pyrox.dev
1import ./make-test-python.nix (
2 { lib, pkgs, ... }:
3 let
4 inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
5 in
6 {
7 name = "locate";
8 meta.maintainers = with pkgs.lib.maintainers; [ chkno ];
9
10 nodes = rec {
11 a = {
12 environment.systemPackages = with pkgs; [ sshfs ];
13 virtualisation.fileSystems = {
14 "/ssh" = {
15 device = "alice@b:/";
16 fsType = "fuse.sshfs";
17 options = [
18 "allow_other"
19 "IdentityFile=/privkey"
20 "noauto"
21 "StrictHostKeyChecking=no"
22 "UserKnownHostsFile=/dev/null"
23 ];
24 };
25 };
26 services.locate = {
27 enable = true;
28 interval = "*:*:0/5";
29 };
30 };
31 b = {
32 services.openssh.enable = true;
33 users.users.alice = {
34 isNormalUser = true;
35 openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
36 };
37 };
38 };
39
40 testScript = ''
41 start_all()
42
43 # Set up sshfs mount
44 a.succeed(
45 "(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
46 )
47 b.succeed("touch /file-on-b-machine")
48 b.wait_for_open_port(22)
49 a.succeed("mkdir /ssh")
50 a.succeed("mount /ssh")
51
52 # Core locatedb functionality
53 a.succeed("touch /file-on-a-machine-1")
54 a.wait_for_file("/var/cache/locatedb")
55 a.wait_until_succeeds("locate file-on-a-machine-1")
56
57 # Wait for a second update to make sure we're using a locatedb from a run
58 # that began after the sshfs mount
59 a.succeed("touch /file-on-a-machine-2")
60 a.wait_until_succeeds("locate file-on-a-machine-2")
61
62 # We shouldn't be able to see files on the other machine
63 a.fail("locate file-on-b-machine")
64 '';
65 }
66)