pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / nix-serve-ssh.nix
at master 1.4 kB view raw
1{ pkgs, lib, ... }: 2let 3 inherit (import ./ssh-keys.nix pkgs) 4 snakeOilPrivateKey 5 snakeOilPublicKey 6 ; 7 ssh-config = builtins.toFile "ssh.conf" '' 8 UserKnownHostsFile=/dev/null 9 StrictHostKeyChecking=no 10 ''; 11in 12{ 13 name = "nix-ssh-serve"; 14 meta.maintainers = [ lib.maintainers.shlevy ]; 15 nodes = { 16 server.nix.sshServe = { 17 enable = true; 18 keys = [ snakeOilPublicKey ]; 19 protocol = "ssh-ng"; 20 }; 21 server.nix.package = pkgs.nix; 22 client.nix.package = pkgs.nix; 23 }; 24 testScript = '' 25 start_all() 26 27 client.succeed("mkdir -m 700 /root/.ssh") 28 client.succeed( 29 "cat ${ssh-config} > /root/.ssh/config" 30 ) 31 client.succeed( 32 "cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa" 33 ) 34 client.succeed("chmod 600 /root/.ssh/id_ecdsa") 35 36 client.succeed("nix-store --add /etc/machine-id > mach-id-path") 37 38 server.wait_for_unit("sshd") 39 40 client.fail("diff /root/other-store$(cat mach-id-path) /etc/machine-id") 41 # Currently due to shared store this is a noop :( 42 client.succeed("nix copy --experimental-features 'nix-command' --to ssh-ng://nix-ssh@server $(cat mach-id-path)") 43 client.succeed( 44 "nix-store --realise $(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh@server" 45 ) 46 client.succeed("diff /root/other-store$(cat mach-id-path) /etc/machine-id") 47 ''; 48}