nixos/tests/upnp.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / upnp.nix
at 23.05-pre 3.0 kB view raw
 1# This tests whether UPnP port mappings can be created using Miniupnpd
 2# and Miniupnpc.
 3# It runs a Miniupnpd service on one machine, and verifies
 4# a client can indeed create a port mapping using Miniupnpc. If
 5# this succeeds an external client will try to connect to the port
 6# mapping.
 7
 8import ./make-test-python.nix ({ pkgs, ... }:
 9
10let
11  internalRouterAddress = "192.168.3.1";
12  internalClient1Address = "192.168.3.2";
13  externalRouterAddress = "80.100.100.1";
14  externalClient2Address = "80.100.100.2";
15in
16{
17  name = "upnp";
18  meta = with pkgs.lib.maintainers; {
19    maintainers = [ bobvanderlinden ];
20  };
21
22  nodes =
23    {
24      router =
25        { pkgs, nodes, ... }:
26        { virtualisation.vlans = [ 1 2 ];
27          networking.nat.enable = true;
28          networking.nat.internalInterfaces = [ "eth2" ];
29          networking.nat.externalInterface = "eth1";
30          networking.firewall.enable = true;
31          networking.firewall.trustedInterfaces = [ "eth2" ];
32          networking.interfaces.eth1.ipv4.addresses = [
33            { address = externalRouterAddress; prefixLength = 24; }
34          ];
35          networking.interfaces.eth2.ipv4.addresses = [
36            { address = internalRouterAddress; prefixLength = 24; }
37          ];
38          services.miniupnpd = {
39            enable = true;
40            externalInterface = "eth1";
41            internalIPs = [ "eth2" ];
42            appendConfig = ''
43              ext_ip=${externalRouterAddress}
44            '';
45          };
46        };
47
48      client1 =
49        { pkgs, nodes, ... }:
50        { environment.systemPackages = [ pkgs.miniupnpc pkgs.netcat ];
51          virtualisation.vlans = [ 2 ];
52          networking.defaultGateway = internalRouterAddress;
53          networking.interfaces.eth1.ipv4.addresses = [
54            { address = internalClient1Address; prefixLength = 24; }
55          ];
56          networking.firewall.enable = false;
57
58          services.httpd.enable = true;
59          services.httpd.virtualHosts.localhost = {
60            listen = [{ ip = "*"; port = 9000; }];
61            adminAddr = "foo@example.org";
62            documentRoot = "/tmp";
63          };
64        };
65
66      client2 =
67        { pkgs, ... }:
68        { environment.systemPackages = [ pkgs.miniupnpc ];
69          virtualisation.vlans = [ 1 ];
70          networking.interfaces.eth1.ipv4.addresses = [
71            { address = externalClient2Address; prefixLength = 24; }
72          ];
73          networking.firewall.enable = false;
74        };
75    };
76
77  testScript =
78    { nodes, ... }:
79    ''
80      start_all()
81
82      # Wait for network and miniupnpd.
83      router.wait_for_unit("network-online.target")
84      # $router.wait_for_unit("nat")
85      router.wait_for_unit("firewall.service")
86      router.wait_for_unit("miniupnpd")
87
88      client1.wait_for_unit("network-online.target")
89
90      client1.succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP")
91
92      client1.wait_for_unit("httpd")
93      client2.wait_until_succeeds("curl -f http://${externalRouterAddress}:9000/")
94    '';
95
96})