pyrox.dev
1# This test runs docker and checks if simple container starts
2
3import ./make-test.nix ({ pkgs, ...} : {
4 name = "docker";
5 meta = with pkgs.stdenv.lib.maintainers; {
6 maintainers = [ offline ];
7 };
8
9 nodes = {
10 docker =
11 { config, pkgs, ... }:
12 {
13 virtualisation.docker.enable = true;
14
15 users.users = {
16 noprivs = {
17 isNormalUser = true;
18 description = "Can't access the docker daemon";
19 password = "foobar";
20 };
21
22 hasprivs = {
23 isNormalUser = true;
24 description = "Can access the docker daemon";
25 password = "foobar";
26 extraGroups = [ "docker" ];
27 };
28 };
29 };
30 };
31
32 testScript = ''
33 startAll;
34
35 $docker->waitForUnit("sockets.target");
36 $docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg");
37 $docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10");
38 $docker->succeed("docker ps | grep sleeping");
39 $docker->succeed("sudo -u hasprivs docker ps");
40 $docker->fail("sudo -u noprivs docker ps");
41 $docker->succeed("docker stop sleeping");
42 '';
43})