pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / nixops / default.nix
at 23.11-pre 3.7 kB view raw
1{ pkgs, ... }: 2let 3 inherit (pkgs) lib; 4 5 tests = { 6 # TODO: uncomment stable 7 # - Blocked on https://github.com/NixOS/nixpkgs/issues/138584 which has a 8 # PR in staging: https://github.com/NixOS/nixpkgs/pull/139986 9 # - Alternatively, blocked on a NixOps 2 release 10 # https://github.com/NixOS/nixops/issues/1242 11 # stable = testsLegacyNetwork { nixopsPkg = pkgs.nixops; }; 12 unstable = testsForPackage { nixopsPkg = pkgs.nixops_unstable; }; 13 14 # inherit testsForPackage; 15 }; 16 17 testsForPackage = lib.makeOverridable (args: lib.recurseIntoAttrs { 18 legacyNetwork = testLegacyNetwork args; 19 }); 20 21 testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({ 22 name = "nixops-legacy-network"; 23 nodes = { 24 deployer = { config, lib, nodes, pkgs, ... }: { 25 imports = [ ../../modules/installer/cd-dvd/channel.nix ]; 26 environment.systemPackages = [ nixopsPkg ]; 27 nix.settings.substituters = lib.mkForce [ ]; 28 users.users.person.isNormalUser = true; 29 virtualisation.writableStore = true; 30 virtualisation.additionalPaths = [ 31 pkgs.hello 32 pkgs.figlet 33 ]; 34 35 # TODO: make this efficient, https://github.com/NixOS/nixpkgs/issues/180529 36 system.includeBuildDependencies = true; 37 }; 38 server = { lib, ... }: { 39 imports = [ ./legacy/base-configuration.nix ]; 40 }; 41 }; 42 43 testScript = { nodes }: 44 let 45 deployerSetup = pkgs.writeScript "deployerSetup" '' 46 #!${pkgs.runtimeShell} 47 set -eux -o pipefail 48 cp --no-preserve=mode -r ${./legacy} unicorn 49 cp --no-preserve=mode ${../ssh-keys.nix} unicorn/ssh-keys.nix 50 mkdir -p ~/.ssh 51 cp ${snakeOilPrivateKey} ~/.ssh/id_ed25519 52 chmod 0400 ~/.ssh/id_ed25519 53 ''; 54 serverNetworkJSON = pkgs.writeText "server-network.json" 55 (builtins.toJSON nodes.server.config.system.build.networkConfig); 56 in 57 '' 58 import shlex 59 60 def deployer_do(cmd): 61 cmd = shlex.quote(cmd) 62 return deployer.succeed(f"su person -l -c {cmd} &>/dev/console") 63 64 start_all() 65 66 deployer_do("cat /etc/hosts") 67 68 deployer_do("${deployerSetup}") 69 deployer_do("cp ${serverNetworkJSON} unicorn/server-network.json") 70 71 # Establish that ssh works, regardless of nixops 72 # Easy way to accept the server host key too. 73 server.wait_for_open_port(22) 74 deployer.wait_for_unit("network.target") 75 76 # Put newlines on console, to flush the console reader's line buffer 77 # in case nixops' last output did not end in a newline, as is the case 78 # with a status line (if implemented?) 79 deployer.succeed("while sleep 60s; do echo [60s passed]; done >&2 &") 80 81 deployer_do("cd ~/unicorn; ssh -oStrictHostKeyChecking=accept-new root@server echo hi") 82 83 # Create and deploy 84 deployer_do("cd ~/unicorn; nixops create") 85 86 deployer_do("cd ~/unicorn; nixops deploy --confirm") 87 88 deployer_do("cd ~/unicorn; nixops ssh server 'hello | figlet'") 89 ''; 90 }); 91 92 inherit (import ../ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; 93 94 /* 95 Return a store path with a closure containing everything including 96 derivations and all build dependency outputs, all the way down. 97 */ 98 allDrvOutputs = pkg: 99 let name = "allDrvOutputs-${pkg.pname or pkg.name or "unknown"}"; 100 in 101 pkgs.runCommand name { refs = pkgs.writeReferencesToFile pkg.drvPath; } '' 102 touch $out 103 while read ref; do 104 case $ref in 105 *.drv) 106 cat $ref >>$out 107 ;; 108 esac 109 done <$refs 110 ''; 111 112in 113tests