nixos/tests/lxd-image-server.nix at 22.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / lxd-image-server.nix
at 22.05-pre 3.2 kB view raw
  1import ./make-test-python.nix ({ pkgs, ...} :
  2
  3let
  4  # Since we don't have access to the internet during the tests, we have to
  5  # pre-fetch lxd containers beforehand.
  6  #
  7  # I've chosen to import Alpine Linux, because its image is turbo-tiny and,
  8  # generally, sufficient for our tests.
  9  alpine-meta = pkgs.fetchurl {
 10    url = "https://tarballs.nixos.org/alpine/3.12/lxd.tar.xz";
 11    hash = "sha256-1tcKaO9lOkvqfmG/7FMbfAEToAuFy2YMewS8ysBKuLA=";
 12  };
 13
 14  alpine-rootfs = pkgs.fetchurl {
 15    url = "https://tarballs.nixos.org/alpine/3.12/rootfs.tar.xz";
 16    hash = "sha256-Tba9sSoaiMtQLY45u7p5DMqXTSDgs/763L/SQp0bkCA=";
 17  };
 18
 19  lxd-config = pkgs.writeText "config.yaml" ''
 20    storage_pools:
 21      - name: default
 22        driver: dir
 23        config:
 24          source: /var/lxd-pool
 25
 26    networks:
 27      - name: lxdbr0
 28        type: bridge
 29        config:
 30          ipv4.address: auto
 31          ipv6.address: none
 32
 33    profiles:
 34      - name: default
 35        devices:
 36          eth0:
 37            name: eth0
 38            network: lxdbr0
 39            type: nic
 40          root:
 41            path: /
 42            pool: default
 43            type: disk
 44  '';
 45
 46
 47in {
 48  name = "lxd-image-server";
 49
 50  meta = with pkgs.lib.maintainers; {
 51    maintainers = [ mkg20001 ];
 52  };
 53
 54  machine = { lib, ... }: {
 55    virtualisation = {
 56      cores = 2;
 57
 58      memorySize = 2048;
 59      diskSize = 4096;
 60
 61      lxc.lxcfs.enable = true;
 62      lxd.enable = true;
 63    };
 64
 65    security.pki.certificates = [
 66      (builtins.readFile ./common/acme/server/ca.cert.pem)
 67    ];
 68
 69    services.nginx = {
 70      enable = true;
 71    };
 72
 73    services.lxd-image-server = {
 74      enable = true;
 75      nginx = {
 76        enable = true;
 77        domain = "acme.test";
 78      };
 79    };
 80
 81    services.nginx.virtualHosts."acme.test" = {
 82      enableACME = false;
 83      sslCertificate = ./common/acme/server/acme.test.cert.pem;
 84      sslCertificateKey = ./common/acme/server/acme.test.key.pem;
 85    };
 86
 87    networking.hosts = {
 88      "::1" = [ "acme.test" ];
 89    };
 90  };
 91
 92  testScript = ''
 93    machine.wait_for_unit("sockets.target")
 94    machine.wait_for_unit("lxd.service")
 95    machine.wait_for_file("/var/lib/lxd/unix.socket")
 96
 97    # It takes additional second for lxd to settle
 98    machine.sleep(1)
 99
100    # lxd expects the pool's directory to already exist
101    machine.succeed("mkdir /var/lxd-pool")
102
103
104    machine.succeed(
105        "cat ${lxd-config} | lxd init --preseed"
106    )
107
108    machine.succeed(
109        "lxc image import ${alpine-meta} ${alpine-rootfs} --alias alpine"
110    )
111
112    loc = "/var/www/simplestreams/images/iats/alpine/amd64/default/v1"
113
114    with subtest("push image to server"):
115        machine.succeed("lxc launch alpine test")
116        machine.succeed("lxc stop test")
117        machine.succeed("lxc publish --public test --alias=testimg")
118        machine.succeed("lxc image export testimg")
119        machine.succeed("ls >&2")
120        machine.succeed("mkdir -p " + loc)
121        machine.succeed("mv *.tar.gz " + loc)
122
123    with subtest("pull image from server"):
124        machine.succeed("lxc remote add img https://acme.test --protocol=simplestreams")
125        machine.succeed("lxc image list img: >&2")
126  '';
127})