pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / nixops / default.nix
at 23.05-pre 3.8 kB view raw
1{ pkgs, ... }: 2let 3 inherit (pkgs) lib; 4 5 tests = { 6 # TODO: uncomment stable 7 # - Blocked on https://github.com/NixOS/nixpkgs/issues/138584 which has a 8 # PR in staging: https://github.com/NixOS/nixpkgs/pull/139986 9 # - Alternatively, blocked on a NixOps 2 release 10 # https://github.com/NixOS/nixops/issues/1242 11 # stable = testsLegacyNetwork { nixopsPkg = pkgs.nixops; }; 12 unstable = testsForPackage { nixopsPkg = pkgs.nixops_unstable; }; 13 14 # inherit testsForPackage; 15 }; 16 17 testsForPackage = lib.makeOverridable (args: lib.recurseIntoAttrs { 18 legacyNetwork = testLegacyNetwork args; 19 }); 20 21 testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({ 22 name = "nixops-legacy-network"; 23 nodes = { 24 deployer = { config, lib, nodes, pkgs, ... }: { 25 imports = [ ../../modules/installer/cd-dvd/channel.nix ]; 26 environment.systemPackages = [ nixopsPkg ]; 27 nix.settings.substituters = lib.mkForce [ ]; 28 users.users.person.isNormalUser = true; 29 virtualisation.writableStore = true; 30 virtualisation.additionalPaths = [ 31 pkgs.hello 32 pkgs.figlet 33 34 # This includes build dependencies all the way down. Not efficient, 35 # but we do need build deps to an *arbitrary* depth, which is hard to 36 # determine. 37 (allDrvOutputs nodes.server.config.system.build.toplevel) 38 ]; 39 }; 40 server = { lib, ... }: { 41 imports = [ ./legacy/base-configuration.nix ]; 42 }; 43 }; 44 45 testScript = { nodes }: 46 let 47 deployerSetup = pkgs.writeScript "deployerSetup" '' 48 #!${pkgs.runtimeShell} 49 set -eux -o pipefail 50 cp --no-preserve=mode -r ${./legacy} unicorn 51 cp --no-preserve=mode ${../ssh-keys.nix} unicorn/ssh-keys.nix 52 mkdir -p ~/.ssh 53 cp ${snakeOilPrivateKey} ~/.ssh/id_ed25519 54 chmod 0400 ~/.ssh/id_ed25519 55 ''; 56 serverNetworkJSON = pkgs.writeText "server-network.json" 57 (builtins.toJSON nodes.server.config.system.build.networkConfig); 58 in 59 '' 60 import shlex 61 62 def deployer_do(cmd): 63 cmd = shlex.quote(cmd) 64 return deployer.succeed(f"su person -l -c {cmd} &>/dev/console") 65 66 start_all() 67 68 deployer_do("cat /etc/hosts") 69 70 deployer_do("${deployerSetup}") 71 deployer_do("cp ${serverNetworkJSON} unicorn/server-network.json") 72 73 # Establish that ssh works, regardless of nixops 74 # Easy way to accept the server host key too. 75 server.wait_for_open_port(22) 76 deployer.wait_for_unit("network.target") 77 78 # Put newlines on console, to flush the console reader's line buffer 79 # in case nixops' last output did not end in a newline, as is the case 80 # with a status line (if implemented?) 81 deployer.succeed("while sleep 60s; do echo [60s passed]; done >&2 &") 82 83 deployer_do("cd ~/unicorn; ssh -oStrictHostKeyChecking=accept-new root@server echo hi") 84 85 # Create and deploy 86 deployer_do("cd ~/unicorn; nixops create") 87 88 deployer_do("cd ~/unicorn; nixops deploy --confirm") 89 90 deployer_do("cd ~/unicorn; nixops ssh server 'hello | figlet'") 91 ''; 92 }); 93 94 inherit (import ../ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; 95 96 /* 97 Return a store path with a closure containing everything including 98 derivations and all build dependency outputs, all the way down. 99 */ 100 allDrvOutputs = pkg: 101 let name = "allDrvOutputs-${pkg.pname or pkg.name or "unknown"}"; 102 in 103 pkgs.runCommand name { refs = pkgs.writeReferencesToFile pkg.drvPath; } '' 104 touch $out 105 while read ref; do 106 case $ref in 107 *.drv) 108 cat $ref >>$out 109 ;; 110 esac 111 done <$refs 112 ''; 113 114in 115tests