nixos/tests/nix-serve-ssh.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nix-serve-ssh.nix
at 23.11-pre 1.5 kB view raw
 1import ./make-test-python.nix ({ pkgs, lib, ... }:
 2let inherit (import ./ssh-keys.nix pkgs)
 3      snakeOilPrivateKey snakeOilPublicKey;
 4    ssh-config = builtins.toFile "ssh.conf" ''
 5      UserKnownHostsFile=/dev/null
 6      StrictHostKeyChecking=no
 7    '';
 8in
 9   { name = "nix-ssh-serve";
10     meta.maintainers = [ lib.maintainers.shlevy ];
11     nodes =
12       { server.nix.sshServe =
13           { enable = true;
14             keys = [ snakeOilPublicKey ];
15             protocol = "ssh-ng";
16           };
17         server.nix.package = pkgs.nix;
18         client.nix.package = pkgs.nix;
19       };
20     testScript = ''
21       start_all()
22
23       client.succeed("mkdir -m 700 /root/.ssh")
24       client.succeed(
25           "cat ${ssh-config} > /root/.ssh/config"
26       )
27       client.succeed(
28           "cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa"
29       )
30       client.succeed("chmod 600 /root/.ssh/id_ecdsa")
31
32       client.succeed("nix-store --add /etc/machine-id > mach-id-path")
33
34       server.wait_for_unit("sshd")
35
36       client.fail("diff /root/other-store$(cat mach-id-path) /etc/machine-id")
37       # Currently due to shared store this is a noop :(
38       client.succeed("nix copy --experimental-features 'nix-command' --to ssh-ng://nix-ssh@server $(cat mach-id-path)")
39       client.succeed(
40           "nix-store --realise $(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh@server"
41       )
42       client.succeed("diff /root/other-store$(cat mach-id-path) /etc/machine-id")
43     '';
44   }
45)