pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / endlessh-go.nix
at master 2.0 kB view raw
1{ lib, pkgs, ... }: 2{ 3 name = "endlessh-go"; 4 meta.maintainers = with lib.maintainers; [ azahi ]; 5 6 nodes = { 7 server = 8 { ... }: 9 { 10 services.endlessh-go = { 11 enable = true; 12 prometheus.enable = true; 13 openFirewall = true; 14 }; 15 16 specialisation = { 17 unprivileged.configuration = { 18 services.endlessh-go = { 19 port = 2222; 20 prometheus.port = 9229; 21 }; 22 }; 23 24 privileged.configuration = { 25 services.endlessh-go = { 26 port = 22; 27 prometheus.port = 92; 28 }; 29 }; 30 }; 31 }; 32 33 client = 34 { pkgs, ... }: 35 { 36 environment.systemPackages = with pkgs; [ 37 curl 38 netcat 39 ]; 40 }; 41 }; 42 43 testScript = '' 44 def activate_specialisation(name: str): 45 server.succeed(f"/run/booted-system/specialisation/{name}/bin/switch-to-configuration test >&2") 46 47 start_all() 48 49 with subtest("Unprivileged"): 50 activate_specialisation("unprivileged") 51 server.wait_for_unit("endlessh-go.service") 52 server.wait_for_open_port(2222) 53 server.wait_for_open_port(9229) 54 server.fail("curl -sSf server:9229/metrics | grep -q endlessh_client_closed_count_total") 55 client.succeed("nc -dvW5 server 2222") 56 server.succeed("curl -sSf server:9229/metrics | grep -q endlessh_client_closed_count_total") 57 client.fail("curl -sSfm 5 server:9229/metrics") 58 59 with subtest("Privileged"): 60 activate_specialisation("privileged") 61 server.wait_for_unit("endlessh-go.service") 62 server.wait_for_open_port(22) 63 server.wait_for_open_port(92) 64 server.fail("curl -sSf server:92/metrics | grep -q endlessh_client_closed_count_total") 65 client.succeed("nc -dvW5 server 22") 66 server.succeed("curl -sSf server:92/metrics | grep -q endlessh_client_closed_count_total") 67 client.fail("curl -sSfm 5 server:92/metrics") 68 ''; 69}