nixos/tests/easytier.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / easytier.nix
at master 3.0 kB view raw
  1{ lib, ... }:
  2{
  3  name = "easytier";
  4  meta.maintainers = with lib.maintainers; [ ltrump ];
  5
  6  nodes =
  7    let
  8      genPeer =
  9        hostConfig: settings:
 10        lib.mkMerge [
 11          {
 12            services.easytier = {
 13              enable = true;
 14              instances.default = {
 15                settings = {
 16                  network_name = "easytier_test";
 17                  network_secret = "easytier_test_secret";
 18                }
 19                // settings;
 20              };
 21            };
 22
 23            networking.useDHCP = false;
 24            networking.firewall.allowedTCPPorts = [
 25              11010
 26              11011
 27            ];
 28            networking.firewall.allowedUDPPorts = [
 29              11010
 30              11011
 31            ];
 32          }
 33          hostConfig
 34        ];
 35    in
 36    {
 37      relay =
 38        genPeer
 39          {
 40            virtualisation.vlans = [
 41              1
 42              2
 43            ];
 44
 45            networking.interfaces.eth1.ipv4.addresses = [
 46              {
 47                address = "192.168.1.11";
 48                prefixLength = 24;
 49              }
 50            ];
 51
 52            networking.interfaces.eth2.ipv4.addresses = [
 53              {
 54                address = "192.168.2.11";
 55                prefixLength = 24;
 56              }
 57            ];
 58          }
 59          {
 60            ipv4 = "10.144.144.1";
 61            listeners = [
 62              "tcp://0.0.0.0:11010"
 63              "wss://0.0.0.0:11011"
 64            ];
 65          };
 66
 67      peer1 =
 68        genPeer
 69          {
 70            virtualisation.vlans = [ 1 ];
 71          }
 72          {
 73            ipv4 = "10.144.144.2";
 74            peers = [ "tcp://192.168.1.11:11010" ];
 75          };
 76
 77      peer2 =
 78        genPeer
 79          {
 80            virtualisation.vlans = [ 2 ];
 81          }
 82          {
 83            ipv4 = "10.144.144.3";
 84            peers = [ "wss://192.168.2.11:11011" ];
 85          };
 86    };
 87
 88  testScript = ''
 89    start_all()
 90
 91    relay.wait_for_unit("easytier-default.service")
 92    peer1.wait_for_unit("easytier-default.service")
 93    peer2.wait_for_unit("easytier-default.service")
 94
 95    # relay is accessible by the other hosts
 96    peer1.succeed("ping -c5 192.168.1.11")
 97    peer2.succeed("ping -c5 192.168.2.11")
 98
 99    # The other hosts are in separate vlans
100    peer1.fail("ping -c5 192.168.2.11")
101    peer2.fail("ping -c5 192.168.1.11")
102
103    # Each host can ping themselves through EasyTier
104    relay.succeed("ping -c5 10.144.144.1")
105    peer1.succeed("ping -c5 10.144.144.2")
106    peer2.succeed("ping -c5 10.144.144.3")
107
108    # Relay is accessible by the other hosts through EasyTier
109    peer1.succeed("ping -c5 10.144.144.1")
110    peer2.succeed("ping -c5 10.144.144.1")
111
112    # Relay can access the other hosts through EasyTier
113    relay.succeed("ping -c5 10.144.144.2")
114    relay.succeed("ping -c5 10.144.144.3")
115
116    # The other hosts in separate vlans can access each other through EasyTier
117    peer1.succeed("ping -c5 10.144.144.3")
118    peer2.succeed("ping -c5 10.144.144.2")
119  '';
120}