nixos/tests/systemd-bpf.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / systemd-bpf.nix
at 25.11-pre 1.5 kB view raw
 1import ./make-test-python.nix (
 2  { lib, ... }:
 3  {
 4    name = "systemd-bpf";
 5    meta = with lib.maintainers; {
 6      maintainers = [ veehaitch ];
 7    };
 8    nodes = {
 9      node1 = {
10        virtualisation.vlans = [ 1 ];
11        networking = {
12          useNetworkd = true;
13          useDHCP = false;
14          firewall.enable = false;
15          interfaces.eth1.ipv4.addresses = [
16            {
17              address = "192.168.1.1";
18              prefixLength = 24;
19            }
20          ];
21        };
22      };
23
24      node2 = {
25        virtualisation.vlans = [ 1 ];
26        networking = {
27          useNetworkd = true;
28          useDHCP = false;
29          firewall.enable = false;
30          interfaces.eth1.ipv4.addresses = [
31            {
32              address = "192.168.1.2";
33              prefixLength = 24;
34            }
35          ];
36        };
37      };
38    };
39
40    testScript = ''
41      start_all()
42      node1.systemctl("start systemd-networkd-wait-online.service")
43      node1.wait_for_unit("systemd-networkd-wait-online.service")
44      node2.systemctl("start systemd-networkd-wait-online.service")
45      node2.wait_for_unit("systemd-networkd-wait-online.service")
46
47      with subtest("test RestrictNetworkInterfaces= works"):
48        node1.succeed("ping -c 5 192.168.1.2")
49        node1.succeed("systemd-run -t -p RestrictNetworkInterfaces='eth1' ping -c 5 192.168.1.2")
50        node1.fail("systemd-run -t -p RestrictNetworkInterfaces='lo' ping -c 5 192.168.1.2")
51    '';
52  }
53)