nixos/tests/lxd-image-server.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / lxd-image-server.nix
at master 2.6 kB view raw
 1{ pkgs, lib, ... }:
 2
 3let
 4  incus-image = import ../release.nix {
 5    configuration = {
 6      # Building documentation makes the test unnecessarily take a longer time:
 7      documentation.enable = lib.mkForce false;
 8    };
 9  };
10
11  incus-image-metadata =
12    incus-image.incusContainerMeta.${pkgs.stdenv.hostPlatform.system}
13    + "/tarball/nixos-image-lxc-*-${pkgs.stdenv.hostPlatform.system}.tar.xz";
14
15  incus-image-rootfs =
16    incus-image.incusContainerImage.${pkgs.stdenv.hostPlatform.system}
17    + "/nixos-lxc-image-${pkgs.stdenv.hostPlatform.system}.squashfs";
18
19in
20{
21  name = "lxd-image-server";
22
23  meta = with pkgs.lib.maintainers; {
24    maintainers = [
25      mkg20001
26      patryk27
27    ];
28  };
29
30  nodes.machine =
31    { lib, ... }:
32    {
33      virtualisation = {
34        cores = 2;
35
36        memorySize = 2048;
37        diskSize = 4096;
38
39        incus.enable = true;
40      };
41
42      # incus requires
43      networking.nftables.enable = true;
44
45      security.pki.certificates = [
46        (builtins.readFile ./common/acme/server/ca.cert.pem)
47      ];
48
49      services.nginx = {
50        enable = true;
51      };
52
53      services.lxd-image-server = {
54        enable = true;
55        nginx = {
56          enable = true;
57          domain = "acme.test";
58        };
59      };
60
61      services.nginx.virtualHosts."acme.test" = {
62        enableACME = false;
63        sslCertificate = ./common/acme/server/acme.test.cert.pem;
64        sslCertificateKey = ./common/acme/server/acme.test.key.pem;
65      };
66
67      networking.hosts = {
68        "::1" = [ "acme.test" ];
69      };
70    };
71
72  testScript = ''
73    machine.wait_for_unit("sockets.target")
74    machine.wait_for_unit("incus.service")
75
76    machine.succeed("incus admin waitready")
77    machine.succeed("incus admin init --minimal")
78
79    machine.succeed(
80        "incus image import ${incus-image-metadata} ${incus-image-rootfs} --alias nixos"
81    )
82
83    loc = "/var/www/simplestreams/images/iats/nixos/amd64/default/v1"
84
85    with subtest("push image to server"):
86        machine.succeed("incus launch nixos test")
87        machine.sleep(5)
88        machine.succeed("incus stop -f test")
89        machine.succeed("incus publish --public test --alias=testimg")
90        machine.succeed("incus image export testimg")
91        machine.succeed("ls >&2")
92        machine.succeed("mkdir -p " + loc)
93        machine.succeed("mv *.tar.gz " + loc)
94
95    with subtest("pull image from server"):
96        machine.succeed("incus remote add img https://acme.test --protocol=simplestreams")
97        machine.succeed("incus image list img: >&2")
98  '';
99}