nixos/tests/nix-serve-ssh.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nix-serve-ssh.nix
at 25.11-pre 1.5 kB view raw
 1import ./make-test-python.nix (
 2  { pkgs, lib, ... }:
 3  let
 4    inherit (import ./ssh-keys.nix pkgs)
 5      snakeOilPrivateKey
 6      snakeOilPublicKey
 7      ;
 8    ssh-config = builtins.toFile "ssh.conf" ''
 9      UserKnownHostsFile=/dev/null
10      StrictHostKeyChecking=no
11    '';
12  in
13  {
14    name = "nix-ssh-serve";
15    meta.maintainers = [ lib.maintainers.shlevy ];
16    nodes = {
17      server.nix.sshServe = {
18        enable = true;
19        keys = [ snakeOilPublicKey ];
20        protocol = "ssh-ng";
21      };
22      server.nix.package = pkgs.nix;
23      client.nix.package = pkgs.nix;
24    };
25    testScript = ''
26      start_all()
27
28      client.succeed("mkdir -m 700 /root/.ssh")
29      client.succeed(
30          "cat ${ssh-config} > /root/.ssh/config"
31      )
32      client.succeed(
33          "cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa"
34      )
35      client.succeed("chmod 600 /root/.ssh/id_ecdsa")
36
37      client.succeed("nix-store --add /etc/machine-id > mach-id-path")
38
39      server.wait_for_unit("sshd")
40
41      client.fail("diff /root/other-store$(cat mach-id-path) /etc/machine-id")
42      # Currently due to shared store this is a noop :(
43      client.succeed("nix copy --experimental-features 'nix-command' --to ssh-ng://nix-ssh@server $(cat mach-id-path)")
44      client.succeed(
45          "nix-store --realise $(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh@server"
46      )
47      client.succeed("diff /root/other-store$(cat mach-id-path) /etc/machine-id")
48    '';
49  }
50)