pyrox.dev
1import ../make-test-python.nix ({ lib, ... }:
2
3{
4 name = "initrd-network-ssh";
5 meta = with lib.maintainers; {
6 maintainers = [ willibutz emily ];
7 };
8
9 nodes = with lib; {
10 server =
11 { config, ... }:
12 {
13 boot.kernelParams = [
14 "ip=${config.networking.primaryIPAddress}:::255.255.255.0::eth1:none"
15 ];
16 boot.initrd.network = {
17 enable = true;
18 ssh = {
19 enable = true;
20 authorizedKeys = [ (readFile ./id_ed25519.pub) ];
21 port = 22;
22 hostKeys = [ ./ssh_host_ed25519_key ];
23 };
24 };
25 boot.initrd.extraUtilsCommands = ''
26 mkdir -p $out/secrets/etc/ssh
27 cat "${./ssh_host_ed25519_key}" > $out/secrets/etc/ssh/sh_host_ed25519_key
28 '';
29 boot.initrd.preLVMCommands = ''
30 while true; do
31 if [ -f fnord ]; then
32 poweroff
33 fi
34 sleep 1
35 done
36 '';
37 };
38
39 client =
40 { config, ... }:
41 {
42 environment.etc = {
43 knownHosts = {
44 text = concatStrings [
45 "server,"
46 "${toString (head (splitString " " (
47 toString (elemAt (splitString "\n" config.networking.extraHosts) 2)
48 )))} "
49 "${readFile ./ssh_host_ed25519_key.pub}"
50 ];
51 };
52 sshKey = {
53 source = ./id_ed25519;
54 mode = "0600";
55 };
56 };
57 };
58 };
59
60 testScript = ''
61 start_all()
62 client.wait_for_unit("network.target")
63
64
65 def ssh_is_up(_) -> bool:
66 status, _ = client.execute("nc -z server 22")
67 return status == 0
68
69
70 with client.nested("waiting for SSH server to come up"):
71 retry(ssh_is_up)
72
73
74 client.succeed(
75 "ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'touch /fnord'"
76 )
77 client.shutdown()
78 '';
79})