nixos/tests/systemd-bpf.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / systemd-bpf.nix
at master 1.4 kB view raw
 1{ lib, ... }:
 2{
 3  name = "systemd-bpf";
 4  meta = with lib.maintainers; {
 5    maintainers = [ veehaitch ];
 6  };
 7  nodes = {
 8    node1 = {
 9      virtualisation.vlans = [ 1 ];
10      networking = {
11        useNetworkd = true;
12        useDHCP = false;
13        firewall.enable = false;
14        interfaces.eth1.ipv4.addresses = [
15          {
16            address = "192.168.1.1";
17            prefixLength = 24;
18          }
19        ];
20      };
21    };
22
23    node2 = {
24      virtualisation.vlans = [ 1 ];
25      networking = {
26        useNetworkd = true;
27        useDHCP = false;
28        firewall.enable = false;
29        interfaces.eth1.ipv4.addresses = [
30          {
31            address = "192.168.1.2";
32            prefixLength = 24;
33          }
34        ];
35      };
36    };
37  };
38
39  testScript = ''
40    start_all()
41    node1.systemctl("start systemd-networkd-wait-online.service")
42    node1.wait_for_unit("systemd-networkd-wait-online.service")
43    node2.systemctl("start systemd-networkd-wait-online.service")
44    node2.wait_for_unit("systemd-networkd-wait-online.service")
45
46    with subtest("test RestrictNetworkInterfaces= works"):
47      node1.succeed("ping -c 5 192.168.1.2")
48      node1.succeed("systemd-run -t -p RestrictNetworkInterfaces='eth1' ping -c 5 192.168.1.2")
49      node1.fail("systemd-run -t -p RestrictNetworkInterfaces='lo' ping -c 5 192.168.1.2")
50  '';
51}