nixos/tests/cjdns.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / cjdns.nix
at 23.05-pre 3.4 kB view raw
  1let
  2  carolKey = "2d2a338b46f8e4a8c462f0c385b481292a05f678e19a2b82755258cf0f0af7e2";
  3  carolPubKey = "n932l3pjvmhtxxcdrqq2qpw5zc58f01vvjx01h4dtd1bb0nnu2h0.k";
  4  carolPassword = "678287829ce4c67bc8b227e56d94422ee1b85fa11618157b2f591de6c6322b52";
  5
  6  basicConfig =
  7    { ... }:
  8    { services.cjdns.enable = true;
  9
 10      # Turning off DHCP isn't very realistic but makes
 11      # the sequence of address assignment less stochastic.
 12      networking.useDHCP = false;
 13
 14      # CJDNS output is incompatible with the XML log.
 15      systemd.services.cjdns.serviceConfig.StandardOutput = "null";
 16    };
 17
 18in
 19
 20import ./make-test-python.nix ({ pkgs, ...} : {
 21  name = "cjdns";
 22  meta = with pkgs.lib.maintainers; {
 23    maintainers = [ ehmry ];
 24  };
 25
 26  nodes = { # Alice finds peers over over ETHInterface.
 27      alice =
 28        { ... }:
 29        { imports = [ basicConfig ];
 30
 31          services.cjdns.ETHInterface.bind = "eth1";
 32
 33          services.httpd.enable = true;
 34          services.httpd.adminAddr = "foo@example.org";
 35          networking.firewall.allowedTCPPorts = [ 80 ];
 36        };
 37
 38      # Bob explicitly connects to Carol over UDPInterface.
 39      bob =
 40        { ... }:
 41
 42        { imports = [ basicConfig ];
 43
 44          networking.interfaces.eth1.ipv4.addresses = [
 45            { address = "192.168.0.2"; prefixLength = 24; }
 46          ];
 47
 48          services.cjdns =
 49            { UDPInterface =
 50                { bind = "0.0.0.0:1024";
 51                  connectTo."192.168.0.1:1024" =
 52                    { password = carolPassword;
 53                      publicKey = carolPubKey;
 54                    };
 55                };
 56            };
 57        };
 58
 59      # Carol listens on ETHInterface and UDPInterface,
 60      # but knows neither Alice or Bob.
 61      carol =
 62        { ... }:
 63        { imports = [ basicConfig ];
 64
 65          environment.etc."cjdns.keys".text = ''
 66            CJDNS_PRIVATE_KEY=${carolKey}
 67            CJDNS_ADMIN_PASSWORD=FOOBAR
 68          '';
 69
 70          networking.interfaces.eth1.ipv4.addresses = [
 71            { address = "192.168.0.1"; prefixLength = 24; }
 72          ];
 73
 74          services.cjdns =
 75            { authorizedPasswords = [ carolPassword ];
 76              ETHInterface.bind = "eth1";
 77              UDPInterface.bind = "192.168.0.1:1024";
 78            };
 79          networking.firewall.allowedUDPPorts = [ 1024 ];
 80        };
 81
 82    };
 83
 84  testScript =
 85    ''
 86      import re
 87
 88      start_all()
 89
 90      alice.wait_for_unit("cjdns.service")
 91      bob.wait_for_unit("cjdns.service")
 92      carol.wait_for_unit("cjdns.service")
 93
 94
 95      def cjdns_ip(machine):
 96          res = machine.succeed("ip -o -6 addr show dev tun0")
 97          ip = re.split("\s+|/", res)[3]
 98          machine.log("has ip {}".format(ip))
 99          return ip
100
101
102      alice_ip6 = cjdns_ip(alice)
103      bob_ip6 = cjdns_ip(bob)
104      carol_ip6 = cjdns_ip(carol)
105
106      # ping a few times each to let the routing table establish itself
107
108      alice.succeed("ping -c 4 {}".format(carol_ip6))
109      bob.succeed("ping -c 4 {}".format(carol_ip6))
110
111      carol.succeed("ping -c 4 {}".format(alice_ip6))
112      carol.succeed("ping -c 4 {}".format(bob_ip6))
113
114      alice.succeed("ping -c 4 {}".format(bob_ip6))
115      bob.succeed("ping -c 4 {}".format(alice_ip6))
116
117      alice.wait_for_unit("httpd.service")
118
119      bob.succeed("curl --fail -g http://[{}]".format(alice_ip6))
120    '';
121})