nixos/tests/systemd-initrd-credentials.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / systemd-initrd-credentials.nix

at master 822 B view raw

 1{ lib, pkgs, ... }:
 2{
 3  name = "systemd-initrd-credentials";
 4
 5  nodes.machine =
 6    { pkgs, ... }:
 7    {
 8      virtualisation = {
 9        qemu.options = [
10          "-smbios type=11,value=io.systemd.credential:cred-smbios=secret-smbios"
11        ];
12      };
13
14      boot.initrd.availableKernelModules = [ "dmi_sysfs" ];
15
16      boot.kernelParams = [ "systemd.set_credential=cred-cmdline:secret-cmdline" ];
17
18      boot.initrd.systemd = {
19        enable = true;
20      };
21    };
22
23  testScript = ''
24    machine.wait_for_unit("multi-user.target")
25
26    # Check credential passed via kernel command line
27    assert "secret-cmdline" in machine.succeed("systemd-creds --system cat cred-cmdline")
28
29    # Check credential passed via SMBIOS
30    assert "secret-smbios" in machine.succeed("systemd-creds --system cat cred-smbios")
31  '';
32}