pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / docker.nix
at 23.05-pre 1.8 kB view raw
1# This test runs docker and checks if simple container starts 2 3import ./make-test-python.nix ({ pkgs, ...} : { 4 name = "docker"; 5 meta = with pkgs.lib.maintainers; { 6 maintainers = [ nequissimus offline ]; 7 }; 8 9 nodes = { 10 docker = 11 { pkgs, ... }: 12 { 13 virtualisation.docker.enable = true; 14 virtualisation.docker.autoPrune.enable = true; 15 virtualisation.docker.package = pkgs.docker; 16 17 users.users = { 18 noprivs = { 19 isNormalUser = true; 20 description = "Can't access the docker daemon"; 21 password = "foobar"; 22 }; 23 24 hasprivs = { 25 isNormalUser = true; 26 description = "Can access the docker daemon"; 27 password = "foobar"; 28 extraGroups = [ "docker" ]; 29 }; 30 }; 31 }; 32 }; 33 34 testScript = '' 35 start_all() 36 37 docker.wait_for_unit("sockets.target") 38 docker.succeed("tar cv --files-from /dev/null | docker import - scratchimg") 39 docker.succeed( 40 "docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" 41 ) 42 docker.succeed("docker ps | grep sleeping") 43 docker.succeed("sudo -u hasprivs docker ps") 44 docker.fail("sudo -u noprivs docker ps") 45 docker.succeed("docker stop sleeping") 46 47 # Must match version 4 times to ensure client and server git commits and versions are correct 48 docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "4" ]') 49 docker.succeed("systemctl restart systemd-sysctl") 50 docker.succeed("grep 1 /proc/sys/net/ipv4/conf/all/forwarding") 51 docker.succeed("grep 1 /proc/sys/net/ipv4/conf/default/forwarding") 52 ''; 53})