/test.file");
59
60
61      # Verify that /some/random/path is writable and that files created there
62      # are not in the hosts container dir but in the tmpfs
63      $machine->succeed("nixos-container run tmpfs -- touch /some/random/path/test.file 2>/dev/null");
64      $machine->succeed("nixos-container run tmpfs -- test -e /some/random/path/test.file 2>/dev/null");
65
66      $machine->fail("test -e /var/lib/containers/tmpfs/some/random/path/test.file");
67
68      # Verify that files created in the hosts container dir in a path where a tmpfs file system has been mounted
69      # are not visible to the container as the do not exist in the tmpfs
70      $machine->succeed("touch /var/lib/containers/tmpfs/var/test.file");
71
72      $machine->succeed("test -e /var/lib/containers/tmpfs/var/test.file");
73      $machine->succeed("ls -l /var/lib/containers/tmpfs/var/ | grep -q test.file 2>/dev/null");
74
75      $machine->fail("nixos-container run tmpfs -- ls -l /var | grep -q test.file 2>/dev/null");
76
77    '';
78
79})