pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / nixops / default.nix
at 22.05-pre 3.8 kB view raw
1{ pkgs, ... }: 2let 3 inherit (pkgs) lib; 4 5 tests = { 6 # TODO: uncomment stable 7 # - Blocked on https://github.com/NixOS/nixpkgs/issues/138584 which has a 8 # PR in staging: https://github.com/NixOS/nixpkgs/pull/139986 9 # - Alternatively, blocked on a NixOps 2 release 10 # https://github.com/NixOS/nixops/issues/1242 11 # stable = testsLegacyNetwork { nixopsPkg = pkgs.nixops; }; 12 unstable = testsForPackage { nixopsPkg = pkgs.nixopsUnstable; }; 13 14 # inherit testsForPackage; 15 }; 16 17 testsForPackage = lib.makeOverridable (args: lib.recurseIntoAttrs { 18 legacyNetwork = testLegacyNetwork args; 19 }); 20 21 testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({ 22 nodes = { 23 deployer = { config, lib, nodes, pkgs, ... }: { 24 imports = [ ../../modules/installer/cd-dvd/channel.nix ]; 25 environment.systemPackages = [ nixopsPkg ]; 26 nix.binaryCaches = lib.mkForce [ ]; 27 users.users.person.isNormalUser = true; 28 virtualisation.writableStore = true; 29 virtualisation.additionalPaths = [ 30 pkgs.hello 31 pkgs.figlet 32 33 # This includes build dependencies all the way down. Not efficient, 34 # but we do need build deps to an *arbitrary* depth, which is hard to 35 # determine. 36 (allDrvOutputs nodes.server.config.system.build.toplevel) 37 ]; 38 }; 39 server = { lib, ... }: { 40 imports = [ ./legacy/base-configuration.nix ]; 41 }; 42 }; 43 44 testScript = { nodes }: 45 let 46 deployerSetup = pkgs.writeScript "deployerSetup" '' 47 #!${pkgs.runtimeShell} 48 set -eux -o pipefail 49 cp --no-preserve=mode -r ${./legacy} unicorn 50 cp --no-preserve=mode ${../ssh-keys.nix} unicorn/ssh-keys.nix 51 mkdir -p ~/.ssh 52 cp ${snakeOilPrivateKey} ~/.ssh/id_ed25519 53 chmod 0400 ~/.ssh/id_ed25519 54 ''; 55 serverNetworkJSON = pkgs.writeText "server-network.json" 56 (builtins.toJSON nodes.server.config.system.build.networkConfig); 57 in 58 '' 59 import shlex 60 61 def deployer_do(cmd): 62 cmd = shlex.quote(cmd) 63 return deployer.succeed(f"su person -l -c {cmd} &>/dev/console") 64 65 start_all() 66 67 deployer_do("cat /etc/hosts") 68 69 deployer_do("${deployerSetup}") 70 deployer_do("cp ${serverNetworkJSON} unicorn/server-network.json") 71 72 # Establish that ssh works, regardless of nixops 73 # Easy way to accept the server host key too. 74 server.wait_for_open_port(22) 75 deployer.wait_for_unit("network.target") 76 77 # Put newlines on console, to flush the console reader's line buffer 78 # in case nixops' last output did not end in a newline, as is the case 79 # with a status line (if implemented?) 80 deployer.succeed("while sleep 60s; do echo [60s passed]; done >&2 &") 81 82 deployer_do("cd ~/unicorn; ssh -oStrictHostKeyChecking=accept-new root@server echo hi") 83 84 # Create and deploy 85 deployer_do("cd ~/unicorn; nixops create") 86 87 deployer_do("cd ~/unicorn; nixops deploy --confirm") 88 89 deployer_do("cd ~/unicorn; nixops ssh server 'hello | figlet'") 90 ''; 91 }); 92 93 inherit (import ../ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; 94 95 /* 96 Return a store path with a closure containing everything including 97 derivations and all build dependency outputs, all the way down. 98 */ 99 allDrvOutputs = pkg: 100 let name = lib.strings.sanitizeDerivationName "allDrvOutputs-${pkg.pname or pkg.name or "unknown"}"; 101 in 102 pkgs.runCommand name { refs = pkgs.writeReferencesToFile pkg.drvPath; } '' 103 touch $out 104 while read ref; do 105 case $ref in 106 *.drv) 107 cat $ref >>$out 108 ;; 109 esac 110 done <$refs 111 ''; 112 113in 114tests