nixos/tests/systemd-initrd-networkd-ssh.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / systemd-initrd-networkd-ssh.nix
at master 1.7 kB view raw
 1{ lib, ... }:
 2{
 3  name = "systemd-initrd-network-ssh";
 4  meta.maintainers = [ lib.maintainers.elvishjerricco ];
 5
 6  nodes = {
 7    server =
 8      { config, pkgs, ... }:
 9      {
10        testing.initrdBackdoor = true;
11        boot.initrd.systemd.enable = true;
12        boot.initrd.systemd.contents."/etc/msg".text = "foo";
13        boot.initrd.network = {
14          enable = true;
15          ssh = {
16            enable = true;
17            authorizedKeys = [ (lib.readFile ./initrd-network-ssh/id_ed25519.pub) ];
18            port = 22;
19            hostKeys = [ ./initrd-network-ssh/ssh_host_ed25519_key ];
20          };
21        };
22      };
23
24    client =
25      { config, ... }:
26      {
27        environment.etc = {
28          knownHosts = {
29            text = lib.concatStrings [
30              "server,"
31              "${toString (lib.head (lib.splitString " " (toString (lib.elemAt (lib.splitString "\n" config.networking.extraHosts) 2))))} "
32              "${lib.readFile ./initrd-network-ssh/ssh_host_ed25519_key.pub}"
33            ];
34          };
35          sshKey = {
36            source = ./initrd-network-ssh/id_ed25519;
37            mode = "0600";
38          };
39        };
40      };
41  };
42
43  testScript = ''
44    start_all()
45
46    def ssh_is_up(_) -> bool:
47        status, _ = client.execute("nc -z server 22")
48        return status == 0
49
50    client.wait_for_unit("network.target")
51    with client.nested("waiting for SSH server to come up"):
52        retry(ssh_is_up)
53
54    msg = client.succeed(
55        "ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'cat /etc/msg'"
56    )
57    assert "foo" in msg
58
59    server.switch_root()
60    server.wait_for_unit("multi-user.target")
61  '';
62}